Reactive and Adaptive Security Monitoring in Cloud Computing

Abstract

Cloud computing enabled service-level agreements (SLAs) to gain widespread use among information systems stakeholders. It is now normal for performance and availability of such systems to be carefully measured and evaluated. Contracts that include financial penalties in case of breach are now common. However security is lagging behind this trend; it is as important to stakeholders as performance and availability, but is generally not included in the scope of service-level agreements between stakeholders, and handled instead on a best-effort basis, without any transparency nor SLA with their clients. One reason for this is the difficulty of objectively measuring security. Indeed, the actual security level of a system is dependent on a wide range of factors, some intrinsic to the system - such as a design or implementation mistake resulting in a vulnerability - and some extrinsic to it. For instance, an external event such as the publication of a vulnerability in an open-source software dependency or a change of political context in a country can widely impact the risks faced by an information system even if no actual change were made to the system. These factors are even more numerous in multi-tenant cloud infrastructures because of the sheer number of actors involved - and their sometimes conflicting incentives - and opportunities for both attack and defense at scale. Security monitoring aims to detect and react to attacks in real time; Reactive security monitoring intends to take external events into account while doing so. Improving the accuracy of a system's overall security assessment can help transitioning security to a SLA paradigm and enable better transparency for all stakeholders.