Unpredictability of cloud computing due to segregation of visibility and control between applications, data owners, and cloud providers increases tenants' uncertainty when using cloud services. Adaptation techniques become fundamental to provide a reliable cloud-based infrastructure with definite behavior, which preserves a stable quality of service for tenants. Existing adaptation techniques mostly focus on performance properties and are based on unverifiable evidence, which is collected in an untrusted way. In this paper, we propose a security-oriented adaptation technique for the cloud, based on evidence collected by means of a reliable certification process. Our approach adapts the cloud to maintain stable security properties over time, by continuously verifying certificate validity. It uses the output of verification activities to index a feature model, where equivalent configurations are used as the basis for adaptation. We also provide an analysis of the approach on British Telecommunications (BT) premises.
A certification technique for cloud security adaptation / C.A. Ardagna, R. Asal, E. Damiani, N. El Ioini, C. Pahl, T. Dimitrakos - In: Services Computing (SCC), 2016 IEEE International Conference on[s.l] : IEEE, 2016. - ISBN 9781509026289. - pp. 324-331 (( convegno SCC tenutosi a San Francisco nel 2016 [10.1109/SCC.2016.49].
A certification technique for cloud security adaptation
C.A. Ardagna;E. Damiani;
2016
Abstract
Unpredictability of cloud computing due to segregation of visibility and control between applications, data owners, and cloud providers increases tenants' uncertainty when using cloud services. Adaptation techniques become fundamental to provide a reliable cloud-based infrastructure with definite behavior, which preserves a stable quality of service for tenants. Existing adaptation techniques mostly focus on performance properties and are based on unverifiable evidence, which is collected in an untrusted way. In this paper, we propose a security-oriented adaptation technique for the cloud, based on evidence collected by means of a reliable certification process. Our approach adapts the cloud to maintain stable security properties over time, by continuously verifying certificate validity. It uses the output of verification activities to index a feature model, where equivalent configurations are used as the basis for adaptation. We also provide an analysis of the approach on British Telecommunications (BT) premises.
| File | Dimensione | Formato | |
|---|---|---|---|
|
AADDEP.SCC2016.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
250.54 kB
Formato
Adobe PDF
|
250.54 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
