Cloud computing architectures based multi-tenant IDS

Abstract

Cloud computing is less expensive than traditional on-premise computing for users, as it provides accessibility and reliability options for users and scalable sales for provider. But, like most things in life, the benefits come with risks. It's just a matter of knowing if the benefits outweigh the risks and vice versa. Unfortunately, the cloud computing does not escape to this universal rule. Then, it is important to consider the security of the cloud. As a solution to protect the cloud from security issues [1, 2, 3, 4], we think that IDSs integrated in the cloud remains among the best solution. We will also present an architecture based IDS that respects multi-tenancy architecture. The objective behind integrating multi-tenancy aspect in our solution is to give tenants the ability to configure some parts of the application, such as the color of the user interface or business rules, but they can't customize the application's code. This means that although tenants an using the same building blocks in their configuration, the appearance or workflow of the application may be different for two tenants. Also, the Service Level Agreement (SLA) of each tenant can differ. In fact, we contend that multi-tenancy is a requirement for any cloud architecture because of four key benefits. First, High security: there are 3 key components that define the degree of isolation between multiple tenants in a data center: access policies, application deployment and data access and protection. Second, Economy: software development and maintenance costs are shared between the tenants. Third, Service assurance and faster updates: with multi-tenancy, the provider has to make updates once. In contrast with single-tenancy, an architecture in which each customer has their own software instance and may be given access to application code. Fourth, Efficiency and flexibility: A SaaS provider can run one instance of its application on one instance of a database and provide web access to multiple customers. Each tenant's data is Isolated and remains invisible to other tenants [11]. © 2013 IEEE.