Security as a service for public cloud tenants (SaaS)

Cloud computing is a novel paradigm that is known for its elasticity and diversity in terms of the services provided to the end users. Although these services offer many benefits such as availability, cost-reduction, flexible payment plans, security, and efficiency, there are still several security concerns that are considered major obstacles preventing tenants from transferring their resources to the cloud. The security provided by the cloud service providers is still inadequate for the tenants security requirements because providers use standard security mechanisms regardless of the tenants requirements. Thus, cloud tenants cannot rely on the security provided by the cloud providers. Although, traditional intrusion detection systems have been proposed and developed by different entities including researchers, academicians, and practitioners as a solution that cloud providers can offer to their tenants to cope with security issues in the cloud, the requirements of the tenants in terms of security are not considered. It is very important, however, to consider the differences in the tenants security requirements to provide better security services. In this research, we concentrate on providing a security service that allows cloud tenants to monitor and protect their virtual environments by deploying a security mechanism that is capable of meeting their needs. The main contribution of this work is providing an efficient, flexible, and low-cost security as a service model - based on Intrusion Detection Systems (IDS) - that takes the tenants security requirements into consideration.

Mots clés

cloud computing; intrusion detection system; security as a service; tenants security requirements