Multi-cloud applications security monitoring

The issue of data security and privacy in multi-cloud based environments requires different solutions for implementing and enforcing security policies. In these environments, many security aspects must be faced, such as security-by-design, risk management, data privacy and isolation, and vulnerability scans. Moreover, it also becomes necessary to have a system that interrelates and operates all security controls which are configured and executed independently on each component of the application (service) being secured and monitored. In addition, thanks to the large diffusion of cloud computing systems, new attacks are emerging, so threat detection systems play a key role in the security schemes, identifying possible attacks. These systems handle an enormous volume of information as they detect unknown malicious activities by monitoring different events from different points of observation, as well as adapting to new attack strategies and considering techniques to detect malicious behaviors and react accordingly. To target this issue, we propose in the context of the MUSA EU Horizon 2020 project [1], a security assurance platform that allows monitoring the multi-cloud application deployed in different Cloud Server Providers (CSPs). It detects potential deviations from security Server Level Agreements (A formal, negotiated document that defines in quantitative and qualitative terms the service being offered to a Cloud Service Client (CSC). For more information see [8, 17].) (SLAs) and triggers countermeasures to enforce security during application runtime.