Implementing Security Rules, Safeguards, and IPS tools for Private Cloud Infrastructures : GROOT: Infrastructure Security as a Service(ISaaS)

Abstract: Clouds are a large part of todays computing space, with individuals having the ability to crate their own cloud. The Open Stack cloud suite eases the deployment and management of cloud services. However, security is one core area that is difficult to isolate and has to be addressed at each level, ranging from low-level system securityto the user-facing multi-tenant environments. There are solutions available that offer end-to-end security but most of them are proprietary and with their sophisticated licensing scheme, expertise that might be affordable for large enterprises but difficult for medium and smallscale organizations is required. The aim of this project is to design a minimalistic security service for the Open Stack environment that helps cloud administrators get first hand information regarding any activities that may cause threats to the instance or the whole tenant in the cloud infrastructure. The project created a proof of concept system that once deployed was able to detect potential misconfigurations and threats. The system was tested in a real world scenarios and proved to work, finding several machines that were launched without correct configurations.Tryckt av: