Security architecture based on defense in depth for Cloud Computing environment

Abstract

Cloud Computing constitutes an emerging computing paradigm consisting of elements of grid computing, utility computing and software-defined networks. The aggregation of these technologies offers a new environment for the deployment of services. Cloud computing environment provides capabilities which are unique covering the existing and future needs of organizations and companies. Moreover, this environment supports big data applications usually forming the core elements of research projects. Therefore cloud computing technology and big data are linked to each other. However, the capabilities of cloud computing environment create challenges concerning the security of data applications and its systems. In this respect, security issues are present on big data applications. By adopting the cloud computing environment, the provider has to incorporate security systems and policies in its infrastructure in order to mitigate the security threats. In this paper, multilayered security architecture is defined based on defense in depth. In this architecture the cloud infrastructure is divided into defense zones to achieve better security control. Additionally, intrusion detection system (IDS), honeypots and firewalls are incorporated alongside the defense mechanisms of the cloud infrastructure. In this way, a secure architecture is applied in which the end service is provided uninterrupted, while control over the level of security is maintained.