Intrusion Tolerance in Cloud Applications: The mOSAIC Approach

Abstract

Cloud Computing is a recognized emerging solution for building Internet applications, which founds on delegation of every kind of resources to the network and on a pay-per-use business model. Cloud application, which runs consuming Cloud resources offered by Cloud Providers, offers open interfaces to their users, which access them from Internet and are often prone to Denial of Services attacks. This work focuses on the mosaic approach for development of Cloud applications, which offers a solution for gathering resources from many different providers. It shows how it is possible to enrich the mosaic platform with tools that, in a simple and transparent way, protect mosaic Cloud application from some well known Denial of Services attacks. The paper focuses on a single kind of attacks, called Deeply-Nested XML, in order to show the proposed approach and offer some preliminary results, which demonstrate the validity of the solution proposed.