TY - GEN
T1 - The MEERKATS cloud security architecture
AU - Keromytis, Angelos D.
AU - Geambasu, Roxana
AU - Sethumadhavan, Simha
AU - Stolfo, Salvatore J.
AU - Yang, Junfeng
AU - Benameur, Azzedine
AU - Dacier, Marc
AU - Elder, Matthew
AU - Kienzle, Darrell
AU - Stavrou, Angelos
N1 - Generated from Scopus record by KAUST IRTS on 2022-09-12
PY - 2012/9/24
Y1 - 2012/9/24
N2 - MEERKATS is a novel architecture for cloud environments that elevates continuous system evolution and change as first-rate design principles. Our goal is to enable an environment for cloud services that constantly changes along several dimensions, toward creating an unpredictable target for an adversary. This unpredictability will both impede the adversary's ability to achieve an initial system compromise and, if a compromise occurs, to detect, disrupt, and/or otherwise impede his ability to exploit this success. Thus, we envision an environment where cloud services and data are constantly in flux, using adaptive (both proactive and reactive) protection mechanisms and distributed monitoring at various levels of abstraction. A key element of MEERKATS is the focus on both the software and the data in the cloud, not just protecting but leveraging both to improve mission resilience. MEERKATS seeks to effectively exploit "economies of scale" (in resources available) to provide higher flexibility and effectiveness in the deployment and use of protection mechanisms as and where needed, focusing on current and anticipated application and mission needs instead of an inefficient, "blanket" approach to protecting "everything the same way, all the time". We outline our vision for MEERKATS and describe our approach toward prototyping it. © 2012 IEEE.
AB - MEERKATS is a novel architecture for cloud environments that elevates continuous system evolution and change as first-rate design principles. Our goal is to enable an environment for cloud services that constantly changes along several dimensions, toward creating an unpredictable target for an adversary. This unpredictability will both impede the adversary's ability to achieve an initial system compromise and, if a compromise occurs, to detect, disrupt, and/or otherwise impede his ability to exploit this success. Thus, we envision an environment where cloud services and data are constantly in flux, using adaptive (both proactive and reactive) protection mechanisms and distributed monitoring at various levels of abstraction. A key element of MEERKATS is the focus on both the software and the data in the cloud, not just protecting but leveraging both to improve mission resilience. MEERKATS seeks to effectively exploit "economies of scale" (in resources available) to provide higher flexibility and effectiveness in the deployment and use of protection mechanisms as and where needed, focusing on current and anticipated application and mission needs instead of an inefficient, "blanket" approach to protecting "everything the same way, all the time". We outline our vision for MEERKATS and describe our approach toward prototyping it. © 2012 IEEE.
UR - http://ieeexplore.ieee.org/document/6258191/
UR - http://www.scopus.com/inward/record.url?scp=84866390219&partnerID=8YFLogxK
U2 - 10.1109/ICDCSW.2012.42
DO - 10.1109/ICDCSW.2012.42
M3 - Conference contribution
SP - 446
EP - 450
BT - Proceedings - 32nd IEEE International Conference on Distributed Computing Systems Workshops, ICDCSW 2012
ER -