Lack of trust and transparency are among the main reasons hindering adoption of cloud computing. Users in fact can inspect neither their applications nor the treatment of their data, and have little or no guarantees about their security. In this context, there is a pressing need for assurance techniques supporting some key properties of cloud services and applications. Cloud security certification is a major assurance technique that has been proposed to increase cloud security, trust, and transparency. However, certification is a tedious, costly, and time-consuming process for the provider that wants to certify one of its services/applications. In this paper, we propose a test-based security certification framework for the cloud implementing a certification process and a cloud engineering methodology based on it, which supports providers in the design and development of ready-to-be-certified services/applications.
A certification framework for cloud-based services / M. Anisetti, C..A. Ardagna, F. Gaudenzi, E. Damiani - In: Proceedings of the 31st Annual ACM Symposium on Applied Computing[s.l] : ACM, 2016. - ISBN 9781450337397. - pp. 440-447 (( Intervento presentato al 31. convegno ACM Symposium on Applied Computing tenutosi a Pisa nel 2016 [10.1145/2851613.2851628].
A certification framework for cloud-based services
M. Anisetti;C..A. Ardagna;F. Gaudenzi;E. Damiani
2016
Abstract
Lack of trust and transparency are among the main reasons hindering adoption of cloud computing. Users in fact can inspect neither their applications nor the treatment of their data, and have little or no guarantees about their security. In this context, there is a pressing need for assurance techniques supporting some key properties of cloud services and applications. Cloud security certification is a major assurance technique that has been proposed to increase cloud security, trust, and transparency. However, certification is a tedious, costly, and time-consuming process for the provider that wants to certify one of its services/applications. In this paper, we propose a test-based security certification framework for the cloud implementing a certification process and a cloud engineering methodology based on it, which supports providers in the design and development of ready-to-be-certified services/applications.
| File | Dimensione | Formato | |
|---|---|---|---|
|
AADG.SAC2016.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
166.1 kB
Formato
Adobe PDF
|
166.1 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
