Abstract
Cloud Computing has been envisioned as the next generation architecture and one of the fastest growing segments of the IT enterprises. No matter how much investment is made in cloud intrusion detection and prevention, cloud infrastructure remains vulnerable to attacks. Intrusion Tolerance in Cloud Computing is a fault tolerant design approach to defend cloud infrastructure against malicious attacks. Thus to ensure dependability we present a framework by mapping available Malicious and Accidental Fault Tolerance for Internet Applications (MAFTIA) intrusion tolerance framework for dependencies such as availability, authenticity, reliability, integrity, maintainability and safety against new Cloud Computing environment. The proposed framework has been validated by integrating Intrusion Tolerance via Threshold Cryptography (ITTC) mechanism in the simulated cloud environment. Performance analysis of the proposed framework is also done.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Avizienis, A., Laprie, J.C., Randell, B., Landwehr, C.: Basic Concepts and Taxonomy of Dependable and Secure Computing. IEEE Trans., Dependable and Secure Computing 1(1), 11–33 (2004)
Shamir, A.: How to share a secret. Comm. of the ACM 22, 612–613 (1979)
Saidane, A., Nicomette, V., Deswarte, Y.: The Design of a Generic Intrusion-Tolerant Architecture for Web Servers. IEEE Trans. 6, 45–58 (2009)
Powell, D., Stroud, R.: Malicious-and Accidental-Fault Tolerance for Internet Applications: Conceptual Model and Architecture. Technical Report 03011, Project IST-1999-11583 MAFTIA, Deliverable D21, LAAS-CNRS (January 2003)
Ramasamy, H.V., Agbaria, A., Sanders, W.H.: CoBFIT: A Component-Based Framework for Intrusion Tolerance. In: 30th EUROMICRO Conference (EUROMICRO 2004), pp. 591–600 (2004)
Information Technology Infrastructure Library, http://www.itil-officialsite.com/home/
Intrusion Tolerance via Threshold Cryptography, http://crypto.stanford.edu/~dabo/ITTC/
Reynolds, J.C., Just, J., Clough, L., Maglich, R.: On-Line Intrusion Detection and Attack Prevention Using Diversity, Generate-and-Test, and Generalization. In: HICSS 2003, Track -9, vol. 9 (2003)
Pal, P., Schantz, R., Atighetchi, M., Loyall, J.: What Next in Intrusion Tolerance. BBN Technologies, Cambridge
Popovic, K., Hocenski, Z.: Cloud computing security issues and challenges. In: IEEE Trans. MIPRO, 2010 Proceedings of the 33rd International Convention, pp. 344–349 (May 2010)
Proposed Security Assessment and Authorization for U.S. Government Cloud Computing (November 2010), http://www.govinfosecurity.com/
Buyya, R., Ranjan, R., Calheiros, R.N.: Modeling and Simulation of Scalable Cloud Computing Environments and the CloudSim Toolkit: Challenges and Opportunities. University of Melbourne, Australia (July 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Karande, V.M., Pais, A.R. (2011). A Framework for Intrusion Tolerance in Cloud Computing. In: Abraham, A., Mauri, J.L., Buford, J.F., Suzuki, J., Thampi, S.M. (eds) Advances in Computing and Communications. ACC 2011. Communications in Computer and Information Science, vol 193. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22726-4_41
Download citation
DOI: https://doi.org/10.1007/978-3-642-22726-4_41
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22725-7
Online ISBN: 978-3-642-22726-4
eBook Packages: Computer ScienceComputer Science (R0)