Abstract
In this paper we describe the structure and functionality of a certification integrated framework aimed to support the certification of security properties of a Cloud infrastructure (IaaS), a platform (PaaS), or the software layer (SaaS). Such framework will bring service users, service providers and cloud suppliers to work together with certification authorities in order to ensure security properties and certificates validity in the continuously evolving cloud environment. For this purpose, the framework relies on multiple types of evidence gathering with respect to security, e.g., testing services, monitoring agents or trusted computing proofs. In this paper we will focus only on the monitoring case and will illustrate its use. Yet, this framework is designed to be able to follow models for hybrid, incremental and multi-layer security certification since cloud security has to build upon the entire cloud stack.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cloud Security Alliance. Cloud control matrix v. 3.0.1 (2014). https://cloudsecurityalliance.org/research/ccm/
CUMULUS. Deliverable D5.1 ‘CUMULUS framework architecture’, June 2013. http://www.cumulus-project.eu/
CUMULUS. Deliverable D2.3 ‘Certification Models v2’, May 2014. http://www.cumulus-project.eu/
Foster, H., Spanoudakis, G.: Advanced service monitoring configurations with sla decomposition and selection. In: Chu, W.C., Wong, W.E., Palakal, M.J., Hung, C.-C. (eds.) Proceedings of the 2011 ACM Symposium on Applied Computing (SAC), TaiChung, Taiwan, 21–24 March, pp. 1582–1589. ACM (2011)
Zenoss Inc. Cloud Foundry Zen Pack (2014). http://www.zenoss.com/solution/awareness
ISO/IEC. Common Criteria-ISO/IEC 15408 (2014). http://standards.iso.org/ittf/PubliclyAvailableStandards/index.html
Nagios Enterprises LCC. Nagios core, GNU License (2014). http://nagios.sourceforge.net/docs/nagioscore/4/en/about.html#whatis
BSD license open source software. Ganglia Monitoring System (2014). http://ganglia.info/
Spanoudakis, G., Krotsiani, M., Mahbub, K.: Incremental certification of cloud services. In: 7th International Conference on Emerging Security Information, Systems and Technologies (SECUREWARE 2013) (2013). http://openaccess.city.ac.uk/3236/
New Relic. New Relic-Server, Browser, APM (2014). http://newrelic.com/products
Pannetrat, A., Hogben, G., Katopodis, S., Spanoudakis, G., Sánchez, C.: Deliverable D2.1 ‘Security Aware SLA Specification Language and Cloud Security Dependency Model’, May 2013. http://www.cumulus-project.eu/index.php/public-deliverables
Spanoudakis, G., Kloukinas, C., Mahbub, K.: The serenity runtime monitoring framework. In: Kokolakis, S., Gómez, A.M., Spanoudakis, G. (eds.) Security and Dependability for Ambient Intelligence, vol. 45, pp. 213–238. Springer, USA (2009)
OSSEC tem. OSSEC-Open source security (2014). http://www.ossec.net/
VMWare. Hyperic HQ-open source edition (2014). http://www.hyperic.com
Acknowledgment
The work presented in this paper has been partially funded by the EU FP7 project CUMULUS (grant no. 318580).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Egea, M., Mahbub, K., Spanoudakis, G., Vieira, M.R. (2015). A Certification Framework for Cloud Security Properties: The Monitoring Path. In: Felici, M., Fernández-Gago, C. (eds) Accountability and Security in the Cloud. A4Cloud 2014. Lecture Notes in Computer Science(), vol 8937. Springer, Cham. https://doi.org/10.1007/978-3-319-17199-9_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-17199-9_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17198-2
Online ISBN: 978-3-319-17199-9
eBook Packages: Computer ScienceComputer Science (R0)