Currently an increasing number of customers require cloud services with guaranteed security levels. At this aim, the adoption of multi-cloud strategies is spreading in a large number of interesting application domains, since they may potentially improve security and reduce development costs. However, the problem of identifying the optimal distribution of the components of a cloud application on resources belonging to multiple and heterogeneous providers is very challenging, especially in the presence of different security and performance constraints. This paper presents a novel security-driven approach for the design, development and deployment of multi-cloud applications. It is based on a fully-automatable process that supports the developer from the elicitation of the application requirements up to the identification of the optimal deployment configuration, allowing to find the best compromise between overall cost and achieved level of security. The proposed optimization process takes explicitly into account two critical aspects that are often overlooked in similar approaches, namely the cloud on-demand leasing model for the allocation of resources and the impact that the deployment has on the security policies actually implemented by a complex application.

Security-by-design in multi-cloud applications: An optimization approach

Rak, Massimiliano;
2018

Abstract

Currently an increasing number of customers require cloud services with guaranteed security levels. At this aim, the adoption of multi-cloud strategies is spreading in a large number of interesting application domains, since they may potentially improve security and reduce development costs. However, the problem of identifying the optimal distribution of the components of a cloud application on resources belonging to multiple and heterogeneous providers is very challenging, especially in the presence of different security and performance constraints. This paper presents a novel security-driven approach for the design, development and deployment of multi-cloud applications. It is based on a fully-automatable process that supports the developer from the elicitation of the application requirements up to the identification of the optimal deployment configuration, allowing to find the best compromise between overall cost and achieved level of security. The proposed optimization process takes explicitly into account two critical aspects that are often overlooked in similar approaches, namely the cloud on-demand leasing model for the allocation of resources and the impact that the deployment has on the security policies actually implemented by a complex application.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11591/392540
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 21
  • ???jsp.display-item.citation.isi??? 15
social impact