Lack of trust and transparency are among the main reasons hindering adoption of cloud computing. Users in fact can inspect neither their applications nor the treatment of their data, and have little or no guarantees about their security. In this context, there is a pressing need for assurance techniques supporting some key properties of cloud services and applications. Cloud security certification is a major assurance technique that has been proposed to increase cloud security, trust, and transparency. However, certification is a tedious, costly, and time-consuming process for the provider that wants to certify one of its services/applications. In this paper, we propose a test-based security certification framework for the cloud implementing a certification process and a cloud engineering methodology based on it, which supports providers in the design and development of ready-to-be-certified services/applications.
|Titolo:||A certification framework for cloud-based services|
|Parole Chiave:||Certification-aware cloud engineering; Security certification; Testing|
|Settore Scientifico Disciplinare:||Settore INF/01 - Informatica|
|Data di pubblicazione:||2016|
|Digital Object Identifier (DOI):||10.1145/2851613.2851628|
|Tipologia:||Book Part (author)|
|Appare nelle tipologie:||03 - Contributo in volume|