Security Enforcement for Multi-Cloud Platforms - The Case of PaaSage
AUTHORS: Tom Kirkham, Kyriakos Kritikos, Bartosz Kryza, Philippe Massonet
Multi-cloud adaptive application provisioning promises to solve the vendor lock-in problem and lead to optimizing the user re- quirements through the selection of the best from the great variety of services offered by cloud providers. As such, various research prototypes and platforms attempt to support this provisioning type. One major concern in using such platforms comes with respect to security in terms of improper access to user personal data and VMs as well as to platform services. To successfully address this concern, this paper proposes a novel model-driven approach and architecture able to secure multi-cloud platforms as well as enable users to have their own private space. Such a solution exploits state-of-the-art security standards and secure model manage- ment technology. This solution is able to cover different security scenarios involving external, web-based and programmatic user authentication.