@inproceedings{83977c93ea3e4fad85b3d8c2a9e01745,
title = "VESPA: Multi-layered self-protection for cloud resources",
abstract = "Self-protection has recently raised growing interest as possible element of answer to the cloud computing infrastructure protection challenge. Faced with multiple threats and heterogeneous defense mechanisms, the autonomic approach proposes simpler, stronger, and more efficient cloud security management. Yet, previous solutions fall at the last hurdle as they overlook key features of the cloud, by lack of flexible security policies, cross-layered defense, multiple control granularities, and open security architectures. This paper presents VESPA, a self-protection architecture for cloud infrastructures overcoming such limitations. VESPA is policy-based, and regulates security at two levels, both within and across infrastructure layers. Flexible coordination between self-protection loops allows enforcing a rich spectrum of security strategies such as crosslayer detection and reaction. A multi-plane extensible architecture also enables simple integration of commodity detection and reaction components. Evaluation of a VESPA implementation shows that the design is applicable for effective and flexible self-protection of cloud infrastructures.",
keywords = "Autonomic computing, Cloud security, IaaS, Self-protection",
author = "Aur{\'e}lien Wailly and Marc Lacoste and Herv{\'e} Debar",
year = "2012",
month = oct,
day = "26",
doi = "10.1145/2371536.2371564",
language = "English",
isbn = "9781450315203",
series = "ICAC'12 - Proceedings of the 9th ACM International Conference on Autonomic Computing",
pages = "155--159",
booktitle = "ICAC'12 - Proceedings of the 9th ACM International Conference on Autonomic Computing",
note = "9th ACM International Conference on Autonomic Computing, ICAC'12 ; Conference date: 18-09-2012 Through 20-09-2012",
}