TY - GEN
T1 - Physical attack protection with human-secure virtualization in data centers
AU - Szefer, Jakub
AU - Jamkhedkar, Pramod
AU - Chen, Yu Yuan
AU - Lee, Ruby B.
PY - 2012
Y1 - 2012
N2 - Cloud computing-based data centers, which hold a large amount of customer data, are vulnerable to physical attacks and insider threats. Current protection and defense mechanisms for security of data held in data centers are either completely physical (sensors, barriers, etc.) or completely cyber (firewalls, encryption, etc.). In this paper we propose a novel cyber-physical security defense for cloud computing-based data centers against physical attacks. In our system, physical sensors detect an impending physical/human attack which triggers cyber defenses to protect or mitigate the attack. The key to the cyber defenses is that in cloud computing data centers the data is loosely coupled with the underlying physical hardware, and can be moved/migrated to other physical hardware in the presence of an attack. In this paper we propose a model for coupling such cyber defenses with physical attack-detection sensors. We further describe a preliminary architecture for building such a system with today's cloud computing infrastructure.
AB - Cloud computing-based data centers, which hold a large amount of customer data, are vulnerable to physical attacks and insider threats. Current protection and defense mechanisms for security of data held in data centers are either completely physical (sensors, barriers, etc.) or completely cyber (firewalls, encryption, etc.). In this paper we propose a novel cyber-physical security defense for cloud computing-based data centers against physical attacks. In our system, physical sensors detect an impending physical/human attack which triggers cyber defenses to protect or mitigate the attack. The key to the cyber defenses is that in cloud computing data centers the data is loosely coupled with the underlying physical hardware, and can be moved/migrated to other physical hardware in the presence of an attack. In this paper we propose a model for coupling such cyber defenses with physical attack-detection sensors. We further describe a preliminary architecture for building such a system with today's cloud computing infrastructure.
KW - data center
KW - moving target defense
KW - physical attacks
UR - http://www.scopus.com/inward/record.url?scp=84880878159&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84880878159&partnerID=8YFLogxK
U2 - 10.1109/DSNW.2012.6264664
DO - 10.1109/DSNW.2012.6264664
M3 - Conference contribution
AN - SCOPUS:84880878159
SN - 9781467322645
T3 - Proceedings of the International Conference on Dependable Systems and Networks
BT - 2012 IEEE/IFIP 42nd International Conference on Dependable Systems and Networks Workshops, DSN-W 2012
T2 - 2012 IEEE/IFIP 42nd International Conference on Dependable Systems and Networks Workshops, DSN-W 2012
Y2 - 25 June 2012 through 28 June 2012
ER -