Security modeling and analysis of an intrusion tolerant cloud data center

It is important to protect a Cloud Data Center even if there are attacks by an adversary. In order to improve the security of a Cloud Data Center (CDC) in particular, system availability, a proactive approach named SCIT (Self-Cleansing Intrusion Tolerance) may be adopted to the CDC. In this paper, we present a general analytic model of the SCIT approach for the CDC. We first introduce an architecture and its flow of an intrusion tolerant CDC. We focus on a SCIT approach for a virtual machine (VM) in a CDC. We model and implement the SCIT in SHARPE (Symbolic Hierarchical Automated Reliability and Performance Evaluator) and carry out numerical analysis. Our numerical results show that the SCIT approach can increase the system availability.