Visible to the public Security Chaos Engineering for Cloud Services: Work In Progress

TitleSecurity Chaos Engineering for Cloud Services: Work In Progress
Publication TypeConference Paper
Year of Publication2019
AuthorsTorkura, Kennedy A., Sukmana, Muhammad I.H., Cheng, Feng, Meinel, Christoph
Conference Name2019 IEEE 18th International Symposium on Network Computing and Applications (NCA)
Date Publishedsep
Keywordschaos, cloud computing, cloud computing security, cloud infrastructure, cloud security system, cloud services, Cloud-Security, CloudStrike, composability, Fault tolerance, Fault tolerant systems, Human Errors, Intrusion detection, intrusion tolerance, nonsecurity failures, pubcrawl, Resiliency, Resilient Architectures, security breaches, security chaos engineering, security models, security of data, security risk assessment, software fault tolerance, Testing, traditional security paradigms
AbstractThe majority of security breaches in cloud infrastructure in recent years are caused by human errors and misconfigured resources. Novel security models are imperative to overcome these issues. Such models must be customer-centric, continuous, not focused on traditional security paradigms like intrusion detection and adopt proactive techniques. Thus, this paper proposes CloudStrike, a cloud security system that implements the principles of Chaos Engineering to enable the aforementioned properties. Chaos Engineering is an emerging discipline employed to prevent non-security failures in cloud infrastructure via Fault Injection Testing techniques. CloudStrike employs similar techniques with a focus on injecting failures that impact security i.e. integrity, confidentiality and availability. Essentially, CloudStrike leverages the relationship between dependability and security models. Preliminary experiments provide insightful and prospective results.
Citation Keytorkura_security_2019