Conveners
Advancing security in federated clouds
- Sven Gabriel (FOM)
- Leif Nixon (LIU)
Description
Managing security in a cloud environment is a challenge. The focus in this session is on security monitoring technologies and how to
use them in a cloud environment.
In order to help assess VM images from a security point of view we suggest couple of checks and tools that can be done. The intended audience is either the cloud provider administrator, VM endorser, or VM operator, mostly running Linux-based OS. We will demonstrate how an VM can be checked to detect vulnerable packages installed on VM filesystem and will show how these checks could be persistently installed in the image.
It is also important to have a centralized log management available, therefore we discuss possibilities how to store these logs from within the VM, either run-time or at least offline.
There are also couple of other rather simple precautions that can foster security of a node on the public Internet, e.g. to disable password-based authentication, preventing from common directory and/or brute-force attacks. We will also discuss these possibilities and demonstrate how they can be enforced.
Another central problem in distributed computing environments is to efficiently suspend identities found in activities misusing the infrastructure. In this session we will show how a central user suspension framework is deployed in the European Grid Infrastructure.
To register follow this link: https://indico.egi.eu/indico/conferenceDisplay.py?confId=2196
