Medina: Improving cloud services trustworthiness through continuous audit-based certification

One of the reasons of the still limited adoption of Cloud Computing in the EU is the EU customers' perceived lack of security and transparency in this technology. Cloud service providers (CSPs) usually rely on security certifications as a mean to improve transparency and trustworthiness, however European CSPs still face multiple challenges for certifying their services (e.g., fragmentation in the certification market, and lack of mutual recognition). In this context, the EU Cybersecurity Act (EU CSA) proposes improving customer's trust in the European ICT market through a European certification scheme (EUCS). The proposed cloud security certification scheme conveys new technological challenges including the notion of automated monitoring for the whole supply chain, which needs to be solved in order to bring all the expected benefits to EU cloud providers and customers. In this context, MEDINA proposes a framework for supporting a continuous audit-based certification for CSPs based on EU CSA's scheme for cloud security certification. MEDINA will tackle challenges in areas like security validation/ testing, machine-readable certification language, cloud security performance, and audit evidence management. MEDINA will provide and empirically validate sustainable outcomes in order to benefit EU adopters.This work has been partially funded by the European project MEDINA (Horizon 2020 research and innovation Programme, under grant agreement no 952633)

Towards hybrid cloud service certification models

In this paper, we introduce a hybrid approach for certifying security properties of cloud services that combines monitoring and testing data. The paper argues about the need for hybrid certification and examines some basic characteristics of hybrid certification models

Towards trustworthy end-to-end communication in industry 4.0

Industry 4.0 considers integration of IT and control systems with physical objects, software, sensors and connectivity in order to optimize manufacturing processes. It provides advanced functionalities in control and communication for an infrastructure that handles multiple tasks in various locations automatically. Automatic actions require information from trustworthy sources. Thus, this work is focused on how to ensure trustworthy communication from the edge devices to the backend infrastructure. We derive a meta-model based on RAMI 4.0, which is used to describe an end-to-end communication use case for an Industry 4.0 application scenario and to identify dependabilities in case of security challenges. Furthermore, we evaluate secure messaging protocols and the integration of Trusted Platform Module (TPM) as a root of trust for dataexchange. We define a set of representative measurable indicator points based on existing standards and use them for automated dependability detection within the whole system

Unterstützung der Wissensarbeit durch Künstliche Intelligenz - Anforderungen an die Gestaltung maschinellen Lernens

Entwicklungen der Informationstechnologie stellen zunehmend Möglichkeiten bereit, den menschlichen „Wissensarbeiter“ durch kognitive Assistenzsysteme auf Basis Künstlicher Intelligenz (KI) in seinen Entscheidungen oder Aktionen zu unterstützen. Im vorliegenden Beitrag wollen wir beleuchten, welche Anforderungen an die zugrundeliegenden maschinellen Lernverfahren zu stellen sind, um die individuelle sowie gesellschaftliche Akzeptanz solcher „Augmented Intelligence“ zu gewährleisten

TOWARDS A BRIGHT FUTURE: ENHANCING DIFFUSION OF CONTINUOUS CLOUD SERVICE AUDITING BY THIRD PARTIES

Using cloud services empowers organizations to achieve various financial and technical benefits. Nonetheless, customers are faced with a lack of control since they cede control over their IT resources to the cloud providers. Independent third party assessments have been recommended as good means to counteract this lack of control. However, current third party assessments fail to cope with an ever-changing cloud computing environment. We argue that continuous auditing by third parties (CATP) is required to assure continuously reliable and secure cloud services. Yet, continuous auditing has been applied mostly for internal purposes, and adoption of CATP remains lagging behind. Therefore, we examine the adoption process of CATP by building on the lenses of diffusion of innovations theory as well as conducting a scientific database search and various interviews with cloud service experts. Our findings reveal that relative advantages, a high degree of compatibility and observability of CATP would strongly enhance adoption, while a high complexity and a limited trialability might hamper diffusion. We contribute to practice and research by advancing the understanding of the CATP adop-tion process by providing a synthesis of relevant attributes that influence adoption rate. More im-portantly, we provide recommendations on how to enhance the adoption process

Toward a Unified View of IS Certification: A Structured Literature Review on Theoretical Lenses

IS certifications are frequently used measures to alleviate consumers’ concerns or increase trust-worthiness toward service providers. Yet, scholarly work trying to understand the effects of IS certi-fication produces contradictory results. In particular, the diversity of theoretical lenses used renders it hard for researchers to stand on common ground. Utilizing a structured review of IS literature, we analyze more than 3100 articles to (1) identify commonly used theories for IS certification, (2) com-pare these theories using the certification ecosystem as conceptual basis, and (3) outline strengths and shortcomings of identified theoretical approaches. We contribute to the existent body of knowledge by presenting theoretical lenses in a structured way as well as evaluating their suitability in the context of IS certification. Our results suggest that some theories are well suited (e.g., Signal-ing Theory), yet researchers need to control for missing antecedents and avoid fragmentary use of theories. Further, we encourage researchers to draw on the Elaboration Likelihood Model and Cue Utilization/Consistency Theory as valuable, though underutilized theoretical lenses. Eventually, we suggest that future research should develop an integrated theoretical model since, according to our results, a blended theoretical lens may be most valuable to understand and predict the effectiveness of IS certification

Designing Monitoring Systems for Continuous Certification of Cloud Services: Deriving Meta-requirements and Design Guidelines

Continuous service certification (CSC) involves the consistently gathering and assessing certification-relevant information about cloud service operations to validate whether they continue to adhere to certification criteria. Previous research has proposed test-based CSC methodologies that directly assess the components of cloud service infrastructures. However, test-based certification requires that certification authorities can access the cloud infrastructure, which various issues may limit. To address these challenges, cloud service providers need to conduct monitoring-based CSC; that is, monitor their cloud service infrastructure to gather certification-relevant data by themselves and then provide these data to certification authorities. Nevertheless, we need to better understand how to design monitoring systems to enable cloud service providers to perform such monitoring. By taking a design science perspective, we derive universal meta-requirements and design guidelines for CSC monitoring systems based on findings from five expert focus group interviews with 33 cloud experts and 10 one-to-one interviews with cloud customers. With this study, we expand the current knowledge base regarding CSC and monitoring-based CSC. Our derived design guidelines contribute to the development of CSC monitoring systems and enable monitoring-based CSC that overcomes issues of prior test-based approaches

IoT Expunge: Implementing Verifiable Retention of IoT Data

The growing deployment of Internet of Things (IoT) systems aims to ease the daily life of end-users by providing several value-added services. However, IoT systems may capture and store sensitive, personal data about individuals in the cloud, thereby jeopardizing user-privacy. Emerging legislation, such as California's CalOPPA and GDPR in Europe, support strong privacy laws to protect an individual's data in the cloud. One such law relates to strict enforcement of data retention policies. This paper proposes a framework, entitled IoT Expunge that allows sensor data providers to store the data in cloud platforms that will ensure enforcement of retention policies. Additionally, the cloud provider produces verifiable proofs of its adherence to the retention policies. Experimental results on a real-world smart building testbed show that IoT Expunge imposes minimal overheads to the user to verify the data against data retention policies.Comment: This paper has been accepted in 10th ACM Conference on Data and Application Security and Privacy (CODASPY), 202

“Unblackboxing” Decision Makers’ Interpretations of IS Certifications in the Context of Cloud Service Certifications

IS literature has predominantly taken a black box perspective on IS certifications and studied their diverse set of outcomes, such as signaling superior quality and increased customer trust. As a result, there is little understanding about the structure of certifications and its role in decision makers’ evaluations of certifications to achieve these outcomes. However, idiosyncrasies of novel IT services, such as cloud services, create a need for “unblackboxing” certifications and theorizing about their constituting structural building blocks and structural elements, as well as examining key features that might lead to a more favorable evaluation of a certification by decision makers. To advance theory building on certifications, this article develops an empirically grounded typology of certifications’ key structural building blocks and structural elements, and examines how they interpret substantive features within these elements. Using evidence from 20 interviews with decision makers from a wide range of industries in the context of cloud service certifications, we find that a decision maker’s aggregate evaluation of a certification is a function of their interpretations of its features guided by cognitive interpretive schemas along six key structural elements, contrasted with the decision makers’ expectations regarding the certification’s outcomes. This study contributes by conceptualizing the necessary and sufficient elements of certifications, constructing a nascent theory on decision makers’ evaluations of certifications, and illuminating the dynamics between certifications’ structural elements and outcomes as a coevolutionary process. We discuss implications for the certification literature and give managerial advice regarding the factors to consider when designing and evaluating certifications