A multi-layer and multi-tenant cloud assurance evaluation methodology

Hudic, Aleksandre and Tauber, Markus and Lorunser, Thomas and Krotsiani, Maria and Spanoudakis, George and Mauthe, Andreas and Weippl, E. R. (2014) A multi-layer and multi-tenant cloud assurance evaluation methodology. In: Proceedings of 6th IEEE International Conference on Cloud Computing Technology and Science, IEEE Cloud Comp 2014,. IEEE, Piscataway, N.J., pp. 386-393. ISBN 9781479940936

Full text not available from this repository.

Abstract

Data with high security requirements is being processed and stored with increasing frequency in the Cloud. To guarantee that the data is being dealt in a secure manner we investigate the applicability of Assurance methodologies. In a typical Cloud environment the setup of multiple layers and different stakeholders determines security properties of individual components that are used to compose Cloud applications. We present a methodology adapted from Common Criteria for aggregating information reflecting the security properties of individual constituent components of Cloud applications. This aggregated information is used to categorise overall application security in terms of Assurance Levels and to provide a continuous assurance level evaluation. It gives the service owner an overview of the security of his service, without requiring detailed manual analyses of log files.

Item Type:
Contribution in Book/Report/Proceedings
ID Code:
72749
Deposited By:
Deposited On:
28 Jan 2015 17:01
Refereed?:
Yes
Published?:
Published
Last Modified:
01 May 2020 07:26