A quantitative framework for security assurance evaluation and selection of cloud services: a case study

Due to the high adoption of cloud services, the protection of data and information is critical. Cloud service customers (CSCs) need help to obtain the authoritative assurances required for the cloud services and negotiate the cloud service contract based on the terms and conditions set by cloud service providers (CSPs). Several standards and guidelines are available for assessing cloud security. However, most of these standards and guidelines are complex and time-consuming to select a service or make an informed decision for CSCs. Moreover, the existing methods are insufficient to solve this problem because they are process-oriented, neglect the importance of stakeholder requirements, and lack a comprehensive and rigid analytic method that can aid decision-makers in making the right decisions. In this paper, we developed two evaluation techniques: (i) a quantitative cloud security assurance method to assess the security level of cloud services by measuring the critical security properties and (ii) a novel and rigid categorical analytical method that enables CSPs to identify the major problems in the system and assess how much gain can be achieved by solving each of them. The cloud security assurance method is based on two important metrics: security requirement and vulnerability. It assists CSCs in avoiding severe mistakes and making informed decisions while selecting a cloud service. Moreover, these methods support CSPs in improving the security level of cloud services and meet customer requirements. The proposed methods are validated using different case scenarios on a private cloud platform.

     

A novel approach to manage cloud security SLA incidents

Cloud computing is increasingly playing an important role in the service provisioning domain given the economic and technological benefits it offers. The popularity of cloud services is increasing but so are their customers’ concerns about security assurance and transparency of the Cloud Service Providers (CSPs). This is especially relevant in the case of critical services that are progressively moving to the cloud. Examples include the integrated European air traffic control system or public administrations through the governmental clouds. Recent efforts aim to specify security in cloud by using security service level agreements (secSLAs). However, the paucity of approaches to actually control the fulfillment of secSLAs and to react in case of security breaches, often results in distrust in cloud services. In this paper, we present a solution to monitor and enforce the fulfillment of secSLAs. Our framework is able to (a) detect occurrences that lead to unfulfillment of commitments, and (b) also provide mitigation to the harmful events that may or do compromise the validity of secSLAs.     

Empirical evaluation of a cloud computing information security governance framework

ContextCloud computing is a thriving paradigm that supports an efficient way to provide IT services by introducing on-demand services and flexible computing resources. However, significant adoption of cloud services is being hindered by security issues that are inherent to this new paradigm. In previous work, we have proposed ISGcloud, a security governance framework to tackle cloud security matters in a comprehensive manner whilst being aligned with an enterprise’s strategy.ObjectiveAlthough a significant body of literature has started to build up related to security aspects of cloud computing, the literature fails to report on evidence and real applications of security governance frameworks designed for cloud computing environments. This paper introduces a detailed application of ISGCloud into a real life case study of a Spanish public organisation, which utilises a cloud storage service in a critical security deployment.MethodThe empirical evaluation has followed a formal process, which includes the definition of research questions previously to the framework’s application. We describe ISGcloud process and attempt to answer these questions gathering results through direct observation and from interviews with related personnel.ResultsThe novelty of the paper is twofold: on the one hand, it presents one of the first applications, in the literature, of a cloud security governance framework to a real-life case study along with an empirical evaluation of the framework that proves its validity; on the other hand, it demonstrates the usefulness of the framework and its impact to the organisation.ConclusionAs discussed on the paper, the application of ISGCloud has resulted in the organisation in question achieving its security governance objectives, minimising the security risks of its storage service and increasing security awareness among its users.     

MMLT: A mutual multilevel trust framework based on trusted third parties in multicloud environments

In this article, a mutual multilevel trust framework is proposed, which involves managing trust from the perspective of cloud users (CUs) and cloud service providers (CSPs) in a multicloud environment based on a set of trusted third parties (TTPs). These independent agents are trusted by CUs and CSPs and distributed on different clouds. The TTPs evaluate the CUs' trustworthiness based on the accuracy of feedback ratings and assess the CSPs' trustworthiness based on the quality of service monitoring information. They are connected themselves through the trusted release network, which enables a TTP to obtain trust information about CSPs and CUs from other clouds. With the objective of developing an effective trust management framework, a new approach has been provided to improve trust-based interactions, that is, able to rank the trusted cloud services (CSs) based on CU's priorities via fuzzy logic. Fuzzy logic is applied to manage the different priorities of CUs, all the CUs do not have the same priorities to use trusted CSs. Customizing service ranking allows CUs to apply trusted CSs based on their priorities. Experiments on real datasets well matched the analytical results, indicating that our proposed approach is effective and outperforms the existing approaches.     

Taking value-networks to the cloud services: security services, semantics and service level agreements

Cloud services have become an emerging solution for organizations striving to address today’s need for agility, but little research has addressed transitioning multiple, collaborating organizations to what can be referred to as a “value-network cloud.” We know that organizations adopting cloud services to execute business processes must concomitantly reconfigure their security solutions for their integrated intra- and inter-organizational collaborations. We address the question, “What is needed to make it possible for an entire value-network to take secure, collaborative business process executions to the cloud?” Future value-network cloud solutions will require completely new security approaches that will leverage contracted brokering solutions operating as part of the cloud solution. We view value-network cloud security service provisioning as a bundle decision characterized by a mix of communication patterns relevant to intra- and inter-enterprise collaboration. We propose a cloud service broker model—using semantics and SLA based middleware—to serve as a trusted interface between the enterprise, cloud service providers and other organizations collaborating in a value-network. The approach enables IT governance for value-network cloud services. The architectural requirements adapt design principles for infrastructure management tailored from approaches to how business cartels historically conducted secure business dealings.     

Adaptable,model-driven security engineering for SaaS cloud-based applications

Software-as-a-service (SaaS) multi-tenancy in cloud-based applications helps service providers to save cost, improve resource utilization, and reduce service customization and maintenance time. This is achieved by sharing of resources and service instances among multiple “tenants” of the cloud-hosted application. However, supporting multi-tenancy adds more complexity to SaaS applications required capabilities. Security is one of these key requirements that must be addressed when engineering multi-tenant SaaS applications. The sharing of resources among tenants—i.e. multi-tenancy—increases tenants’ concerns about the security of their cloud-hosted assets. Compounding this, existing traditional security engineering approaches do not fit well with the multi-tenancy application model where tenants and their security requirements often emerge after the applications and services were first developed. The resultant applications do not usually support diverse security capabilities based on different tenants’ needs, some of which may change at run-time i.e. after cloud application deployment. We introduce a novel model-driven security engineering approach for multi-tenant, cloud-hosted SaaS applications. Our approach is based on externalizing security from the underlying SaaS application, allowing both application/service and security to evolve at runtime. Multiple security sets can be enforced on the same application instance based on different tenants’ security requirements. We use abstract models to capture service provider and multiple tenants’ security requirements and then generate security integration and configurations at runtime. We use dependency injection and dynamic weaving via Aspect-Oriented Programming (AOP) to integrate security within critical application/service entities at runtime. We explain our approach, architecture and implementation details, discuss a usage example, and present an evaluation of our approach on a set of open source web applications.     

Evaluating cloud deployment scenarios based on security and privacy requirements

Migrating organisational services, data and application on the Cloud is an important strategic decision for organisations due to the large number of benefits introduced by the usage of cloud computing, such as cost reduction and on-demand resources. Despite, however, many benefits, there are challenges and risks for cloud adaption related to (amongst others) data leakage, insecure APIs and shared technology vulnerabilities. These challenges need to be understood and analysed in the context of an organisation’s security and privacy goals and relevant cloud computing deployment models. Although the literature provides a large number of references to works that consider cloud computing security issues, no work has been provided, to our knowledge, which supports the elicitation of security and privacy requirements and the selection of an appropriate cloud deployment model based on such requirements. This work contributes towards this gap. In particular, we propose a requirements engineering framework to support the elicitation of security and privacy requirements and the selection of an appropriate deployment model based on the elicited requirements. Our framework provides a modelling language that builds on concepts from requirements, security, privacy and cloud engineering, and a systematic process. We use a real case study, based on the Greek National Gazette, to demonstrate the applicability of our work.     

Strategic signaling through cloud service certifications: Comparing the relative importance of certifications’ assurances to companies and consumers

Cloud service certifications (CSCs) are assessed by practitioners to support strategic cloud adoption decisions with the aim to reduce information asymmetries. Both businesses and consumers scrutinize CSCs’ assurances as ex ante signals indicating a cloud provider’s future service quality. While some research has examined the aggregate effects of certifications on decision variables, recipients’ evaluations of certifications and their assurances before making IT-related decisions have received little attention. Furthermore, prior research has predominantly focused on privacy and security assurances in e-commerce certifications. Drawing on signaling theory, we propose that certifications are signals that recipients decompose into a set of fine-grained assurance signals that they weigh to evaluate certifications. We evaluate the responses of 113 company representatives and 317 consumers to a best-worst scaling survey to examine the relative importance these two groups attach to ten assurances from CSCs. Our results show that similar to other online contexts, security and privacy are important assurances, but additional assurances related to availability, the customer friendliness of contracts, and legal compliance are also demanded, particularly by companies. Privacy, security, and availability are most crucial to both companies and consumers, but their relative importance varies substantially between the two groups. Post-hoc subgroup analyses reveal significant differences in assurances’ relative importance for provider and user companies, adopter and non-adopter consumers as well as companies using different types of services and from different industries. Our findings indicate that recipients evaluate certifications as a bundle of signals with varying importance due to recipients’ characteristics and context. With this conceptualization, we contribute to an advanced understanding of the sense-making of certifications and lay out how it influences cloud service adoption theories. Our study has practical implications for certification authorities that design CSCs as well as for providing insights to cloud service providers on customers who draw on CSC assurances when making cloud service adoption decisions.     

Framework for cloud-based software test data generation service

This paper presents the framework of cloud-based software test data generation service (CSTS) that caters to cost-effective test data generation service in a cloud environment. In contrast to existing conventional or cloud-based testing frameworks, CSTS has a number of unique benefits. First, CSTS is designed to facilitate test data generation in minimum time and cost. Second, unlike existing frameworks which mandates clients to opt for resources to test their jobs, CSTS guides customer for selecting best cluster configuration in order to minimize the cost. While the existing models do not provide any solution for trust establishment in cloud computing services, CSTS delivers it by implementing security mechanism with the provision of role based access control. The security mechanism proposed in this paper ensures the protection of data and code of different users. Third, CSTS provides a mathematical pricing model to fulfill the expectations of customers and also to maximize the net profit of service providers. Cloud service request model has also been designed that postulates service level agreements between customers and service providers. We have evaluated, compared, and analyzed our framework and have found that it outperforms other existing cloud-based frameworks.     

Topological analysis of cloud service connectivity

Relying on services in the cloud involves manifold availability risks and concerns. This article focuses on the network reachability of cloud services. We present a study on cloud outages and causes, and analyze the topological connectivity of major cloud service providers (CSPs) by graph-based measures. Our approach is based on the construction and integration of an empirical dataset describing the connections between Autonomous Systems (ASs) of organizations that form the Internet backbone. According to our findings, though the ASs of CSPs generally appear to be better connected than an average AS, they also vastly differ in several connectivity measures, sometimes by more than an order of magnitude. Our results help to identify well-connected CSPs and CSPs that could potentially suffer more from Internet outages, if no additional path redundancy is provided. Our approach can be used by CSPs to assess connectivity beyond their own premises. It can also support cloud service customers during benchmarking and selection of CSPs when high availability is a critical requirement.     

Matchmaking semantic security policies in heterogeneous clouds

The adoption of the cloud paradigm to access IT resources and services has posed many security issues which need to be cared of. Security becomes even a much bigger concern when services built on top of many commercial clouds have to interoperate. Among others, the value of the service delivered to end customers is strongly affected by the security of network which providers are able to build in typical SOA contexts. Currently, every provider advertises its own security strategy by means of proprietary policies, which are sometimes ambiguous and very often address the security problem from a non-uniform perspective. Even policies expressed in standardized languages do not appear to fit a dynamic scenario like the SOA’s, where services need to be sought and composed on the fly in a way that is compatible with the end-to-end security requirements. We then propose an approach that leverages on the semantic technology to enrich standardized security policies with an ad-hoc content. The semantic annotation of policies enables machine reasoning which is then used for both the discovery and the composition of security-enabled services. In the presented approach the semantic enrichment of policies is enforced by an automatic procedure. We further developed a semantic framework capable of matchmaking in a smart way security capabilities of providers and security requirements of customers, and tested it on a use case scenario.     

云计算数据服务主动安全防御系统探讨

随着云计算数据服务的快速发展和应用,大大地改变了人们的工作、学习和生活模式。云计算数据服务带来极大便利的同时,也给人们带来了潜在的威胁,因此需要构建网络安全主动防御系统,提高网络安全性能。文章详细地分析了云计算数据服务面临的安全威胁,阐述了云计算服务平台主动安全防御系统及采用的技术,提高了云计算数据服务平台的安全性能。     

云服务安全性与可靠性的浅析

随着互联网的不断发展盛行,人类社会进入信息化时代.众多先进的信息技术不断被人们应用于生活的各个领域,它们不仅使人们的生活得到了很大改善,为人们的生活提供了很多便利之处,而且让网络技术得到了更广泛地发展、应用.然而,云服务在被人们使用的过程中出现了很多用户信息遗失和泄露等安全风险,云服务的安全性和可靠性受到人们的质疑.本文通过对云服务的安全性和可靠性进行思考,并借由学校云服务的运用探究云服务未来的发展.     

云WAF技术系统研究

如今云WAF已经开始正式商业化,它既是Web应用防火墙的云模式,也是一种全新的信息安全产品模式,已经具备了完善的功能定义和成熟的技术平台。云WAF服务提高了云计算的安全性,增强了应用的可用性和安全性,也提升了网络的总体安全性。云WAF正处于高速应用发展阶段,文章结合实际情况,针对云WAF平台的整体架构和具体技术策略进行了分析和探讨。     

CyberGuarder: A virtualization security assurance architecture for green cloud computing

As the sizes of IT infrastructure continue to grow, cloud computing is a natural extension of virtualisation technologies that enable scalable management of virtual machines over a plethora of physically connected systems. The so-called virtualisation-based cloud computing paradigm offers a practical approach to green IT/clouds, which emphasise the construction and deployment of scalable, energy-efficient network software applications (NetApp) by virtue of improved utilisation of the underlying resources. The latter is typically achieved through increased sharing of hardware and data in a multi-tenant cloud architecture/environment and, as such, accentuates the critical requirement for enhanced security services as an integrated component of the virtual infrastructure management strategy. This paper analyses the key security challenges faced by contemporary green cloud computing environments, and proposes a virtualisation security assurance architecture, CyberGuarder, which is designed to address several key security problems within the ‘green’ cloud computing context. In particular, CyberGuarder provides three different kinds of services; namely, a virtual machine security service, a virtual network security service and a policy based trust management service. Specifically, the proposed virtual machine security service incorporates a number of new techniques which include (1) a VMM-based integrity measurement approach for NetApp trusted loading, (2) a multi-granularity NetApp isolation mechanism to enable OS user isolation, and (3) a dynamic approach to virtual machine and network isolation for multiple NetApp’s based on energy-efficiency and security requirements. Secondly, a virtual network security service has been developed successfully to provide an adaptive virtual security appliance deployment in a NetApp execution environment, whereby traditional security services such as IDS and firewalls can be encapsulated as VM images and deployed over a virtual security network in accordance with the practical configuration of the virtualised infrastructure. Thirdly, a security service providing policy based trust management is proposed to facilitate access control to the resources pool and a trust federation mechanism to support/optimise task privacy and cost requirements across multiple resource pools. Preliminary studies of these services have been carried out on our iVIC platform, with promising results. As part of our ongoing research in large-scale, energy-efficient/green cloud computing, we are currently developing a virtual laboratory for our campus courses using the virtualisation infrastructure of iVIC, which incorporates the important results and experience of CyberGuarder in a practical context.     

安全服务云框架研究

在分析云计算环境面临的安全问题基础上,基于云计算服务模式提出了安全服务云框架,分析了安全服务云框架基本工作原理和应用模式,提出了基于安全服务器状态进行多点择优部署的安全服务云调度算法。通过仿真实验表明,所提算法在服务响应时间、系统负载均衡方面明显优于随机调度算法。     

个人云计算安全框架的研究

文章对个人云计算的安全进行了研究,分析了云计算所面临的安全威胁,以及目前主要云服务Amazon EC2的安全问题.同时,在归纳出云安全框架的要求基础上,完善了个人云计算安全框架的要求.最后,通过描述具有可扩展、云编排和安全等特性的服务模型构建了一种通用的个人云计算安全框架.     

A new multi-level trust management framework (MLTM) for solving the invalidity and sparse problems of user feedback ratings in cloud environments

Choosing a trusted cloud service provider (CSP) is a major challenge for cloud users (CUs) in the cloud environment, as many CSPs offer cloud services (CSs) with the same functionality. Trust evaluation of CSPs is often based on information from quality of service (QoS) monitoring and CUs’ feedback ratings. Despite the volume of feedback ratings received in trust management systems, the quality of feedback storage is very low, as many CUs do not send their feedback ratings when using CSs. Additionally, a percentage of existing feedback ratings may not be valid, since some malicious CUs send unfair feedback ratings to change the trust evaluation results. As these lead to poor data quality, the accuracy of trust evaluation results might be affected. To overcome these limitations, this paper proposes a new multi-level trust management framework, which completes previous frameworks by defining new components to improve the data quality of feedback storage. In our framework, new components were defined to solve the invalidity and sparse problems of feedback storage. Certainly, the trust assessment of CSP would be more accurate based on high-quality feedback ratings. The performance of the MLTM was evaluated using two different datasets based on a real Quality of Web Services dataset (QWS) and an artificial data set (Cloud-Armor), whose quality was reduced for the purpose of this study. Analytical values revealed that our proposed approach significantly outperformed other approaches even with the poor data quality of feedback storage.

     

A security policy framework for context-aware and user preferences in e-services

In today’s dynamic and distributed markets a large spectrum of services is delivered through information and communication technologies. Emerging markets of e-services lie at the intersection of non-traditional user behaviour, and cyber-partnerships of enterprises to deliver innovative services. Current approaches to manage and control security demonstrate lacks in terms of security policy matching and integration in heterogeneous e-service environments. In this paper, we introduce a framework to support role-based access control for distributed services focusing on the integration of customer preferences. The framework aims to collect and generate policy-based security measures in cross-organisational scenarios. In addition to catering to specifications of security and business policies, the ability to integrate contextual information and user preferences make the role-based framework flexible and express a variety of access policies that provide a just-in-time permission activation.