Security risk assessment within hybrid data centers: A case study of delay sensitive applications. (December 2018)
- Record Type:
- Journal Article
- Title:
- Security risk assessment within hybrid data centers: A case study of delay sensitive applications. (December 2018)
- Main Title:
- Security risk assessment within hybrid data centers: A case study of delay sensitive applications
- Authors:
- Munodawafa, Fortune
Awad, Ali Ismail - Abstract:
- Abstract: Data centers are considered a critical form of infrastructure in today's information society. They are at the core of the cloud computing and services revolution, which has changed the business models on how organizations deal with IT infrastructure costs. The hybrid data center architecture incorporates both legacy and fully virtualized infrastructures. On the one hand, the composite infrastructure has improved resource utilization and consolidation by adding flexibility and scalability factors, making the data center more cost effective and more agile. On the other hand, the hybrid infrastructure has imposed a new set of security challenges that need to be brought into focus. The lack of resource availability can be a great risk for delay sensitive applications such as voice over IP (VoIP) and online gaming when cloud computing is the deployment model. This study addresses the emerging risk problem by conducting a comprehensive security risk assessment using the NIST national vulnerability database (NVD) combined with EBIOS risk analysis and evaluation methodology. This study focuses on resource availability problem emanating from delay variations and queuing mechanisms in virtualized systems and its impact on delay sensitive applications. The study argues for the existence of availability risk within the hybrid data center infrastructure, which can deteriorate the performance of delay sensitive applications. Security remedial and countermeasures to theAbstract: Data centers are considered a critical form of infrastructure in today's information society. They are at the core of the cloud computing and services revolution, which has changed the business models on how organizations deal with IT infrastructure costs. The hybrid data center architecture incorporates both legacy and fully virtualized infrastructures. On the one hand, the composite infrastructure has improved resource utilization and consolidation by adding flexibility and scalability factors, making the data center more cost effective and more agile. On the other hand, the hybrid infrastructure has imposed a new set of security challenges that need to be brought into focus. The lack of resource availability can be a great risk for delay sensitive applications such as voice over IP (VoIP) and online gaming when cloud computing is the deployment model. This study addresses the emerging risk problem by conducting a comprehensive security risk assessment using the NIST national vulnerability database (NVD) combined with EBIOS risk analysis and evaluation methodology. This study focuses on resource availability problem emanating from delay variations and queuing mechanisms in virtualized systems and its impact on delay sensitive applications. The study argues for the existence of availability risk within the hybrid data center infrastructure, which can deteriorate the performance of delay sensitive applications. Security remedial and countermeasures to the identified security risks are suggested in an extended discussion at the end of the study. … (more)
- Is Part Of:
- Journal of information security and applications. Volume 43(2018)
- Journal:
- Journal of information security and applications
- Issue:
- Volume 43(2018)
- Issue Display:
- Volume 43, Issue 2018 (2018)
- Year:
- 2018
- Volume:
- 43
- Issue:
- 2018
- Issue Sort Value:
- 2018-0043-2018-0000
- Page Start:
- 61
- Page End:
- 72
- Publication Date:
- 2018-12
- Subjects:
- Data centers -- Virtualization -- Security risk assessment -- Infrastructure flexibility and scalability -- Network resources availability -- Delay sensitive applications
Computer security -- Periodicals
Information technology -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/ ↗
- DOI:
- 10.1016/j.jisa.2018.10.008 ↗
- Languages:
- English
- ISSNs:
- 2214-2126
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 8760.xml