8 research outputs found
Integrating Security Risk Management into Business Process Management for the Cloud
Abstract-Security issues are still preventing wider adoption of cloud computing, especially for businesses which are handling sensitive information. Indeed, by outsourcing its information system (IS), a company can lose control over its infrastructure, its software or even its data. Therefore, new methods and tools need to be defined to respond to this challenge. In this paper we propose to integrate Security Risk Management approaches into Business Process Management to effectively treat security issues at the early phases of the Information System construction. We focus on cloud brokers, emerging actors of the cloud delivery model, who enhance and aggregate existing cloud services to match them with their cloud consumers' requirements. Our main goal is to provide them with tools and techniques to increase the global security level of an IS through different risk treatment strategies
Quantitative analysis of distributed systems
PhD ThesisComputing Science addresses the security of real-life systems by using
various security-oriented technologies (e.g., access control solutions
and resource allocation strategies). These security technologies
signficantly increase the operational costs of the organizations in
which systems are deployed, due to the highly dynamic, mobile and
resource-constrained environments. As a result, the problem of designing
user-friendly, secure and high efficiency information systems
in such complex environment has become a major challenge for the
developers.
In this thesis, firstly, new formal models are proposed to analyse the
secure information
flow in cloud computing systems. Then, the opacity of work
flows in cloud computing systems is investigated, a threat
model is built for cloud computing systems, and the information leakage
in such system is analysed. This study can help cloud service
providers and cloud subscribers to analyse the risks they take with
the security of their assets and to make security related decision.
Secondly, a procedure is established to quantitatively evaluate the
costs and benefits of implementing information security technologies.
In this study, a formal system model for data resources in a dynamic
environment is proposed, which focuses on the location of different
classes of data resources as well as the users. Using such a model, the
concurrent and probabilistic behaviour of the system can be analysed.
Furthermore, efficient solutions are provided for the implementation of
information security system based on queueing theory and stochastic
Petri nets. This part of research can help information security officers
to make well judged information security investment decisions
A Multi-Level Security Model for Partitioning Workflows over Federated Clouds
Cloud computing has the potential to provide low-cost, scalable computing, but cloud security is a major area of concern. Many organizations are therefore considering using a combination of a secure internal cloud, along with (what they perceive to be) less secure public clouds. However, this raises the issue of how to partition applications across a set of clouds, while meeting security requirements. Currently, this is usually done on an ad-hoc basis, which is potentially error-prone, or for simplicity the whole application is deployed on a single cloud, so removing the possible performance and availability benefits of exploiting multiple clouds within a single application. This paper describes an alternative to ad-hoc approaches -- a method that determines all ways in which applications structured as workflows can be partitioned over the set of available clouds such that security requirements are met. The approach is based on a Multi-Level Security model that extends Bell-LaPadula to encompass cloud computing. This includes introducing workflow transformations that are needed where data is communicated between clouds. In specific cases these transformations can result in security breaches, but the paper describes how these can be detected. Once a set of valid options has been generated, a cost model is used to rank them. The method has been implemented in a tool, which is described in the paper
An analysis of the potential impact of data protection and data security law reform to the position of employees in Indonesian cloud computing industry
Cloud computing has raised both technological and legal issues in its implementation. The readiness and the awareness of the legal effect of the implementation of cloud computing in the workplace should be distributed and applied among the employees, most importantly, the policy makers. They have a significant duty to create full legal awareness by making sure all the employees have complied with the regulations and policies. This study sought to determine whether there was adequate support from the Information and communications technology (ICT) companies in Indonesia for their employees, related to their understanding of and readiness for the implementation of cloud computing, data security and data protection. This thesis analyses the extent to which the Indonesian cloud computing industry would be affected by wide-ranging data protection and data security law reforms, and to evaluate the potential effect that data protection and data security law reform could have on the position of employees in the sector. This study uses empirical legal research to analyse the implications of the development of cloud computing, especially for data security and data protection frameworks in the ICT industry. It studies the relevant law and uses interviews to reveal up-to-date data and depict the real situation in the workplace. This thesis examine the regulation and policy in the European Union and United Kingdom, since they have developed a robust set of protections in data security and data protection. Classical content analysis is used to examine the transcripts from semi-structured interviews and data from legal documents and employment policies. The findings of the research support the growth of ICT employees’ skills and the growth of the cloud computing industry in Indonesia and highlight the implementation of legal aspects in ICT companies and the effect of the development of technology from the policy makers’ perspective
Homomorphic encryption in algebraic settings
PhD ThesisCryptography methods have been around for a long time to protect sensitive data. With
data sets becoming increasingly large we wish to not only store sensitive data in public
clouds but in fact, analyse and compute there too. The idea behind homomorphic encryption
is that encryption preserves the structure and allows us to perform the same
operations on ciphertext as we would on the plaintext. A lot of the work so far restricts
the operations that can be performed correctly on ciphertexts. The goal of this thesis is
to explore methods for encryption which should greatly increase the amount of analysis
and computation that can be performed on ciphertexts.
First of all, we will consider the implications of quantum computers on cryptography.
There has already been research conducted into quantum-resistant encryption methods.
The particular method we will be interested in is still classical. We are assuming these
schemes are going to be used in a post-quantum world anyway, we look at how we can use
the quantum properties to improve the cryptosystem. More speci cally, we aim to remove
a restriction that naturally comes with the scheme restricting how many operations we
can perform on ciphertexts.
Secondly, we propose a key exchange protocol that works in a polynomial ideal setting.
We do this so that the key can be used for a homomorphic cryptography protocol. The
advantage of using key exchange over a public key system is that a large proportion of the
process needs to be carried out only once instead of needing a more complicated encryption
function to use for each piece of data. Polynomial rings are an appropriate choice of
structure for this particular type of scheme as they allow us to do everything we need. We
will examine how we can perform computation correctly on ciphertexts and address some
of the potential weaknesses of such a process.
Finally after establishing a fully homomorphic encryption system we will take a more
in-depth look at complexity. Measuring the complexity of mathematical problems is, of
course, crucial in cryptography, but the choice of measure is something we need to consider
seriously. In the nal chapter we will look at generic complexity as its gives us a good feel
for how di cult the typical instances of a problem are to solve.Engineering and Physical Sciences Research Council, Centre
for Doctoral Training in Cloud Computing for Big Dat
Tools and techniques for analysing the impact of information security
PhD ThesisThe discipline of information security is employed by organisations to protect the confidentiality,
integrity and availability of information, often communicated in the form of
information security policies. A policy expresses rules, constraints and procedures to guard
against adversarial threats and reduce risk by instigating desired and secure behaviour of
those people interacting with information legitimately. To keep aligned with a dynamic threat
landscape, evolving business requirements, regulation updates, and new technologies a policy
must undergo periodic review and change. Chief Information Security Officers (CISOs) are
the main decision makers on information security policies within an organisation. Making
informed policy modifications involves analysing and therefore predicting the impact of those
changes on the success rate of business processes often expressed as workflows. Security
brings an added burden to completing a workflow. Adding a new security constraint may
reduce success rate or even eliminate it if a workflow is always forced to terminate early. This
can increase the chances of employees bypassing or violating a security policy. Removing an
existing security constraint may increase success rate but may may also increase the risk to
security. A lack of suitably aimed impact analysis tools and methodologies for CISOs means
impact analysis is currently a somewhat manual and ambiguous procedure. Analysis can
be overwhelming, time consuming, error prone, and yield unclear results, especially when
workflows are complex, have a large workforce, and diverse security requirements. This
thesis considers the provision of tools and more formal techniques specific to CISOs to help
them analyse the impact modifying a security policy has on the success rate of a workflow.
More precisely, these tools and techniques have been designed to efficiently compare the
impact between two versions of a security policy applied to the same workflow, one before,
the other after a policy modification.
This work focuses on two specific types of security impact analysis. The first is quantitative
in nature, providing a measure of success rate for a security constrained workflow
which must be executed by employees who may be absent at runtime. This work considers
quantifying workflow resiliency which indicates a workflow’s expected success rate assuming
the availability of employees to be probabilistic. New aspects of quantitative resiliency are introduced in the form of workflow metrics, and risk management techniques to manage
workflows that must work with a resiliency below acceptable levels. Defining these risk
management techniques has led to exploring the reduction of resiliency computation time and
analysing resiliency in workflows with choice. The second area of focus is more qualitative,
in terms of facilitating analysis of how people are likely to behave in response to security
and how that behaviour can impact the success rate of a workflow at a task level. Large
amounts of information from disparate sources exists on human behavioural factors in a
security setting which can be aligned with security standards and structured within a single
ontology to form a knowledge base. Consultations with two CISOs have been conducted,
whose responses have driven the implementation of two new tools, one graphical, the other
Web-oriented allowing CISOs and human factors experts to record and incorporate their
knowledge directly within an ontology. The ontology can be used by CISOs to assess the
potential impact of changes made to a security policy and help devise behavioural controls
to manage that impact. The two consulted CISOs have also carried out an evaluation of the
Web-oriented tool.
vii