ATMOSPHERE平台内云应用的自适应安全方法

Anais do XIX Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2019) Pub Date : 1900-01-01 DOI:10.5753/sbseg.2019.13988

Jorge Da Silva, A. Braga, C. M. F. Rubira, R. Dahab

{"title":"ATMOSPHERE平台内云应用的自适应安全方法","authors":"Jorge Da Silva, A. Braga, C. M. F. Rubira, R. Dahab","doi":"10.5753/sbseg.2019.13988","DOIUrl":null,"url":null,"abstract":"Self-protecting systems can reduce response time to known attacks by automating decision-making processes in security operations. This paper briefly describes the ATMOSPHERE platform for monitoring and enforcement of trustworthiness in cloud systems, as well as proposes a way to enhance its Trustworthiness Monitoring & Assessment framework (responsible for analyzing and planning adaptation actions) in order to instantiate the concept of adaptive security for self-protecting cloud infrastructures and applications. The paper approaches adaptive security based upon adaptive Web Application Firewalls, and enhances a software-based, feedback control loop (named MAPE-K) for monitoring and analysis of security events, as well as the planning and execution of adaptation actions for securing cloud applications. This is a work in progress, currently under development, to be integrated to ATMOSPHERE's framework.","PeriodicalId":221963,"journal":{"name":"Anais do XIX Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2019)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An Approach for Adaptive Security of Cloud Applications within the ATMOSPHERE Platform\",\"authors\":\"Jorge Da Silva, A. Braga, C. M. F. Rubira, R. Dahab\",\"doi\":\"10.5753/sbseg.2019.13988\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Self-protecting systems can reduce response time to known attacks by automating decision-making processes in security operations. This paper briefly describes the ATMOSPHERE platform for monitoring and enforcement of trustworthiness in cloud systems, as well as proposes a way to enhance its Trustworthiness Monitoring & Assessment framework (responsible for analyzing and planning adaptation actions) in order to instantiate the concept of adaptive security for self-protecting cloud infrastructures and applications. The paper approaches adaptive security based upon adaptive Web Application Firewalls, and enhances a software-based, feedback control loop (named MAPE-K) for monitoring and analysis of security events, as well as the planning and execution of adaptation actions for securing cloud applications. This is a work in progress, currently under development, to be integrated to ATMOSPHERE's framework.\",\"PeriodicalId\":221963,\"journal\":{\"name\":\"Anais do XIX Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2019)\",\"volume\":\"7 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Anais do XIX Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2019)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.5753/sbseg.2019.13988\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Anais do XIX Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2019)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5753/sbseg.2019.13988","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

自我保护系统可以通过自动化安全操作中的决策过程来减少对已知攻击的响应时间。本文简要介绍了用于云系统可信度监测和执行的ATMOSPHERE平台，并提出了一种增强其可信度监测和评估框架(负责分析和规划适应行动)的方法，以实例化自适应安全的概念，用于自我保护云基础设施和应用程序。本文采用基于自适应Web应用防火墙的自适应安全方法，并增强了一个基于软件的反馈控制回路(名为MAPE-K)，用于监控和分析安全事件，以及规划和执行保护云应用程序的自适应行动。这是一项正在进行的工作，目前正在开发中，将纳入大气层的框架。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An Approach for Adaptive Security of Cloud Applications within the ATMOSPHERE Platform

Self-protecting systems can reduce response time to known attacks by automating decision-making processes in security operations. This paper briefly describes the ATMOSPHERE platform for monitoring and enforcement of trustworthiness in cloud systems, as well as proposes a way to enhance its Trustworthiness Monitoring & Assessment framework (responsible for analyzing and planning adaptation actions) in order to instantiate the concept of adaptive security for self-protecting cloud infrastructures and applications. The paper approaches adaptive security based upon adaptive Web Application Firewalls, and enhances a software-based, feedback control loop (named MAPE-K) for monitoring and analysis of security events, as well as the planning and execution of adaptation actions for securing cloud applications. This is a work in progress, currently under development, to be integrated to ATMOSPHERE's framework.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Anais do XIX Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2019)

自引率

0.00%

发文量