The need of a certification process for cloud-based services is emerging as a way to address some of the remaining obstacles facing the effective development and diffusion of the cloud-computing paradigm. In this paper we move the first steps towards a complete approach containing a conceptual framework where the specifications of basic, hybrid and incremental certification models for cloud-based services can be given. Specifically, we focus on the definition of a unifying meta-model to provide representational guidelines for (i) the definition of the security properties to be certified (ii) the types of evidence underlying them (iii) the phases of the certificate life cycle, as well as of all mechanisms for generating supporting evidence.

Towards the certification of cloud services / S. Cimato, E. Damiani, F. Zavatarelli, R. Menicocci - In: 2013 IEEE ninth World congress on services : 27 june – 2 july 2013, Santa Clara, California : proceedingsLos Alamitos : Institute of electrical and electronics engineers, 2013. - ISBN 9780769550244. - pp. 92-97 (( Intervento presentato al 9. convegno IEEE World Congress on Services (SERVICES) tenutosi a Santa Clara, USA nel 2013 [10.1109/SERVICES.2013.16].

Towards the certification of cloud services

S. Cimato
Primo
;
E. Damiani
Secondo
;
F. Zavatarelli
Penultimo
;
2013

Abstract

The need of a certification process for cloud-based services is emerging as a way to address some of the remaining obstacles facing the effective development and diffusion of the cloud-computing paradigm. In this paper we move the first steps towards a complete approach containing a conceptual framework where the specifications of basic, hybrid and incremental certification models for cloud-based services can be given. Specifically, we focus on the definition of a unifying meta-model to provide representational guidelines for (i) the definition of the security properties to be certified (ii) the types of evidence underlying them (iii) the phases of the certificate life cycle, as well as of all mechanisms for generating supporting evidence.
meta-model; cloud computing; certificate; certification models
Settore INF/01 - Informatica
   Certification infrastrUcture for MUlti-Layer cloUd Services
   CUMULUS
   EUROPEAN COMMISSION
   FP7
   318580
2013
IEEE
Book Part (author)
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/230288
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 29
  • ???jsp.display-item.citation.isi??? ND
social impact