Abstract
Clouds are here to stay, and the same holds for cyber-physical systems--not to forget their combination. In light of these changing paradigms, it is of utter importance to reconsider security as both introduce new challenges. Overcoming the concept of zoned networks, clouds make former internal traffic traveling the Internet. Cyber-physical systems include physical parts into computing and make them potential targets for cyber attacks--a dare as a high number of physical parts have originally been developed to be stand-alone. Cyber-physical cloud computing reinforces the need for a thoughtful security concept. Firewalls are among the basic building blocks in network security and are offered by various cloud providers; however, the question on their quality of protection arises. In this paper, we assess firewall offers of five major cloud providers with respect to cyber-physical system integration. Therefore, we study their default configuration, configuration capabilities, documentation, and filtering behavior. We developed an extendible firewall monitoring tool that enables customers to probe their provider's filtering behavior--an information of interest for risk management or further security consideration. Re-assessing filtering behavior, we found that all offered firewalls have evolved over a time period of more than a year: Configuration possibilities have been enhanced, more illegitimate packets are filtered now, and stateful behavior was discovered at a certain provider.
Highlights
Cloud computing has become a standard technology in the business as well as in the consumer sector
Users in the Infrastructure as a Service (IaaS) model have control of the whole VM from the kernel layer upwards: The choice of operating system tends to be left to the customer, most cloud providers offer a number of pre-specified options for easy installation
10 Conclusions The paper at hand examines firewall implementation in public clouds focusing on the major providers Amazon Elastic Cloud Compute, Google Compute Engine, and both deployment models of Microsoft Azure (Classic and Resource Manager)
Summary
Cloud computing has become a standard technology in the business as well as in the consumer sector. 2.1 Cloud computing and service models Cloud computing is defined as “a model for enabling ubiquitous, convenient, on demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” by the National Institute of Standards and Technology (NIST) [5]. Infrastructure as a Service (IaaS) cloud providers offer resources to the customer where she is able to run her applications including an operating system of choice. Users in the IaaS model have control of the whole VM from the kernel layer upwards: The choice of operating system tends to be left to the customer, most cloud providers offer a number of pre-specified options for easy installation. Many providers allow for a number of instances to be connected inside a group, simulating a LAN in the cloud
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
