Autonomic Network Security Management Framework is the first component developed within the scope of the SUPERCLOUD European Project, in which Orange plays the role of a Technical Leader.
The SUPERCLOUD H2020 project aims to design and implement a security and dependability management infrastructure for distributed clouds that is both user-centric and self-managed. A new security distribution layer, the Supercloud, enables users to deploy self-service clouds with full customizability of protection of computing, storage, and networking independently from underlying providers, thus avoiding lock-ins. Administration complexity is also reduced through security automation. Most of the components of the framework are aimed to be put in open source.
SUPERCLOUD Autonomic Network Security Management Framework enables fine-grained network monitoring and provides support for flexible threat management. It consists of two components:
- A network security monitoring (self-management) component – allowing to detect network incidents and to react in an autonomous manner to network attacks targeted at the SUPERCLOUD network infrastructure according to user-defined security policies in a given security context. It includes sub-modules for managing topology and incidents, defining security contexts, and for security policy specification and instantiation.
- A security appliance chaining component – enabling users to select and compose their network security services on a per-flow or per-destination basis in a SUPERCLOUD infrastructure. From data plane topology and placement of security services (physical or virtual appliances), it computes and deploys routing policies with regard to multiple constraints, e.g., user-defined security services, cost, sovereignty, network path lengths.
Mentioned framework is the first component of SUPERCLOUD project to be put in open source. Two more will follow within next months: ORBITS multi-cloud orchestration framework and micro-hypervisor.
General information about the SUPERCLOUD project and framework is available on the project public website.
Detailed description of all the framework components is also available in Deliverables documentation (sections: D1.3, D1.4, D2.3, D3.3 and D4.3).
See also the project vision paper “User-Centric Security and Dependability in Cloud of Clouds” on zenodo.