The MEERKATS cloud security architecture

Angelos D. Keromytis, Roxana Geambasu, Simha Sethumadhavan, Salvatore J. Stolfo, Junfeng Yang, Azzedine Benameur, Marc Dacier, Matthew Elder, Darrell Kienzle, Angelos Stavrou

Research output: Chapter in Book/Report/Conference proceedingConference contribution

18 Scopus citations

Abstract

MEERKATS is a novel architecture for cloud environments that elevates continuous system evolution and change as first-rate design principles. Our goal is to enable an environment for cloud services that constantly changes along several dimensions, toward creating an unpredictable target for an adversary. This unpredictability will both impede the adversary's ability to achieve an initial system compromise and, if a compromise occurs, to detect, disrupt, and/or otherwise impede his ability to exploit this success. Thus, we envision an environment where cloud services and data are constantly in flux, using adaptive (both proactive and reactive) protection mechanisms and distributed monitoring at various levels of abstraction. A key element of MEERKATS is the focus on both the software and the data in the cloud, not just protecting but leveraging both to improve mission resilience. MEERKATS seeks to effectively exploit "economies of scale" (in resources available) to provide higher flexibility and effectiveness in the deployment and use of protection mechanisms as and where needed, focusing on current and anticipated application and mission needs instead of an inefficient, "blanket" approach to protecting "everything the same way, all the time". We outline our vision for MEERKATS and describe our approach toward prototyping it. © 2012 IEEE.
Original languageEnglish (US)
Title of host publicationProceedings - 32nd IEEE International Conference on Distributed Computing Systems Workshops, ICDCSW 2012
Pages446-450
Number of pages5
DOIs
StatePublished - Sep 24 2012
Externally publishedYes

Fingerprint

Dive into the research topics of 'The MEERKATS cloud security architecture'. Together they form a unique fingerprint.

Cite this