Frank Doelitzscher

Private cloud for collaboration and e-Learning services: from IaaS to SaaS

The idea behind cloud computing is to deliver Infrastructure-, Platform- and Software-as-a-Service (IaaS, PaaS and SaaS) over the Internet on an easy pay-per-use business model. The Hochschule Furtwangen University (HFU) is running their own private cloud infrastructure, called Cloud Infrastructure and Application CloudIA. The targeted users of the CloudIA project are HFU staff and students running e-Learning applications, and external people for collaboration purposes. Therefore, in this paper, we introduce our work in building a private cloud. More specifically, this paper shows how our cloud offerings in each of the cloud service models, i.e. IaaS, PaaS and SaaS, address the requirements and needs of e-Learning and collaboration in an university environment.

ViteraaS: Virtual Cluster as a Service

The idea behind cloud computing is to deliver Infrastructure-, Platform- and Software-as-a-Service (IaaS, PaaS and SaaS) over the network on an easy pay-per-use business model. In this paper, we present our work, Virtual Cluster as a Service (ViteraaS), that provides on-demand high performance computing for research projects, and e-Learning and teaching purposes in a private cloud. Moreover, ViteraaS can be extended to use Amazons public cloud infrastructure as needed. ViteraaS can be categorized as PaaS that leverages Open Nebula, a virtual infrastructure manager, to dynamically create a cluster of virtual machines (VMs) on idle resources or dedicated servers. In addition, ViteraaS is integrated within the universitys existing IT infrastructure like Single Sign-On for seamless authentication and authorization. Finally, a Quality of Service monitoring module is used by ViteraaS to monitor the performance and status of these VMs.

An agent based business aware incident detection system for cloud environments

AbstractClassic intrusion detection mechanisms are not flexible enough to cope with cloud specific characteristics such as frequent infrastructure changes. This makes them unable to address new cloud specific security issues. In this paper we introduce the cloud incident detection system Security Audit as a Service (SAaaS). It is built upon intelligent autonomous agents, which are aware of underlying business driven intercommunication of cloud services. This enables the presented SAaaS architecture to be flexible and to supported cross customer event monitoring within a cloud infrastructure. A contribution of this paper it to provide a high-level design of the SAaaS architecture, an introduction into the proposed Security Business Flow Language (SBFL), a first prototype of an autonomous agent and an evaluation about, which cloud specific security problems are addressed by the presented architecture. It is shown that autonomous agents and behaviour analysis are fertile approaches to detect cloud specific security problems and can create a cloud audit system.

Designing Cloud Services Adhering to Government Privacy Laws

Cloud computing delivers on-demand services with ???exibility and scalability on a simple pay-per-use basis. However, major concerns regarding to security and privacy hinder a broad adoption by users, especially small- and medium-sized enterprises (SMEs). This is because existing guidelines, IT standards and laws on security and privacy do not take virtual environments into account. Thus, they present a significant challenge for cloud providers to comply with. As a result, the cloud providers are unable to provide SMEs with an assurance. In order to address these privacy and security issues, this paper presents the Cloud Data Security (CloudDataSec) project that aims to design cloud services adhering to government privacy laws. In particular, this paper introduces a six-layer security model for cloud computing and three level of security assurance for SMEs to take advantage of. Finally, Security Management as a Service (SMaaS) modules, as proposed in this paper, enable users to apply necessary security and privacy operations, based on the sensitivity of their data.

Cloud Infrastructure & Applications --- CloudIA

The idea behind Cloud Computing is to deliver Infrastructure-as-a-Services and Software-as-a-Service over the Internet on an easy pay-per-use business model. To harness the potentials of Cloud Computing for e-Learning and research purposes, and to small- and medium-sized enterprises, the Hochschule Furtwangen University establishes a new project, called Cloud Infrastructure & Applications (CloudIA). The CloudIA project is a market-oriented cloud infrastructure that leverages different virtualization technologies, by supporting Service-Level Agreements for various service offerings. This paper describes the CloudIA project in details and mentions our early experiences in building a private cloud using an existing infrastructure.

Validating Cloud Infrastructure Changes by Cloud Audits

One characteristic of a cloud computing infrastructure are their frequently changing virtual infrastructure. New Virtual Machines (VMs) get deployed, existing VMs migrate to a different host or network segment and VMs vanish since they get deleted by their user. Classic incidence monitoring mechanisms are not flexible enough to cope with cloud specific characteristics such as frequent infrastructure changes. In this paper we present a prototype demonstration of the Security Audit as a Service (SAaaS) architecture, a cloud audit system which aims to increase trust in cloud infrastructures by introducing more transparency to user and cloud provider on what is happening in the cloud. Especially in the event of a changing infrastructure the demonstration shows, how autonomous agents detect this change, automatically reevaluate the security status of the cloud and inform the user through an audit report.

An Autonomous Agent Based Incident Detection System for Cloud Environments

Classic intrusion detection mechanisms are not flexible enough to cope with cloud specific characteristics such as frequent infrastructure changes. This makes them unable to address new cloud specific security issues. In this paper we introduce the cloud incident detection system Security Audit as a Service (SAaaS). It is build upon intelligent autonomous agents, which are aware of underlying business flows of deployed cloud instances. Business flows are modelled in form of Security Service Level Agreements, which enable the SAaaS architecture to be flexible and to supported cross customer event monitoring of a cloud infrastructure. As contribution of this paper we provide a high-level design of the SAaaS architecture, an introduction into the concept of Security Service Level Agreements, a first prototype of an autonomous agent and an evaluation about, which cloud specific security problems are addressed by the presented architecture.

Understanding Cloud Audits

Audits of IT infrastructures can mitigate security problems and establish trust in a provider’s infrastructure and processes. Cloud environments especially lack trust due to non-transparent architectures and missing security and privacy measures taken by a provider. But traditional audits do not cover cloud computing-specific security. To provide a secure and trustable cloud environment, audit tasks need to have knowledge about their environment and cloud-specific characteristics. Furthermore, they need to be automated whenever possible to be able to run on a regular basis and immediately if a certain infrastructure event takes place, like deployment of a new cloud instance. In this chapter, research about cloud-specific security problems and cloud audits gets presented. An analysis about how traditional audits need to change to address cloud-specific attributes is given. Additionally, the agent-based “Security Audit as a Service” architecture gets presented as a solution to the identified problems.