Skip to main content
SpringerLink
Log in

Monitoring-Based Certification of Cloud Service Security

  • Conference paper
  • First Online:
On the Move to Meaningful Internet Systems: OTM 2015 Conferences (OTM 2015)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 9415))

Abstract

In this paper, we present a novel approach to cloud service security certification. This approach could be used to: (a) define and execute automatically certification models, which can continuously and incrementally acquire and analyse evidence regarding the provision of services on cloud infrastructures through continuous monitoring; (b) use this evidence to assess whether the provision is compliant with required security properties; and (c) generate and manage digital certificates confirming the compliance of services if the acquired evidence supports this. We also present the results of an initial experimental evaluation of our approach based on the MySQL server and RUBiS benchmark.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anisetti, M., Ardagna, C. A. and Damiani, E.: A certification-based trust model for autonomic cloud computing systems. In: Int. Conf. on Cloud and Autonomic Computing (CAC 2014), London, UK (2014)

    Google Scholar 

  2. Ardagna, C.A., Asal, R., Damiani, E., Vu, Q.V.: From Security to Assurance in the Cloud: A Survey. ACM Computing Surveys (CSUR) 48(1), Article 2, July 2015

    Google Scholar 

  3. Barham, P., et al.: Xen and the art of virtualization. ACM SIGOPS Operating Systems Review 37(5) (2003). ACM

    Google Scholar 

  4. Bezzi, M., Sabetta, A., Spanoudakis, G.: An architecture for certification-aware service discovery. In: 1st Int. IEEE Workshop on Securing Services on the Cloud, pp. 14–21 (2011)

    Google Scholar 

  5. Cloud Security Alliance, Cloud Controls Matrix. https://cloudsecurityalliance.org/research/ccm/

  6. COBIT, IT Assurance Guide: Using COBIT, Control Objectives for Information and related Technology. Information Systems Audit and Control Association (2007)

    Google Scholar 

  7. Common Criteria (CC) for Information Technology Security Evaluation, CCDB USB Working Group, 2012, part 1-3. http://www.commoncriteriaportal.org

  8. CSA: Open Certification Framework. https://cloudsecurityalliance.org/research/ocf/

  9. Database Management System Protection Profile, Issue 2.1, May 2000. http://www.commoncriteriaportal.org/files/ppfiles/T129%20-%20PP%20v2.1%20%28dbms.pp%5B1%5D%29.pdf

  10. Egea, M., Mahbub, K., Spanoudakis, G., Vieira, M.R.: A certification framework for cloud security properties: the monitoring path. In: Felici, M., Fernández-Gago, C. (eds.) A4Cloud 2014. LNCS, vol. 8937, pp. 63–77. Springer, Heidelberg (2015)

    Google Scholar 

  11. ENISA, Security Certification Practice in the EU: Information Security Management Systems– A Case Study, v1, October 2013. https://www.enisa.europa.eu/

  12. Grobauer, B., Walloschek, T., Stocker, E.: Understanding Cloud Computing Vulnerabilities. Security & Privacy, IEEE 9(2), 50–57 (2011)

    Article  Google Scholar 

  13. Heiser, J., Nicolett, M.: Assessing the Security Risks of Cloud Computing. Gartner TR (2008)

    Google Scholar 

  14. Heiser, J., Nicolett, M.: Assessing the security risks of cloud computing, 1–6 (2008)

    Google Scholar 

  15. IT Baseline Protection Catalogs. http://www.bsi.de/gshb/index.htm

  16. Katopodis, S., Spanoudakis, G., Mahbub, K.: Towards hybrid cloud service certification models. In: 2014 IEEE International Conference on Services Computing, pp. 394–399

    Google Scholar 

  17. Krotsiani, M., Spanoudakis, G.: Continuous certification of non-repudiation in cloud storage services. In: 4th IEEE Int. Symp. on rust and Security in Cloud Computing (2014)

    Google Scholar 

  18. Krotsiani, M., Spanoudakis, G., Mahbub, K.: Incremental certification of cloud services. In: 7th Int. Conf. on Emerging Security Information, Systems and Technologies (2013)

    Google Scholar 

  19. Lagazio, M., Barnard-Wills, D., Rodrigues, R., Wright, D.: Certification Schemes for Cloud Computing. EU Commission Report, ISBN 978-92-79-39392-1, doi:10.2759/64404

  20. McAfee MySQL AUDIT Plugin. https://github.com/mcafee/mysql-audit

  21. MySQL server. http://www.mysql.com/

  22. National Institute of Standards and Technology: Information Security Handbook: A Guide for Managers. NIST Special Publication 800-100, October 2006

    Google Scholar 

  23. Payment Card Industry Data Security Standard (PCI DSS). https://www.pcisecuritystandards.org/security_standards/documents.php?document=dss_cloud_computing_guidelines

  24. RUBiS Benchmark. http://rubis.ow2.org/

  25. Shanahan, M.: The event calculus explained. In: Veloso, M.M., Wooldridge, M.J. (eds.) Artificial Intelligence Today. LNCS (LNAI), vol. 1600, pp. 409–430. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  26. Spanoudakis, G., Kloukinas C., Mahbub K.: The serenity runtime monitoring framework. In: Security and Dependability for Ambient Intelligence, pp. 213–237. Springer (2009)

    Google Scholar 

  27. STAR Certification, Cloud Security Alliance. https://cloudsecurityalliance.org/star/

  28. Emeakaroha, V.C., et al.: DeSVi: an architecture for detecting SLA violations in cloud computing infrastructures. In: 2nd Int. ICST Conference on Cloud Computing (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, City University London, London, UK

    Maria Krotsiani, George Spanoudakis & Christos Kloukinas

Authors
  1. Maria Krotsiani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. George Spanoudakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christos Kloukinas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Maria Krotsiani .

Editor information

Editors and Affiliations

  1. Trinity College Dublin, Dublin 2, Iran

    Christophe Debruyne

  2. University of Lorraine, Vandoeuvre-les-Nancy Cedex, France

    Hervé Panetto

  3. TU Graz, Graz, Austria

    Robert Meersman

  4. La Trobe University, Melbourne, Australia

    Tharam Dillon

  5. PROFACTOR GmbH, Steyr-Gleink, Austria

    Georg Weichhart

  6. Drexel University, Philadelphia, Pennsylvania, USA

    Yuan An

  7. Università degli Studi di Milano, Crema, Italy

    Claudio Agostino Ardagna

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Krotsiani, M., Spanoudakis, G., Kloukinas, C. (2015). Monitoring-Based Certification of Cloud Service Security. In: Debruyne, C., et al. On the Move to Meaningful Internet Systems: OTM 2015 Conferences. OTM 2015. Lecture Notes in Computer Science(), vol 9415. Springer, Cham. https://doi.org/10.1007/978-3-319-26148-5_44

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-26148-5_44

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-26147-8

  • Online ISBN: 978-3-319-26148-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation