Security-as-a-Service with Cyberspace Mimic Defense Technologies in Cloud

Users usually focus on the application-level requirements which are quite friendly and direct to them. However, there are no existing tools automating the application-level requirements to infrastructure provisioning and application deployment. Although some security issues have been solved during the development phase, the undiscovered vulnerabilities remain hidden threats to the application’s security. Cyberspace mimic defense (CMD) technologies can help to enhance the application’s security despite the existence of the vulnerability. In this paper, the concept of SECurity-as-a-Service (SECaaS) is proposed with CMD technologies in cloud environments. The experiment on it was implemented. It is found that the application’s security is greatly improved to meet the user’s security and performance requirements within budgets through SECaaS. The experimental results show that SECaaS can help the users to focus on application-level requirements (monetary costs, required security level, etc.) and automate the process of application orchestration.