Framework for Security Transparency in Cloud Computing

The migration of sensitive data and applications from the on-premise data centre to a cloud environment increases cyber risks to users, mainly because the cloud environment is managed and maintained by a third-party. In particular, the partial surrender of sensitive data and application to a cloud environment creates numerous concerns that are related to a lack of security transparency. Security transparency involves the disclosure of information by cloud service providers about the security measures being put in place to protect assets and meet the expectations of customers. It establishes trust in service relationship between cloud service providers and customers, and without evidence of continuous transparency, trust and confidence are affected and are likely to hinder extensive usage of cloud services. Also, insufficient security transparency is considered as an added level of risk and increases the difficulty of demonstrating conformance to customer requirements and ensuring that the cloud service providers adequately implement security obligations. The research community have acknowledged the pressing need to address security transparency concerns, and although technical aspects for ensuring security and privacy have been researched widely, the focus on security transparency is still scarce. The relatively few literature mostly approach the issue of security transparency from cloud providers’ perspective, while other works have contributed feasible techniques for comparison and selection of cloud service providers using metrics such as transparency and trustworthiness. However, there is still a shortage of research that focuses on improving security transparency from cloud users’ point of view. In particular, there is still a gap in the literature that (i) dissects security transparency from the lens of conceptual knowledge up to implementation from organizational and technical perspectives and; (ii) support continuous transparency by enabling the vetting and probing of cloud service providers’ conformity to specific customer requirements. The significant growth in moving business to the cloud – due to its scalability and perceived effectiveness – underlines the dire need for research in this area. This thesis presents a framework that comprises the core conceptual elements that constitute security transparency in cloud computing. It contributes to the knowledge domain of security transparency in cloud computing by proposing the following. Firstly, the research analyses the basics of cloud security transparency by exploring the notion and foundational concepts that constitute security transparency. Secondly, it proposes a framework which integrates various concepts from requirement engineering domain and an accompanying process that could be followed to implement the framework. The framework and its process provide an essential set of conceptual ideas, activities and steps that can be followed at an organizational level to attain security transparency, which are based on the principles of industry standards and best practices. Thirdly, for ensuring continuous transparency, the thesis proposes an essential tool that supports the collection and assessment of evidence from cloud providers, including the establishment of remedial actions for redressing deficiencies in cloud provider practices. The tool serves as a supplementary component of the proposed framework that enables continuous inspection of how predefined customer requirements are being satisfied. The thesis also validates the proposed security transparency framework and tool in terms of validity, applicability, adaptability, and acceptability using two different case studies. Feedbacks are collected from stakeholders and analysed using essential criteria such as ease of use, relevance, usability, etc. The result of the analysis illustrates the validity and acceptability of both the framework and tool in enhancing security transparency in a real-world environment

An Integrated Cybersecurity Risk Management (I-CSRM) Framework for Critical Infrastructure Protection

Risk management plays a vital role in tackling cyber threats within the Cyber-Physical System (CPS) for overall system resilience. It enables identifying critical assets, vulnerabilities, and threats and determining suitable proactive control measures to tackle the risks. However, due to the increased complexity of the CPS, cyber-attacks nowadays are more sophisticated and less predictable, which makes risk management task more challenging. This research aims for an effective Cyber Security Risk Management (CSRM) practice using assets criticality, predication of risk types and evaluating the effectiveness of existing controls. We follow a number of techniques for the proposed unified approach including fuzzy set theory for the asset criticality, machine learning classifiers for the risk predication and Comprehensive Assessment Model (CAM) for evaluating the effectiveness of the existing controls. The proposed approach considers relevant CSRM concepts such as threat actor attack pattern, Tactic, Technique and Procedure (TTP), controls and assets and maps these concepts with the VERIS community dataset (VCDB) features for the purpose of risk predication. Also, the tool serves as an additional component of the proposed framework that enables asset criticality, risk and control effectiveness calculation for a continuous risk assessment. Lastly, the thesis employs a case study to validate the proposed i-CSRM framework and i-CSRMT in terms of applicability. Stakeholder feedback is collected and evaluated using critical criteria such as ease of use, relevance, and usability. The analysis results illustrate the validity and acceptability of both the framework and tool for an effective risk management practice within a real-world environment. The experimental results reveal that using the fuzzy set theory in assessing assets' criticality, supports stakeholder for an effective risk management practice. Furthermore, the results have demonstrated the machine learning classifiers’ have shown exemplary performance in predicting different risk types including denial of service, cyber espionage, and Crimeware. An accurate prediction can help organisations model uncertainty with machine learning classifiers, detect frequent cyber-attacks, affected assets, risk types, and employ the necessary corrective actions for its mitigations. Lastly, to evaluate the effectiveness of the existing controls, the CAM approach is used, and the result shows that some controls such as network intrusion, authentication, and anti-virus show high efficacy in controlling or reducing risks. Evaluating control effectiveness helps organisations to know how effective the controls are in reducing or preventing any form of risk before an attack occurs. Also, organisations can implement new controls earlier. The main advantage of using the CAM approach is that the parameters used are objective, consistent and applicable to CPS

Feasibility analysis of using microcircuit technology in logistics applications/radio frequency (MITLA/RF) to support equipment maintenance management

This thesis presents the background, criteria, and baseline recommendations for a Microcircuit Technology in Logistics Application/Radio Frequency (MITLA/RF) proposal to support developing maintenance management doctrine. Its main thrust is a preliminary feasibility analysis of MITLA/RF to identify key issues with regard to maintenance operations within emerging Operational Maneuver From The Sea (OMFTS) concepts. This thesis surveys current requirements, information systems initiatives, test/evaluation results, implementation issues, and technology tradeoffs. It offers alternatives to reliance on manual record keeping and frameworks for enhancing horizontal/ vertical information flows, explores several near real-time interactive decision making tools, and suggests doctrinal improvements through a fusion of procedural and high-tech approaches. This study is an outline for melding policy change with the state-of-the-art technology required to successfully support emerging Combat Service Support (CSS) operations.http://archive.org/details/feasibilitynalys1094539655Major, United States Marine CorpsCaptain, United States Marine Corps.Approved for public release; distribution is unlimited

Connecting the Dots: An Assessment of Cyber-risks in Networked Building and Municipal Infrastructure Systems

The buildings and city streets we walk down are changing. Driven by various data-driven use cases, there is increased interest in networking and integrating lighting and other building systems (e.g., heating, ventilation, and air conditioning (HVAC), security, scheduling) that were previously not internet-facing, and equipping them with sensors that collect information about their environment and the people that inhabit it. These data-enabled systems can potentially deliver improved occupant and resident experiences and help meet the U.S. Department of Energy (DOE) national energy and carbon reduction goals. Deploying connected devices new to being networked, however, is not without its challenges. This paper explores tools available to system designers and integrators that facilitate a cybersecurity landscape assessment – or more specifically the identification of threats, vulnerabilities, and adversarial behaviors that could be used against these networked systems. These assessments can help stakeholders shift security prioritization proactively toward the beginning of the development process

Tactics, Techniques and Procedures (TTPs) to Augment Cyber Threat Intelligence (CTI): A Comprehensive Study

Sharing Threat Intelligence is now one of the biggest trends in cyber security industry. Today, no one can deny the necessity for information sharing to fight the cyber battle. The massive production of raw and redundant data coupled with the increasingly innovative attack vectors of the perpetrators demands an ecosystem to scrutinize the information, detect and react to take a defensive stance. Having enough sources for threat intelligence or having too many security tools are the least of our problems. The main challenge lies in threat knowledge management, interoperability between different security tools and then converting these filtered data into actionable items across multiple devices. Large datasets may help filtering the massive information gathering, open standards may somewhat facilitate the interoperability issues, and machine learning may partly aid the learning of malicious traits and features of attack, but how do we coordinate the actionable responses across devices, networks, and other ecosystems to be proactive rather than reactive? This paper presents a study of current threat intelligence landscape (Tactic), information sources, basic Indicators of Compromise (IOCs) (Technique) and STIX and TAXII standard as open source frameworks (Procedure) to augment Cyber Threat Intelligence (CTI) sharing

Strategic Research Agenda for organic food and farming

The TP Organics Strategic Research Agenda (SRA) was finalised in December 2009. The purpose of the Strategic Research Agenda (SRA) is to enable research, development and knowledge transfer that will deliver relevant outcomes – results that will contribute to the improvement of the organic sector and other low external input systems. The document has been developed through a dynamic consultative process that ran from 2008 to 2009. It involved a wide range of stakeholders who enthusiastically joined the effort to define organic research priorities. From December 2008 to February; the expert groups elaborated the first draft. The consultative process involved the active participation of many different countries. Consultation involved researchers, advisors, members of inspection/certification bodies, as well as different users/beneficiaries of the research such as farmers, processors, market actors and members of civil society organisations throughout Europe and further afield in order to gather the research needs of the whole organic sector

A hybrid model for information security risk assessment

Many industry standards and methodologies were introduced which has brought forth the management of threats assessment and risk management of information assets in a systematic manner. This paper will review and analyze the main processes followed in IT risk management frameworks from the perspective of the threat analysis process using a threat modeling methodology. In this study, the authors propose a new assessment model which shows that systematic threat analysis is an essential element to be considered as an integrated process within IT risk management frameworks. The new proposed model complements and fulfills the gap in the practice of assessing information security risks

Power system stability scanning and security assessment using machine learning

Future grids planning requires a major departure from conventional power system planning, where only a handful of the most critical scenarios is analyzed. To account for a wide range of possible future evolutions, scenario analysis has been proposed in many industries. As opposed to the conventional power system planning, where the aim is to find an optimal transmission and/or generation expansion plan for an existing grid, the aim in future grids scenario analysis is to analyze possible evolution pathways to inform power system planning and policy making. Therefore, future grids’ planning may involve large amount of scenarios and the existing planning tools may no longer suitable. Other than the raised future grids’ planning issues, operation of future grids using conventional tools is also challenged by the new features of future grids such as intermittent generation, demand response and fast responding power electronic plants which lead to much more diverse operation conditions compared to the existing networks. Among all operation issues, monitoring stability as well as security of a power system and action with deliberated preventive or remedial adjustment is of vital important. On- line Dynamic Security Assessment (DSA) can evaluate security of a power system almost instantly when current or imminent operation conditions are supplied. The focus of this dissertation are, for future grid planning, to develop a framework using Machine Learning (ML) to effectively assess the security of future grids by analyzing a large amount of the scenarios; for future grids operation, to propose approaches to address technique issues brought by future grids’ diverse operation conditions using ML techniques. Unsupervised learning, supervised learning and semi-supervised learning techniques are utilized in a set of proposed planning and operation security assessment tools