The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Migrating Enterprises to Hybrid Cloud Architectures

Research Areas: End System Security

Principal Investigator: Sanjay Rao

We are tackling challenges in migrating enterprise services into hybrid cloud-based deployments, where enterprise operations are partly hosted on-premise and partly in the cloud. Such hybrid models enable enterprises to benefit from cloud-based architectures, while honoring privacy and other restrictions on what data and services may be migrated to the cloud. We are making several contributions. First, we are obtaining deeper understanding about the architecture of enterprise applications today in terms of their multi-tiered nature, large number of application components, and interdependencies, and security policies associated with enterprise applications in data centers. Second, we are showing the need for and benefits of a planned approach to deciding what application components to migrate to the cloud. Our approach is based on framing and solving an optimization problem that takes into account enterprise-specific constraints, cost savings from migration, and increased transaction delays and wide-area communication that may result from the migration. Third, we are developing algorithms to ensure security policies are correctly reconfigured as enterprise applications are migrated to the cloud. Our evaluations are conducted using models of real enterprise applications and data center security policies derived from discussions with operators in a university setting, and using actual Azure-based cloud deployments. The results are promising and show the potential of our approach.

Personnel

Students: Mohammad Hajjat Xin Sun Yu-Wei Sung