Skip to main content
SpringerLink
Log in
Book cover

Secure Cloud Computing pp 239–259Cite as

Securing Mission-Centric Operations in the Cloud

  • Chapter
  • First Online:

Abstract

Recent years have seen a growing interest in the use of Cloud Computing facilities to execute critical missions. However, due to their inherent complexity, most Cloud Computing services are vulnerable to multiple types of cyber-attacks and prone to a number of failures. Current solutions focus either on the infrastructure itself or on mission analysis, but fail to consider the complex interdependencies between system components, vulnerabilities, failures, and mission tasks. In this chapter, we propose a different approach, and present a solution for deploying missions in the cloud in a way that minimizes a mission’s exposure to vulnerabilities by taking into account available information about vulnerabilities and dependencies. We model the mission deployment problem as a task allocation problem, subject to various dependability constraints, and propose a solution based on the A algorithm for searching the solution space. Additionally, in order to provide missions with further availability and fault tolerance guarantees, we propose a cost-effective approach to harden the set of computational resources that have been selected for executing a given mission. Finally, we consider offering fault tolerance as a service to users in need of deploying missions in the Cloud. This approach allows missions to obtain required fault tolerance guarantees from a third party in a transparent manner.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   119.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    http://aws.amazon.com/ec2/

References

  1. P. Samarati and S. De Capitani di Vimercati, “Data protection in outsourcing scenarios: Issues and directions,” in Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2010), Beijing, China, April 2010, pp. 1–14.

    Google Scholar 

  2. M. Albanese, S. Jajodia, and S. Noel, “Time-efficient and cost-effective network hardening using attack graphs,” in Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), Boston, MA, USA, June 2012.

    Google Scholar 

  3. V. Mehta, C. Bartzis, H. Zhu, E. Clarke, and J. Wing, “Ranking attack graphs,” in Proceedings of the 9th International Symposium On Recent Advances In Intrusion Detection (RAID 2006), ser. Lecture Notes in Computer Science, vol. 4219, Hamburg, Germany, September 2006, pp. 127–144.

    Google Scholar 

  4. P. K. Manadhata and J. M. Wing, “An attack surface metric,” IEEE Transactions on Software Engineering, vol. 37, no. 3, pp. 371–386, May 2011.

    Article  Google Scholar 

  5. G. Jakobson, “Mission cyber security situation assessment using impact dependency graphs,” in Proceedings of the 14th International Conference on Information Fusion (FUSION), Chicago, IL, USA, July 2011.

    Google Scholar 

  6. K. V. Vishwanath and N. Nagappan, “Characterizing cloud computing hardware reliability,” in Proceedings of the 1st ACM Symposium on Cloud Computing, Indianapolis, IN, USA, 2010, pp. 93–204.

    Google Scholar 

  7. P. Gill, N. Jain, and N. Nagappan, “Understanding network failures in data centers: Measurement, analysis, and implications,” in Proceedings of the ACM SIGCOMM 2011, Toronto, ON, Canada, August 2011, pp. 350–361.

    Google Scholar 

  8. R. Jhawar and V. Piuri, “Fault tolerance management in iaas clouds,” in Proceedings of the IEEE First AESS European Conference on Satellite Telecommunications (ESTEL 2012), Rome, Italy, October 2012.

    Google Scholar 

  9. D. S. Kim, F. Machida, and K. S. Trivedi, “Availability modeling and analysis of a virtualized system,” in Proceedings of the 15th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2009), Shanghai, China, November 2009, pp. 365–371.

    Google Scholar 

  10. M. Albanese, S. Jajodia, R. Jhawar, and V. Piuri, “Reliable mission deployment in vulnerable distributed systems,” in Proceedings of the 43rd IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W 2013), Budapest, Hungary, June 2013.

    Google Scholar 

  11. M. Balduzzi, J. Zaddach, D. Balzarotti, E. Kirda, and S. Loureiro, “A security analysis of amazon’s elastic compute cloud service,” in Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC 2012), 2012, pp. 1427–1434.

    Google Scholar 

  12. R. Jhawar, V. Piuri, and M. Santambrogio, “Fault tolerance management in cloud computing: A system-level perspective,” IEEE Systems Journal, vol. 7, no. 2, pp. 288–297, June 2012.

    Article  Google Scholar 

  13. B. Cully, G. Lefebvre, D. Meyer, M. Feeley, N. Hutchinson, and A. Warfield, “Remus: High availability via asynchronous virtual machine replication,” in Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2008). San Francisco, CA, USA: USENIX Association, 2008, pp. 161–174.

    Google Scholar 

  14. W. E. Smith, K. S. Trivedi, L. A. Tomek, and J. Ackaret, “Availability analysis of blade server systems,” IBM Systems Journal, vol. 47, no. 4, pp. 621–640, 2008.

    Article  Google Scholar 

  15. A. Undheim, A. Chilwan, and P. Heegaard, “Differentiated availability in cloud computing slas,” in Proceedings of the 12th IEEE/ACM International Conference on Grid Computing (GRID 2011), Lyon, France, September 2011, pp. 129–136.

    Google Scholar 

  16. R. Jhawar, V. Piuri, and P. Samarati, “Supporting security requirements for resource management in cloud computing,” in Proceedings of the 15th IEEE International Conference on Computational Science and Engineering (CSE 2012), Paphos, Cyprus, December 2012, pp. 170–177.

    Google Scholar 

Download references

Acknowledgements

The work presented in this chapter has been supported in part by the Office of Naval Research under award number N00014-12-1-0461, by Italian Ministry of Research within PRIN project “GenData 2020” (2010RTFWBH), and by the European Union under Integrated Project FP7-SEC-2012-312797 ABC gates for Europe.

Author information

Authors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030-4422, USA

    Massimiliano Albanese & Sushil Jajodia

  2. Department of Computer Science, Università degli Studi di Milano, Crema, Italy

    Ravi Jhawar & Vincenzo Piuri

Authors
  1. Massimiliano Albanese
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sushil Jajodia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ravi Jhawar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Vincenzo Piuri
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Massimiliano Albanese .

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, Virginia, USA

    Sushil Jajodia

  2. Center for Secure Information Systems, George Mason University, Fairfax, Virginia, USA

    Krishna Kant

  3. University of Milan, Crema, Italy

    Pierangela Samarati

  4. Computer Security Division, National Institute of Standards and Technology (NIST), Gaithersburg, Maryland, USA

    Anoop Singhal

  5. The MITRE Corporation, McLean, Virginia, USA

    Vipin Swarup

  6. Computing and Information Science Division, Information Sciences Directorate, Triangle Park, North Carolina, USA

    Cliff Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer Science+Business Media New York

About this chapter

Cite this chapter

Albanese, M., Jajodia, S., Jhawar, R., Piuri, V. (2014). Securing Mission-Centric Operations in the Cloud. In: Jajodia, S., Kant, K., Samarati, P., Singhal, A., Swarup, V., Wang, C. (eds) Secure Cloud Computing. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-9278-8_11

Download citation

  • DOI: https://doi.org/10.1007/978-1-4614-9278-8_11

  • Published:

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-1-4614-9277-1

  • Online ISBN: 978-1-4614-9278-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation