Language Classes for Cloud Service Certification Systems

Certification of cloud services aims at increasing the trust of customers towards cloud services and providing comparability between cloud services. Applying the concept of certification to cloud services requires systems which continuously detect ongoing changes of the service and assess their impact on customer requirements. In this paper, we propose eight language classes for cloud service certification systems to facilitate research in design and implementation of these systems. To that end, we draw on language classes developed for signature-based intrusion detection systems and apply them to cloud service certification systems.

[1]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[2]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[3]  Teodor-Florin Fortis,et al.  A Semantic Registry for Cloud Services , 2013, 2013 27th International Conference on Advanced Information Networking and Applications Workshops.

[4]  Schahram Dustdar,et al.  Monitoring web service event trails for business compliance , 2009, 2009 IEEE International Conference on Service-Oriented Computing and Applications (SOCA).

[5]  David E. Culler,et al.  The ganglia distributed monitoring system: design, implementation, and experience , 2004, Parallel Comput..

[6]  Razvan Pascanu,et al.  Pylearn2: a machine learning research library , 2013, ArXiv.

[7]  Ernesto Damiani,et al.  Towards the Certification of Cloud Services , 2013, 2013 IEEE Ninth World Congress on Services.

[8]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[9]  Frank Leymann,et al.  An Integrated Solution for Runtime Compliance Governance in SOA , 2010, ICSOC.

[10]  Hervé Debar,et al.  The Intrusion Detection Message Exchange Format (IDMEF) , 2007, RFC.

[11]  Kevin Borders,et al.  Chimera: A Declarative Language for Streaming Network Traffic Analysis , 2012, USENIX Security Symposium.

[12]  Frédéric Cuppens,et al.  LAMBDA: A Language to Model a Database for Detection of Attacks , 2000, Recent Advances in Intrusion Detection.

[13]  Hans-Peter Kriegel,et al.  A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise , 1996, KDD.

[14]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[15]  Ludovic Mé,et al.  ADeLe: An Attack Description Language for Knowledge-Based Intrusion Detection , 2001, SEC.

[16]  George Spanoudakis,et al.  Advanced service monitoring configurations with SLA decomposition and selection , 2011, SAC '11.

[17]  Sandeep Kumar,et al.  Classification and detection of computer intrusions , 1996 .

[18]  Khaled Mahbub,et al.  Incremental certification of cloud services , 2013, SECURWARE 2013.

[19]  Francesco Di Cerbo,et al.  A DIGITAL SECURITY CERTIFICATE FRAMEWORK FOR SERVICES , 2013 .

[20]  Giovanni Vigna,et al.  STATL: An Attack Language for State-Based Intrusion Detection , 2002, J. Comput. Secur..

[21]  George Spanoudakis,et al.  The SERENITY Runtime Monitoring Framework , 2009, Security and Dependability for Ambient Intelligence.

[22]  Ali Sunyaev,et al.  A Taxonomic Perspective on Certification Schemes: Development of a Taxonomy for Cloud Service Certification Criteria , 2014, 2014 47th Hawaii International Conference on System Sciences.

[23]  Michael Meier,et al.  SHEDEL-A Simple Hierarchical Event Description Language for Specifying Attack Signatures , 2002, SEC.

[24]  Eugene H. Spafford,et al.  A PATTERN MATCHING MODEL FOR MISUSE INTRUSION DETECTION , 1994 .

[25]  Francesco Torelli,et al.  SLA★: An abstract syntax for Service Level Agreements , 2010, 2010 11th IEEE/ACM International Conference on Grid Computing.

[26]  LanguagesGiovanni,et al.  Attack Languages , 2007 .

[27]  Ernesto Damiani,et al.  Security Certification of Composite Services: A Test-Based Approach , 2013, 2013 IEEE 20th International Conference on Web Services.

[28]  Ulf Lindqvist,et al.  Detecting computer and network misuse through the production-based expert system toolset (P-BEST) , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).