To main content

Handling Compromised Components in an IaaS Cloud Installation

Abstract

This paper presents an approach to handle compromised components in the OpenStack Infrastructure-as-a-Service cloud environment. We present two specific use cases; a compromised service process and the introduction of a bogus component, and we describe several approaches for containment, eradication and recovery after an incident. Our experiments show that traditional incident handling procedures are applicable for cloud computing, but need some modification to function optimally.

Category

Academic article

Language

English

Author(s)

Affiliation

  • SINTEF Digital / Software Engineering, Safety and Security
  • Uninett AS

Year

2012

Published in

Journal of Cloud Computing

Volume

1

View this publication at Norwegian Research Information Repository