Security assurance is a discipline aiming to demonstrate that a target system holds some non/functional properties and behaves as expected. These techniques have been recently applied to the cloud, facing some critical issues especially when integrated within existing security processes and executed in a programmatic way. Furthermore, they pose significant costs when hybrid systems, mixing public and private infrastructures, are considered. In this paper, we a present an assurance framework that implements an assurance process evaluating the trustworthiness of hybrid systems. The framework builds on a standard API-based interface supporting full and programmatic access to the functionalities of the framework. The process provides a transparent, non-invasive and automatic solution that does not interfere with the working of the target system. It builds on a Virtual Private Network (VPN)-based solution, to provide a smooth integration with target systems, in particular those mixing public and private clouds and corporate networks. A detailed walkthrough of the process along with a performance evaluation of the framework in a simulated scenario are presented.

An Assurance Framework and Process for Hybrid Systems / M. Anisetti, C.A. Ardagna, N. Bena, E. Damiani (COMMUNICATIONS IN COMPUTER AND INFORMATION SCIENCE). - In: E-Business and Telecommunications / [a cura di] M.S. Obaidat, J. Ben-Othman. - [s.l] : Springer Science and Business Media Deutschland GmbH, 2021. - ISBN 978-3-030-90427-2. - pp. 79-101 (( Intervento presentato al 17. convegno ICETE tenutosi a Virtual event nel 2020 [10.1007/978-3-030-90428-9_4].

An Assurance Framework and Process for Hybrid Systems

M. Anisetti
Primo
;
C.A. Ardagna
Secondo
;
N. Bena
Penultimo
;
E. Damiani
Ultimo
2021

Abstract

Security assurance is a discipline aiming to demonstrate that a target system holds some non/functional properties and behaves as expected. These techniques have been recently applied to the cloud, facing some critical issues especially when integrated within existing security processes and executed in a programmatic way. Furthermore, they pose significant costs when hybrid systems, mixing public and private infrastructures, are considered. In this paper, we a present an assurance framework that implements an assurance process evaluating the trustworthiness of hybrid systems. The framework builds on a standard API-based interface supporting full and programmatic access to the functionalities of the framework. The process provides a transparent, non-invasive and automatic solution that does not interfere with the working of the target system. It builds on a Virtual Private Network (VPN)-based solution, to provide a smooth integration with target systems, in particular those mixing public and private clouds and corporate networks. A detailed walkthrough of the process along with a performance evaluation of the framework in a simulated scenario are presented.
Assurance; Hybrid system; Security; Virtual private network
Settore INF/01 - Informatica
H20_RIA19EDAMI_01 - Cyber security cOmpeteNce fOr Research anD Innovation (CONCORDIA) - DAMIANI, ERNESTO - H20_RIA - Horizon 2020_Research & Innovation Action/Innovation Action - 2019
Book Part (author)
File in questo prodotto:
File Dimensione Formato  
Anisetti2021_Chapter_AnAssuranceFrameworkAndProcess.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Dimensione 875.45 kB
Formato Adobe PDF
875.45 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
AABD.ICETE2020.pdf

accesso aperto

Tipologia: Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione 586.13 kB
Formato Adobe PDF
586.13 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/2434/919470
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact