Towards Model-Based Security Assessment of Cloud Applications

  • Valentina Casola
  • Alessandra De BenedictisEmail author
  • Roberto Nardone
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10232)


Security issues are still posing limitations to the full exploitation of the potential of the cloud computing paradigm, and cloud developers are more and more required to take security into account from the very beginning of the development process. Unfortunately, the application of classical security best practices may be not enough due to the involvement of cloud services provided by third-parties and out of the control of the developer. In this paper, to overcome this issue, we introduce and discuss a model-based process for the security assessment of cloud applications. In particular, we suggest a complete process that can be executed within the lifecycle of a cloud application, from the requirement elicitation up to the validation (both static and dynamic through the generation and execution of suitable test cases) of the final deployment against security requirements. In this work, we sketch the process main phases and illustrate the high-level modelling languages that have been defined to describe an application at different levels of abstraction and to formalize both security requirements of applications and security features offered by existing cloud services. A running example involving the assessment of a simple yet realistic cloud application is used throughout the paper to better illustrate the proposal and to demonstrate its feasibility and effectiveness.


Model-based security assessment Secure cloud applications Cloud security 



This research is partially supported by the project MUSA (Grant Agreement no. 644429) funded by the European Commission within call H2020-ICT-2014-1.


  1. 1.
    Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 217–224. ACM (2002)Google Scholar
  2. 2.
    Benerecetti, M., De Guglielmo, R., Gentile, U., Marrone, S., Mazzocca, N., Nardone, R., Peron, A., Velardi, L., Vittorini, V.: Dynamic state machines for modelling railway control systems. Sci. Comput. Program. 133, 116–153 (2017)CrossRefzbMATHGoogle Scholar
  3. 3.
    Bijani, S., Robertson, D.: A review of attacks and security approaches in open multi-agent systems. Artif. Intell. Rev. 42(4), 607–636 (2014)CrossRefGoogle Scholar
  4. 4.
    Casola, V., De Benedictis, A., Rak, M., Rios, E.: Security-by-design in clouds: a security-SLA driven methodology to build secure cloud applications. Procedia Comput. Sci. 97, 53–62 (2016). 2nd International Conference on Cloud Forward: From Distributed to Complete ComputingCrossRefGoogle Scholar
  5. 5.
    Cloud Security Alliance. Cloud Control Matrix v3.0.1, June 2016.
  6. 6.
    Cloud Security Alliance. Consensus Assessments Initiative Questionnaire v3.0.1, May 2016.
  7. 7.
    Drago, A., Marrone, S., Mazzocca, N., Nardone, R., Tedesco, A., Vittorini, V.: A model-driven approach for vulnerability evaluation of modern physical protection systems. Softw. Syst. Model., 1–34 (2016). doi: 10.1007/s10270-016-0572-7
  8. 8.
    Ferry, N., Song, H., Rossini, A., Chauvel, F., Solberg, A.: CloudMF: applying MDE to tame the complexity of managing multi-cloud applications. In: IEEE/ACM 7th International Conference on Utility and Cloud Computing (UCC), pp. 269–277. IEEE (2014)Google Scholar
  9. 9.
    International Organization for Standardization. ISO/IEC 27001: Information technology Security techniques Information security management systems Requirements (2013)Google Scholar
  10. 10.
    International Organization for Standardization: ISO/IEC 27002:2013 Information Technology. Security Techniques, Code of Practice for Information Security Management (2013)Google Scholar
  11. 11.
    Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002). doi: 10.1007/3-540-45800-X_32 CrossRefGoogle Scholar
  12. 12.
    Kotenko, I., Stepashkin, M.: Attack graph based evaluation of network security. In: Leitold, H., Markatos, E.P. (eds.) CMS 2006. LNCS, vol. 4237, pp. 216–227. Springer, Heidelberg (2006). doi: 10.1007/11909033_20 CrossRefGoogle Scholar
  13. 13.
    Liu, Y., Man, H.: Network vulnerability assessment using Bayesian networks. In: Defense and Security, pp. 61–71. International Society for Optics and Photonics (2005)Google Scholar
  14. 14.
    National Institute of Standards Technology. NIST SP-800-53: Recommended Security Controls for Federal Information Systems (2013)Google Scholar
  15. 15.
    Nicol, D.M., Sanders, W.H., Trivedi, K.S.: Model-based evaluation: from dependability to security. IEEE Trans. Dependable Secure Comput. 1(1), 48–65 (2004)CrossRefGoogle Scholar
  16. 16.
    Rodríguez, R.J., Merseguer, J., Bernardi, S.: Modelling security of critical infrastructures: a survivability assessment. Comput. J. 58(10), 2313–2327 (2015)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Valentina Casola
    • 1
  • Alessandra De Benedictis
    • 1
    Email author
  • Roberto Nardone
    • 1
  1. 1.Department of Electrical Engineering and Information TechnologyUniversità di Napoli Federico IINaplesItaly

Personalised recommendations