Enforcing Security and Assurance Properties in Cloud Environment

Bousquet, Aline; Briffaut, Jérémy; Caron, Eddy; Dominguez, Eva Maria; Franco, Javier; Lefray, Arnaud; López, Oscar Pastor; Ros, Saioa; Rouzaud-Cornabas, Jonathan; Toinard, Christian; Uriarte, Mikel

doi:10.1109/ucc.2015.45

Cited by 5 publications

(4 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, it is important to ensure that code behaviour is in line with the access control [231], [232] policy. Further, a security assurance methodology is needed to obtain firm evidence that the security requirements of the companies are well defined and enforced [233].…”

Section: Research Gaps and Recommendationsmentioning

confidence: 99%

Software security models and frameworks: an overview and current trends

Korir¹

2023

World J. Adv. Eng. Technol. Sci.

View full text Add to dashboard Cite

The continued dependence on information technology applications has led to the adoption of electronic channels and software applications to support businesses, online transactions and communications. In this perspective, both functional and non-functional requirements are critical for the provision of necessary needs at the early phases of the software development process. This is specifically important in the requirement phase of the software development process. Software security is increasingly becoming a necessity concern in this environment. Unfortunately, security concepts such as access control requirements are mostly considered after the functional requirement definition stage. In addition, majority of the developers and organizations regard security as an activity that can be incorporated after the development of a system. This leads to flaws and security defects in the access control mechanism. Therefore, software security issues must be given higher priority in the early stages of the development process. The aim of this paper is to offer a survey of the software security techniques, frameworks and models that have been developed to deal with these issues. The results obtained indicate that software vulnerabilities have made it possible for attackers to exploit them to cause havoc in computerized systems and has become one of the most critical risks facing modern corporate networks. Since most of these vulnerabilities involve exploitable weaknesses introduced through badly written code, the cyber security community has tried to come up with techniques to enhance software products.

show abstract

Section: Research Gaps and Recommendationsmentioning

confidence: 99%

Software security models and frameworks: an overview and current trends

Korir¹

2023

World J. Adv. Eng. Technol. Sci.

View full text Add to dashboard Cite

show abstract

“…For instance, authenticity can be achieved by providing either password-based or biometric authentication. In the literature, mechanisms are sometimes considered as part of complex property definition [10]; in this paper, we decouple property declaration (i.e., the property to be evaluated -( pr,l)) from its procedural definition (i.e., how to achieve property -mec) to better distinguish the goal and target of our adaptation technique. We consider different classes of properties such as security (i.e., CIA), performance, anonymity, consistency.…”

Section: Non-functional Propertiesmentioning

confidence: 99%

“…Each scenario has then been evaluated in 4 settings varying the remaining two parameters in (3,3), (3,20), (20,3), (20,20). Figure 3(d)-3(f) shows the execution time when two parameters among number of tenants, property classes, and levels, are selected and varied between (10,10) and (60,60) (step 10). Each scenario (10,10,10) and (60,60,60) (step 10).…”

Section: Performancementioning

confidence: 99%

“…Figure 3(d)-3(f) shows the execution time when two parameters among number of tenants, property classes, and levels, are selected and varied between (10,10) and (60,60) (step 10). Each scenario (10,10,10) and (60,60,60) (step 10). The execution time of the adaptation algorithm is linear when varying each single parameter alone (tenants, properties and levels), or a pair thereof; the overall complexity increases exponentially when all variables increase at the same time.…”

Section: Performancementioning

confidence: 99%

See 1 more Smart Citation

Certification-Based Cloud Adaptation

Ardagna

Asal

Damiani

et al. 2018

IEEE Trans. Serv. Comput.

View full text Add to dashboard Cite

Performance and dependability levels of cloud-based computations are difficult to guarantee by-design due to segregation of visibility and control between applications, data owners, and cloud providers. Lack of predictability increases users' uncertainty about the service levels they will actually achieve. Cloud tenants compete for shared resources/services at all layers of the cloud stack, and pose heterogeneous and conflicting non-functional requirements over them. These requirements have implications for platform and infrastructure layers, which have to be configured to satisfy inter-tenants requirements. We argue that adaptation techniques can play a crucial role in providing a reliable cloud, supporting definite behavior of applications and stable quality of service. Existing adaptation techniques however are unsuitable for cloud use, since they mostly focus on single tenancy, performance requirements, and are based on unverifiable evidence, which is collected in an untrusted way. In this paper, we propose a multi-tenant, general-purpose adaptation technique for the cloud, based on evidence collected by means of a trustworthy certification process. We depart from traditional heavy and comprehensive certification processes, such as ISO/IEC 27017, and consider a flexible and lightweight certification process for the cloud. It is based on authentic evidence and provides accountable validation on the compliance of a cloud-based system. Our approach adapts the cloud at all layers to maintain stable non-functional properties in certificates over time, by continuously verifying certificate validity. We assess the performance and quality of our adaptation approach in a wide range of settings.

show abstract