• English
  • Deutsch
  • Log In
    Password Login
    Research Outputs
    Fundings & Projects
    Researchers
    Institutes
    Statistics
Repository logo
Fraunhofer-Gesellschaft
  1. Home
  2. Fraunhofer-Gesellschaft
  3. Konferenzschrift
  4. Enhancing cloud security with context-aware usage control policies
 
  • Details
  • Full
Options
2014
Conference Paper
Title

Enhancing cloud security with context-aware usage control policies

Abstract
Cloud environments strongly rely on virtualization infrastructure that provides virtual resources by abstracting from the physical hardware. Thus, cloud providers can cost-efficiently share physical hardware among multiple tenants, and a single virtual resource may span multiple physical resources at different geo-locations. From a tenant's perspective, the uncertainty about location and context of virtual resources is a potential security threat. For instance, tenants may want to enforce geo-fencing to prevent their applications and data from migrating to undesirable jurisdictions, untrusted co-tenants, or dubious locations. They may also want to ensure that certain virtual resources share (or expressly do not share) a common physical resource, for example, to improve fault tolerance or performance. To tackle these problems, we suggest a flexible policy decision and enforcement framework for enabling usage control in cloud environments. In support of this framework, we collect additional information from the cloud environment to enforce context-aware and therefore more fine-grained usage control policies. Our solution offers flexible controls for secure and resilient cloud management. The paper presents our policy enforcement framework IND²UCE and its extension to enable context-ware policy enforcement on an exemplary cloud infrastructure using VMware products.
Author(s)
Jung, Christian  
Eitel, Andreas  orcid-logo
Schwarz, Reinhard  
Mainwork
Informatik 2014. Big Data - Komplexität meistern. CD-ROM  
Conference
Gesellschaft für Informatik (Jahrestagung) 2014  
Link
Link
Language
English
Fraunhofer-Institut für Experimentelles Software Engineering IESE  
Keyword(s)
  • security

  • security policy

  • data usage control

  • usage control

  • usage control security

  • KoSiUX

  • policy enforcement

  • cloud security

  • IND²UCE

  • SECCRIT

  • Cookie settings
  • Imprint
  • Privacy policy
  • Api
  • Contact
© 2024