TRONE: Trustworthy and Resilient Operations in a Network Environment
Authors
António Casimiro Costa
Paula Verissimo
Diego Kreutz
Filipe Araujo
Raul Barbosa
Samuel Neves
Bruno Sousa
Marilia Curado
Carlos Silva
Rajeev Gandhi
Priya Narasimhan
Paula Verissimo
Diego Kreutz
Filipe Araujo
Raul Barbosa
Samuel Neves
Bruno Sousa
Marilia Curado
Carlos Silva
Rajeev Gandhi
Priya Narasimhan
Abstract
Cloud infrastructures play an increasingly important role for telecom operators, because they enable internal consolidation of resources with the corresponding savings in hardware and management costs. However, this same consolidation exposes core services of the infrastructure to very disruptive attacks. This is indeed the case with monitoring, which needs to be dependable and secure to ensure proper operation of large datacenters and cloud infrastructures. We argue that currently existing centralized monitoring approaches (e.g., relying on a single solution provider, using single point of failure components) represent a huge risk, because a single vulnerability may compromise the entire monitoring infrastructure.In this paper, we describe the TRONE approach to trustworthy monitoring, which relies on multiple components to achieve increased levels of reliance on the monitoring data and hence increased trustworthiness. In particular, we focus on the TRONE framework for event dissemination, on security-oriented diagnosis based on collected events and on fast network adaptation in critical situations based on multi-homing application support.
To validate our work, we will deploy and demonstrate our solutions in a live environment provided by Portugal Telecom.
Keywords
Cloud Computing, Trustworthy Monitoring, Intrusion Tolerance, Root-Cause AnalysisSubject
Cloud, MonitoringRelated Project
TRONE: Trustworthy and Resilient Operations in a Network Environment (CMU-PT/RNQ/0015/2009)Conference
The Second International Workshop on Dependability of Clouds, Data Centers and Virtual Machine Technology (DCDV 2012). Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DCDV 2012), June 2012PDF File
Cited by
Year 2014 : 2 citations
J Jang-Jaccard, S Nepal, A survey of emerging threats in cybersecurity, Journal of Computer and System Sciences, 2014
B Sousa, K Pentikousis, M Curado, MeTHODICAL: Towards the next generation of multihomed applications, Computer Networks, 2014
Year 2013 : 1 citations
B Sousa, R Santos, M Curado, S Pertet, Expedient reconfiguration in the cloud, Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), 2013 IEEE 18th International Workshop on.