Auditing in the cloud, Using OpenStack Congress
In a multi-tenant cloud environment, several tenants share the same physical resources. To ensure security of tenants data and process, appropriate security measures should be implemented by the cloud provider at multiple layers. Particularly, appropriate controls for end-to-end network isolation must be put in place. The proposed research project aims at elaborating innovative and efficient approaches and methods to audit end-to-end network isolation in the cloud. The new knowledge and technologies that would be transferred to Ericsson through this project include a framework for automating verification of network isolation in the cloud, methods for collecting and processing data, languages and algorithms for verifying security and detecting security requirements violation. In addition to knowledge dissemination using scientific publications, the project aims at designing and implementing a research prototype that would be integrated with existing cloud management systems, such as the Ericsson Cloud Manager, as a value-added feature.