Cloud Certification Process Validation using Formal Methods
Krotsiani, M., Kloukinas, C. & Spanoudakis, G. (2017). Cloud Certification Process Validation using Formal Methods. In: Maximilien, M., Vallecillo, A., Wang, J. & Oriol, M. (Eds.), Service-Oriented Computing. ICSOC 2017. 15th International Conference on Service Oriented Computing (ICSOC 2017), 13-16 Nov 2017, Malaga, Spain.
Abstract
The importance of cloud-based systems is increasing constantly as they become crucial for completing tasks in an effective and affordable manner. Yet, their use is affected by concerns about the security of the data and applications provisioned through them. Security certification provides a means of increasing confidence in such systems, by establishing that they fulfil certain security properties of interest. Certification processes involve security property assessments against specific threat models. These processes may be based on self-assessment, testing, inspection or runtime monitoring of security properties, and/or combinations of such methods (hybrid certification). One important question for all such processes is whether they actually deliver what they promise. This question is open at the moment and is the focus of our work. To address it, we have developed an approach that formalises certification processes, by translating them in the language of the Prism model-checker and uses Prism to verify properties of interest on the model of the certification process, under specific environmental assumptions.
Publication Type: | Conference or Workshop Item (Paper) |
---|---|
Additional Information: | The final publication will is available via Springer at DOI https://doi.org/10.1007/978-3-319-69035-3_5 |
Publisher Keywords: | Cloud Certification, Validation, Probabilistic Model Checking |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
Departments: | School of Science & Technology > Computer Science |
Download (705kB) | Preview
Export
Downloads
Downloads per month over past year