Multi-cloud application security is directly influenced by the performance and the security management of the cloud resources provisioned for the application execution. Therefore, the multi-cloud application security cannot be understood, embedded and controlled without a thorough understanding on how the security of the distinct cloud resources used by the application components impact on the application.
In this context, MUSA presents a framework which aims to support security-aware multi-cloud application lifecycle management. The framework includes:
1) Security-by-design mechanisms to allow application self-protection at run-time.
2) Methods and tools for the integrated security assurance in both the engineering and operation of multi-cloud applications.
The MUSA framework leverages security-by-design, agile and DevOps approaches in multi-cloud applications, and enables the security-aware development and operation of multi-cloud applications. The framework is composed of:
a) An IDE for creating the multi-cloud application taking into account its security requirements together with functional and business requirements.
b) A set of security mechanisms embedded in the multi-cloud application components for self-protection.
c) An automated deployment environment that, based on an intelligent decision support system, will allow for the dynamic distribution of the components according to security needs.
d) A security assurance platform in form of a SaaS that will support multi-cloud application run-time security control and transparency to increase user trust.
The MUSA framework architecture is shown below: