Mitigating Cloud Computing Security Risks Using a Self-Monitoring Defensive Scheme

摘要

Cloud Computing (CC) promises to offer seamless provisioning of on- demand services and data through the network. These services are made discoverable to the user in the form of simple abstractions via virtualized resources. These services offer unprecedented dynamic, primarily hardware dependent, scalability. Although CC promises to make life much easier for the user, it comes with significant security issues. Because on-demand service provisioning for applications and data will be used by hundreds of thousands (if not millions) of users simultaneously, a successful intrusion would not only expose sensitive data, but it could also completely cut users off from both applications and/or data. This paper examines the underlying security risks inherent to the CC paradigm, compares approaches to mitigate known security risks, and offers a solution that leverages intelligent multi-agent systems and network data ontologies to provide automated defense for both known and unknown malware security risks. We describe a mechanism whereby a dynamic ontology can be self-enriched over time to provide for some protection against unknown security risks.