Toggle Main Menu Toggle Search

ePrints

Using Diversity in Cloud-Based Deployment Environment to Avoid Intrusions

Lookup NU author(s): Dr Anatoliy Gorbenko, Professor Alexander Romanovsky

Downloads


Abstract

This paper puts forward a generic intrusion-avoidance architecture to be used for deploying web services on the cloud. The architecture, targeting the IaaS cloud providers, avoids intrusions by employing software diversity at various system levels and dynamically reconfiguring the cloud deployment environment. The paper studies intrusions caused by vulnerabilities of system software and discusses an approach allowing the system architects to decrease the risk of intrusions. This solution will also reduce the so-called system’s days-of-risk which is calculated as a time period of an increased security risk between the time when a vulnerability is publicly disclosed to the time when a patch is available to fix it.


Publication metadata

Author(s): Gorbenko A, Kharchenko V, Tarasyuk O, Romanovsky A

Editor(s): Troubitsyna, E;

Publication type: Conference Proceedings (inc. Abstract)

Conference Name: Third International Workshop on Software Engineering for Resilient Systems (SERENE)

Year of Conference: 2011

Pages: 145-155

Publisher: Springer

URL: http://dx.doi.org/10.1007/978-3-642-24124-6_14

DOI: 10.1007/978-3-642-24124-6_14

Library holdings: Search Newcastle University Library for this item

Series Title: Lecture Notes in Computer Science

ISBN: 9783642241239


Actions

Link to this publication


Share