3,794 research outputs found
Recommended from our members
Opinion Model Based Security Reputation Enabling Cloud Broker Architecture
A MAS-Based Cloud Service Brokering System to Respond Security Needs of Cloud Customers
Cloud computing is becoming a key factor in computer science and an important technology for many organizations to deliver different types of services. The companies which provide services to customers are called as cloud service providers. The cloud users (CUs) increase and require secure, reliable and trustworthy cloud service providers (CSPs) from the market. So, it’s a challenge for a new customer to choose the highly secure provider. This paper presents a cloud service brokering system in order to analyze and rank the secured cloud service provider among the available providers list. This model uses an autonomous and flexible agent in multi-agent system (MASs) that have an intelligent behavior and suitable tools for helping the brokering system to assess the security risks for the group of cloud providers which make decision of the more secured provider and justify the business needs of users in terms of security and reliability
Threats Management Throughout the Software Service Life-Cycle
Software services are inevitably exposed to a fluctuating threat picture.
Unfortunately, not all threats can be handled only with preventive measures
during design and development, but also require adaptive mitigations at
runtime. In this paper we describe an approach where we model composite
services and threats together, which allows us to create preventive measures at
design-time. At runtime, our specification also allows the service runtime
environment (SRE) to receive alerts about active threats that we have not
handled, and react to these automatically through adaptation of the composite
service. A goal-oriented security requirements modelling tool is used to model
business-level threats and analyse how they may impact goals. A process flow
modelling tool, utilising Business Process Model and Notation (BPMN) and
standard error boundary events, allows us to define how threats should be
responded to during service execution on a technical level. Throughout the
software life-cycle, we maintain threats in a centralised threat repository.
Re-use of these threats extends further into monitoring alerts being
distributed through a cloud-based messaging service. To demonstrate our
approach in practice, we have developed a proof-of-concept service for the Air
Traffic Management (ATM) domain. In addition to the design-time activities, we
show how this composite service duly adapts itself when a service component is
exposed to a threat at runtime.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems
Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security
assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security
mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps
framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include
the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any)
and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security
level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received
funding from the European Union’s Horizon 2020 research
and innovation programme under grant agreement No 644429
and No 780351, MUSA project and ENACT project,
respectively. We would also like to acknowledge all the
members of the MUSA Consortium and ENACT Consortium
for their valuable help
Investigating Cloud Access Security Broker In A Healthcare Service : Creating A Cloud Access Security Broker (CASB) Discussion Frame-work For Evaluating Security in Cloud Healthcare Services
Master's thesis in Cyber security (IKT523)Covid-19 accentuated the importance of accessible services, causing a major increase in the adoption of cloud services for enterprises. Cloud computing is a new paradigm that promises significant benefits for organizations in healthcare services. However, cloud computing also transforms enterprise architectures and introduces new problems of information security. Decision-makers in a large healthcare service provider need to justify decisions on cloud adoption, but such a task is convoluted given the different views on cloud computing and the potential impact of cyberthreats on critical infrastructures. As a consequence, cloud security controls need to be selected and implemented to complement cloud services. Our research focuses on the decision-making process for selecting a Cloud Access Security Broker (CASB) in a large public healthcare ICT provider in Norway. This thesis applies Action Design Research (ADR) to design a decision support tool for cloud security control selection in healthcare organizations. The result is a framework for evaluating cloud security controls that facilitates the decision-making process by considering multiple aspects of enterprise security architectures. Participants in the decision-making process can achieve a common understanding of cloud security control and a tailored assessment of how the cloud will impact information security in the organization. We present the design process and apply the framework to the CASB selection problem. As a practical implication, our findings suggest that selecting a cloud security control in a healthcare service provider is an ill-structured or “wicked” problem that requires a unique problem-solving approac
A gap analysis of Internet-of-Things platforms
We are experiencing an abundance of Internet-of-Things (IoT) middleware
solutions that provide connectivity for sensors and actuators to the Internet.
To gain a widespread adoption, these middleware solutions, referred to as
platforms, have to meet the expectations of different players in the IoT
ecosystem, including device providers, application developers, and end-users,
among others. In this article, we evaluate a representative sample of these
platforms, both proprietary and open-source, on the basis of their ability to
meet the expectations of different IoT users. The evaluation is thus more
focused on how ready and usable these platforms are for IoT ecosystem players,
rather than on the peculiarities of the underlying technological layers. The
evaluation is carried out as a gap analysis of the current IoT landscape with
respect to (i) the support for heterogeneous sensing and actuating
technologies, (ii) the data ownership and its implications for security and
privacy, (iii) data processing and data sharing capabilities, (iv) the support
offered to application developers, (v) the completeness of an IoT ecosystem,
and (vi) the availability of dedicated IoT marketplaces. The gap analysis aims
to highlight the deficiencies of today's solutions to improve their integration
to tomorrow's ecosystems. In order to strengthen the finding of our analysis,
we conducted a survey among the partners of the Finnish IoT program, counting
over 350 experts, to evaluate the most critical issues for the development of
future IoT platforms. Based on the results of our analysis and our survey, we
conclude this article with a list of recommendations for extending these IoT
platforms in order to fill in the gaps.Comment: 15 pages, 4 figures, 3 tables, Accepted for publication in Computer
Communications, special issue on the Internet of Things: Research challenges
and solution
Cloudbus Toolkit for Market-Oriented Cloud Computing
This keynote paper: (1) presents the 21st century vision of computing and
identifies various IT paradigms promising to deliver computing as a utility;
(2) defines the architecture for creating market-oriented Clouds and computing
atmosphere by leveraging technologies such as virtual machines; (3) provides
thoughts on market-based resource management strategies that encompass both
customer-driven service management and computational risk management to sustain
SLA-oriented resource allocation; (4) presents the work carried out as part of
our new Cloud Computing initiative, called Cloudbus: (i) Aneka, a Platform as a
Service software system containing SDK (Software Development Kit) for
construction of Cloud applications and deployment on private or public Clouds,
in addition to supporting market-oriented resource management; (ii)
internetworking of Clouds for dynamic creation of federated computing
environments for scaling of elastic applications; (iii) creation of 3rd party
Cloud brokering services for building content delivery networks and e-Science
applications and their deployment on capabilities of IaaS providers such as
Amazon along with Grid mashups; (iv) CloudSim supporting modelling and
simulation of Clouds for performance studies; (v) Energy Efficient Resource
Allocation Mechanisms and Techniques for creation and management of Green
Clouds; and (vi) pathways for future research.Comment: 21 pages, 6 figures, 2 tables, Conference pape
- …