Privacy-Preserving Cross-Domain Data Dissemination and Adaptability in Trusted and Untrusted Cloud introduction about Problem Statement, Distributed Service Monitoring Approach, Distributed Service Monitoring, Agile Defense and Adaptability. | Privacy-Preserving Cross-Domain Data Dissemination and Adaptability in Trusted and Untrusted Cloud Bharat K. Bhargava Purdue University Department of Computer Science Trust Domain Service A Service B Service C Service D Problem Statement 2 SOA: Loosely coupled independent services are composed to accomplish tasks Involves interactions of trusted and untrusted services No client control on the chain of service invocations Problems: Attackers can gain control of a number of services, modify a service or get access to in-transit messages Client does not have ability to specify service interaction policies Violations, malicious activities and failures in a trusted service domain may remain undetected Services are not verified or validated dynamically (uninformed selection of services) Malicious activity may cause service disruptions Trust Domain Service A Service B Service C Service D Problem Statement 3 There is a need for novel techniques to Monitor service activity Discover and report service misbehavior Share information across domains on security threats using a unified model Ensure security and privacy of data in SOA and clouds If a service is compromised or misbehaves, the service monitor should Discover malicious activity Provide feedback Take remedial actions Adapt according to changes in context Monitoring-Based Approach for Adaptability & Resiliency We propose a novel method of dealing with security problems in trusted & untrusted cloud: Monitoring all interactions among services in a domain Proactive treatment of potentially malicious service invocations Dynamic trust management of services in a domain Agile and resilient defense mechanisms Ability to detect anomalies and adapt Dynamic reconfiguration of service compositions Privacy preservation in service interactions Benefits of the monitoring-based security solution: Provides enforcement of security policies in addition to auditing capability Offers a proactive security solution by detecting anomalies . | Privacy-Preserving Cross-Domain Data Dissemination and Adaptability in Trusted and Untrusted Cloud Bharat K. Bhargava Purdue University Department of Computer Science Trust Domain Service A Service B Service C Service D Problem Statement 2 SOA: Loosely coupled independent services are composed to accomplish tasks Involves interactions of trusted and untrusted services No client control on the chain of service invocations Problems: Attackers can gain control of a number of services, modify a service or get access to in-transit messages Client does not have ability to specify service interaction policies Violations, malicious activities and failures in a trusted service domain may remain undetected Services are not verified or validated dynamically (uninformed selection of services) Malicious activity may cause service disruptions Trust Domain Service A Service B Service C Service D Problem Statement 3 There is a need for novel techniques to Monitor service activity Discover and report
