Cloud Certification Process Validation using Formal Methods

Krotsiani, M., Kloukinas, C. & Spanoudakis, G. (2017). Cloud Certification Process Validation using Formal Methods. Paper presented at the 15th International Conference on Service Oriented Computing (ICSOC 2017), 13-16 Nov 2017, Malaga, Spain.

Text - Accepted Version
Download (705kB) | Preview


The importance of cloud-based systems is increasing constantly as they become crucial for completing tasks in an effective and affordable manner. Yet, their use is affected by concerns about the security of the data and applications provisioned through them. Security certification provides a means of increasing confidence in such systems, by establishing that they fulfil certain security properties of interest. Certification processes involve security property assessments against specific threat models. These processes may be based on self-assessment, testing, inspection or runtime monitoring of security properties, and/or combinations of such methods (hybrid certification). One important question for all such processes is whether they actually deliver what they promise. This question is open at the moment and is the focus of our work. To address it, we have developed an approach that formalises certification processes, by translating them in the language of the Prism model-checker and uses Prism to verify properties of interest on the model of the certification process, under specific environmental assumptions.

Item Type: Conference or Workshop Item (Paper)
Additional Information: The final publication will be available at Springer via
Uncontrolled Keywords: Cloud Certification, Validation, Probabilistic Model Checking
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: School of Informatics > Department of Computing

Actions (login required)

View Item View Item


Downloads per month over past year

View more statistics