Abstract
Today’s cloud environments are very heterogeneous. Current security approaches of intrusion detection, prevention, and response in physical environments are sophisticated. However, the growth of virtualization and multi-tenant technologies is creating new targets for intrusion and raises many questions about the implementation of the same protection in cloud environments. As an answer to the clouds’ heterogeneity, the heterogeneity of cloud security solutions is presented, which causes market confusion and brings more complexity in the selection process of sound security solutions. As not every enterprise has in-house tools, competences and expertise to secure cloud environments on its own, Security as a Service (SecaaS) solutions are becoming more popular, promising cost-savings and proper real-time threats detection and prevention. In our paper, we outline the current research areas in SecaaS, especially Security Information and Event Management (SIEM). Furthermore, we discuss requirements and concerns related to implementation of SIEM as a service and identify challenges for further research.
© 2014 by Walter de Gruyter GmbH, Berlin/Boston