Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cloud Security Automation Framework

Published

Author(s)

Cihan Tunc, Salim hariri, Mheni Merzouki, Charif Mahmoudi, Frederic J. de Vaulx, Jaafar Chbili, Robert B. Bohn, Abdella Battou

Abstract

Cloud services have gained tremendous attention as a utility paradigm and have been deployed extensively across a wide range of fields. However, Cloud security is not catching up to the fast adoption of its services and remains one of the biggest challenges for Cloud Service Providers (CSPs) and Cloud Service Consumers from the industry, government and academia. These institutions are increasingly faced with threats affecting the confidentiality, integrity and availability of the cloud resources such as DoS/DDoS attacks, ransomware attacks, and data breaches to name a few. In the current cloud systems, security requires manual translation of security requirements into controls. Such an approach can be for the most part labor intensive, tedious and error-prone leading to inevitable misconfigurations rendering the system at hand vulnerable to misuse be it malicious or unintentional. Therefore, it is of utmost importance to automate the configuration of the cloud systems per the client's security requirements steering clear from the caveats of the manual approach. Furthermore, cloud systems need to be continuously monitored for any misconfiguration, and therefore lack of the required security controls. In this paper, we present a methodology allowing for cloud security automation and demonstrate how a cloud environment can be automatically configured to implement the required NIST SP 800-53 security controls. Also, we show how the implementation of these controls in the cloud systems can be continuously monitored and validated.
Proceedings Title
The IEEE Workshop on Automation of Cloud Configuration and Operations
Conference Dates
September 18-22, 2017
Conference Location
Tucson, AZ, US

Keywords

cloud computing, cyber-security, automation, security controls

Citation

Tunc, C. , hariri, S. , Merzouki, M. , Mahmoudi, C. , de Vaulx, F. , Chbili, J. , Bohn, R. and Battou, A. (2017), Cloud Security Automation Framework, The IEEE Workshop on Automation of Cloud Configuration and Operations, Tucson, AZ, US, [online], https://doi.org/10.1109/FAS-W.2017.164, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=923774 (Accessed March 19, 2024)
Created October 11, 2017, Updated October 12, 2021