City Research Online

Incremental certification of cloud services

Krotsiani, M., Spanoudakis, G. & Mahbub, K. (2013). Incremental certification of cloud services. In: SECURWARE 2013 - 7th International Conference on Emerging Security Information, Systems and Technologies. SECURWARE 2013 - 7th International Conference on Emerging Security Information, Systems and Technologies, 25th - 31st August 2013, Barcelona, Spain.

Abstract

Cloud is becoming fast a critical infrastructure. However, several recent incidents regarding the security of cloud services clearly demonstrate that security rightly remains one of the major concerns of enterprises and the general public regarding the use of the cloud. Despite advancements of research related to cloud security, we are still not in a position to provide a systematic assessment of cloud security based on real operational evidence. As a step towards addressing this problem, in this paper, we propose a novel approach for certifying the security of cloud services. Our approach is based on the incremental certification of security properties for different types of cloud services, including IaaS, PaaS and SaaS services, based on operational evidence from the provision of such services gathered through continuous monitoring. An initial implementation of this approach is presented.

Publication Type: Conference or Workshop Item (Paper)
Publisher Keywords: Cloud services, security certification, continuous monitoring
Subjects: Q Science > QA Mathematics > QA76 Computer software
Departments: School of Science & Technology > Computer Science
[thumbnail of SECURWARE 2013-30097.pdf]
Preview
PDF
Download (1MB) | Preview

Export

Add to AnyAdd to TwitterAdd to FacebookAdd to LinkedinAdd to PinterestAdd to Email

Downloads

Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login