Monitoring-Based Certification of Cloud Service Security

In this paper, we present a novel approach to cloud service security certification. This approach could be used to: a define and execute automatically certification models, which can continuously and incrementally acquire and analyse evidence regarding the provision of services on cloud infrastructures through continuous monitoring; b use this evidence to assess whether the provision is compliant with required security properties; and c generate and manage digital certificates confirming the compliance of services if the acquired evidence supports this. We also present the results of an initial experimental evaluation of our approach based on the MySQL server and RUBiS benchmark.

[1]  Murray Shanahan,et al.  The Event Calculus Explained , 1999, Artificial Intelligence Today.

[2]  George Spanoudakis,et al.  Towards Hybrid Cloud Service Certification Models , 2014, 2014 IEEE International Conference on Services Computing.

[3]  Khaled Mahbub,et al.  Incremental certification of cloud services , 2013, SECURWARE 2013.

[4]  George Spanoudakis,et al.  An architecture for certification-aware service discovery , 2011, 2011 1st International Workshop on Securing Services on the Cloud (IWSSC).

[5]  George Spanoudakis,et al.  A Certification Framework for Cloud Security Properties: The Monitoring Path , 2014, A4Cloud.

[6]  P. Bowen,et al.  Information Security Handbook: A Guide for Managers , 2006 .

[7]  César A. F. De Rose,et al.  DeSVi : An Architecture for Detecting SLA Violations in Cloud Computing Infrastructures , 2010 .

[8]  Bernd Grobauer,et al.  Understanding Cloud Computing Vulnerabilities , 2011, IEEE Security & Privacy.

[9]  George Spanoudakis,et al.  Continuous Certification of Non-repudiation in Cloud Storage Services , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[10]  Ernesto Damiani,et al.  A Certification-Based Trust Model for Autonomic Cloud Computing Systems , 2014, 2014 International Conference on Cloud and Autonomic Computing.

[11]  Ernesto Damiani,et al.  From Security to Assurance in the Cloud , 2015, ACM Comput. Surv..

[12]  George Spanoudakis,et al.  The SERENITY Runtime Monitoring Framework , 2009, Security and Dependability for Ambient Intelligence.

[13]  E. Kosta,et al.  Security certification practice in the EU : Information security management systems, a case study , 2013 .