Integrating Security Services in Cloud Service Stores

@inproceedings{Daniel2015IntegratingSS,
  title={Integrating Security Services in Cloud Service Stores},
  author={Joshua Daniel and Fadi El-moussa and Gery Ducatel and Pramod S. Pawar and Ali Sajjad and Robert Rowlingson and Theodosis D. Dimitrakos},
  booktitle={IFIPTM},
  year={2015}
}
Protecting systems, applications and data hosted on a Cloud environment against cyber-threats, and accounting for security incidents across the Cloud estate are prerequisites to Cloud adoption by business, and a fundamental element of both national and corporate cyber-security and Cloud strategies. Yet, Cloud IaaS and PaaS providers typically hold Cloud consumers accountable for protecting their applications, while Cloud users often find that protecting their proprietary system, application and… 
An Architecture for Privacy-preserving Sharing of
TLDR
The design and architecture of the solution is presented that aims to allow SMEs to perform policy-based sharing of CTI, while also offering them flexible privacy and confidentiality controls.
A Certification Technique for Cloud Security Adaptation
TLDR
This paper proposes a security-oriented adaptation technique for the cloud, based on evidence collected by means of a reliable certification process, that adapts the cloud to maintain stable security properties over time, by continuously verifying certificate validity.
Certification-Based Cloud Adaptation
TLDR
This paper depart from traditional heavy and comprehensive certification processes, such as ISO/IEC 27017, and consider a flexible and lightweight certification process for the cloud, based on authentic evidence and provides accountable validation on the compliance of a cloud-based system.
An architecture for privacy-preserving sharing of CTI with 3rd party analysis services
TLDR
The design and architecture of the solution is presented that aims to allow SMEs to perform policy-based sharing of CTI, while also offering them flexible privacy and confidentiality controls.
Managed security service distribution model
TLDR
It is demonstrated how security applications can be migrated as managed capabilities using the authors' `horizontal services' deployment framework and its associated SDK allow customers to implement and enforce security policies in private, public, or hybrid clouds.
Identity as a service: A cloud based common capability
  • G. Ducatel
  • Computer Science
    2015 IEEE Conference on Communications and Network Security (CNS)
  • 2015
TLDR
A framework for IDaaS emphasizing the aspects relating to identity federation and lifecycle management is presented and the benefit of such approach emphasizing on improvements in assurance and trustworthiness is articulate.
A Security Architecture for the Internet of Things
TLDR
This paper studies the use of TLS over the JavaScript Object Notation (JSON) via a The Constrained Application Protocol (CoAP) RESTful service to verify the hypothesis that in this way one can provide end-to-end communication flexibility and potentially retain identity information for repudiation.
Deploying Visual Analytics Through a Multi-cloud Service Store with Encrypted Big Data (Short Paper)
TLDR
The benefits of Cloud Computing are now widely recognised, in terms of easy, flexible, scalable and cost effective deployment of services and storage, but significant barriers of trust and privacy concerns are slowing the adoption of Big Data cloud services.

References

SHOWING 1-10 OF 16 REFERENCES
An analysis of security issues for cloud computing
TLDR
This work identifies the main vulnerabilities in this kind of systems and the most important threats found in the literature related to Cloud Computing and its environment as well as to identify and relate vulnerabilities and threats with possible solutions.
A survey on security issues in service delivery models of cloud computing
Cloud Security Challenges: Investigating Policies, Standards, And Guidelines In A Fortune 500 Organization
TLDR
The results from this case study have revealed that from the 1123 'relevant' statements found in the organization's security documentation, 175 statements were considered to be 'inadequate' for cloud computing.
IDPS: An Integrated Intrusion Handling Model for Cloud
TLDR
An effective and efficient model termed as the Integrated Intrusion Detection and Prevention System (IDPS) which combines both IDS and IPS in a single mechanism which can provide robust protection against a complete spectrum of threats is proposed.
Cloud computing and security challenges
TLDR
Cloud Computing services including data storage service, cloud computing operating system and software as a service will be introduced, Cloud Computing security challenges will be discussed and Cisco Secure Cloud Data Center Framework will be presented.
Distributed Intrusion Detection in Clouds Using Mobile Agents
TLDR
This work tries to offer a line of defense by applying Mobile Agents technology to provide intrusion detection for Cloud applications regardless of their locations.
Cloud computing risk assessment method based on game theory
TLDR
Risk assessment model is established using game theory, which involves the damage and the restore of the cloud system, and the interaction between attacker and defender has been analysed and risk assessment of vulnerable points in cloud environment is conducted.
Towards a Contextualization Solution for Cloud Platform Services
TLDR
A cloud contextualization mechanism which operates in two stages, contextualization of VM images prior to service deployment and self-contextualization ofVM instances created from the image (IaaS level); preliminary performance results suggest acceptable performance and scalability.
...
...