A Certification Framework for Cloud Security Properties: The Monitoring Path
| Autor: | Marina Egea, Khaled Mahbub, George Spanoudakis, Maria Rosa Vieira |
|---|---|
| Rok vydání: | 2015 |
| Předmět: |
Engineering
Cloud computing security business.industry Software as a service Certified Information Systems Security Professional Cloud computing 02 engineering and technology Trusted Computing Certification Service provider Computer security computer.software_genre Security service 020204 information systems 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing business computer |
| Zdroj: | Lecture Notes in Computer Science ISBN: 9783319171982 A4Cloud |
| DOI: | 10.1007/978-3-319-17199-9_3 |
| Popis: | In this paper we describe the structure and functionality of a certification integrated framework aimed to support the certification of security properties of a Cloud infrastructure (IaaS), a platform (PaaS), or the software layer (SaaS). Such framework will bring service users, service providers and cloud suppliers to work together with certification authorities in order to ensure security properties and certificates validity in the continuously evolving cloud environment. For this purpose, the framework relies on multiple types of evidence gathering with respect to security, e.g., testing services, monitoring agents or trusted computing proofs. In this paper we will focus only on the monitoring case and will illustrate its use. Yet, this framework is designed to be able to follow models for hybrid, incremental and multi-layer security certification since cloud security has to build upon the entire cloud stack. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|