Towards Model-Based Security Assessment of Cloud Applications

Security issues are still posing limitations to the full exploitation of the potential of the cloud computing paradigm, and cloud developers are more and more required to take security into account from the very beginning of the development process. Unfortunately, the application of classical security best practices may be not enough due to the involvement of cloud services provided by third-parties and out of the control of the developer. In this paper, to overcome this issue, we introduce and discuss a model-based process for the security assessment of cloud applications. In particular, we suggest a complete process that can be executed within the lifecycle of a cloud application, from the requirement elicitation up to the validation (both static and dynamic through the generation and execution of suitable test cases) of the final deployment against security requirements. In this work, we sketch the process main phases and illustrate the high-level modelling languages that have been defined to describe an application at different levels of abstraction and to formalize both security requirements of applications and security features offered by existing cloud services. A running example involving the assessment of a simple yet realistic cloud application is used throughout the paper to better illustrate the proposal and to demonstrate its feasibility and effectiveness.

[1]  Valentina Casola,et al.  Security-by-design in Clouds: A Security-SLA Driven Methodology to Build Secure Cloud Applications , 2016, Cloud Forward.

[2]  Hui Song,et al.  CloudMF: Applying MDE to Tame the Complexity of Managing Multi-cloud Applications , 2014, 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing.

[3]  Ricardo J. Rodríguez,et al.  Modelling Security of Critical Infrastructures: A Survivability Assessment , 2015, Comput. J..

[4]  Igor V. Kotenko,et al.  Attack Graph Based Evaluation of Network Security , 2006, Communications and Multimedia Security.

[5]  N. Mazzocca,et al.  Dynamic state machines for modelling railway control systems , 2017, Sci. Comput. Program..

[6]  David Stuart Robertson,et al.  A review of attacks and security approaches in open multi-agent systems , 2012, Artificial Intelligence Review.

[7]  日本規格協会 情報技術-セキュリティ技術-情報セキュリティ管理策の実践のための規範 : ISO/IEC 27002 = Information technology-Security techniques-Code of practice for information security controls : ISO/IEC 27002 , 2013 .

[8]  William H. Sanders,et al.  Model-based evaluation: from dependability to security , 2004, IEEE Transactions on Dependable and Secure Computing.

[9]  日本規格協会 情報技術-セキュリティ技術-情報セキュリティマネジメントシステム-要求事項 : 国際規格ISO/IEC 27001 = Information technology-Security techniques-Information security management systems-Requirements : ISO/IEC 27001 , 2005 .

[10]  Jan Jürjens,et al.  UMLsec: Extending UML for Secure Systems Development , 2002, UML.

[11]  Stefano Marrone,et al.  A model-driven approach for vulnerability evaluation of modern physical protection systems , 2016, Software & Systems Modeling.

[12]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[13]  Yu Liu,et al.  Network vulnerability assessment using Bayesian networks , 2005, SPIE Defense + Commercial Sensing.