A Certification Framework for Cloud Security Properties: The Monitoring Path

Egea, M., Spanoudakis, G., Mahbub, K. & Vieira, M. R. (2015). A Certification Framework for Cloud Security Properties: The Monitoring Path. Lecture Notes in Computer Science, 8937, pp. 63-77. doi: 10.1007/978-3-319-17199-9_3

[img]
Preview
Text - Accepted Version
Download (465kB) | Preview

Abstract

In this paper we describe the structure and functionality of a certification integrated framework aimed to support the certification of security properties of a Cloud infrastructure (IaaS), a platform (PaaS), or the software layer (SaaS). Such framework will bring service users, service providers and cloud suppliers to work together with certification authorities in order to ensure security properties and certificates validity in the continuously evolving cloud environment. For this purpose, the framework relies on multiple types of evidence gathering with respect to security, e.g., testing services, monitoring agents or trusted computing proofs. In this paper we will focus only on the monitoring case and will illustrate its use. Yet, this framework is designed to be able to follow models for hybrid, incremental and multi-layer security certification since cloud security has to build upon the entire cloud stack.

Item Type: Article
Additional Information: The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-17199-9_3
Uncontrolled Keywords: Cloud security, Monitoring tools, Monitoring based certification models
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: School of Informatics > Department of Computing
URI: http://openaccess.city.ac.uk/id/eprint/12615

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics