An Approach for Adaptive Security of Cloud Applications within the ATMOSPHERE Platform

Abstract

Self-protecting systems can reduce response time to known attacks by automating decision-making processes in security operations. This paper briefly describes the ATMOSPHERE platform for monitoring and enforcement of trustworthiness in cloud systems, as well as proposes a way to enhance its Trustworthiness Monitoring & Assessment framework (responsible for analyzing and planning adaptation actions) in order to instantiate the concept of adaptive security for self-protecting cloud infrastructures and applications. The paper approaches adaptive security based upon adaptive Web Application Firewalls, and enhances a software-based, feedback control loop (named MAPE-K) for monitoring and analysis of security events, as well as the planning and execution of adaptation actions for securing cloud applications. This is a work in progress, currently under development, to be integrated to ATMOSPHERE's framework.