Home > Research > Publications & Outputs > Novel efficient techniques for real-time cloud ...

Links

Text available via DOI:

View graph of relations

Novel efficient techniques for real-time cloud security assessment

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Published

Standard

Novel efficient techniques for real-time cloud security assessment. / Modic, J.; Trapero, R.; Taha, A. et al.
In: Computers and Security, Vol. 62, 01.09.2016, p. 1-18.

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Harvard

Modic, J, Trapero, R, Taha, A, Luna, J, Stopar, M & Suri, N 2016, 'Novel efficient techniques for real-time cloud security assessment', Computers and Security, vol. 62, pp. 1-18. https://doi.org/10.1016/j.cose.2016.06.003

APA

Modic, J., Trapero, R., Taha, A., Luna, J., Stopar, M., & Suri, N. (2016). Novel efficient techniques for real-time cloud security assessment. Computers and Security, 62, 1-18. https://doi.org/10.1016/j.cose.2016.06.003

Vancouver

Modic J, Trapero R, Taha A, Luna J, Stopar M, Suri N. Novel efficient techniques for real-time cloud security assessment. Computers and Security. 2016 Sept 1;62:1-18. Epub 2016 Jun 24. doi: 10.1016/j.cose.2016.06.003

Author

Modic, J. ; Trapero, R. ; Taha, A. et al. / Novel efficient techniques for real-time cloud security assessment. In: Computers and Security. 2016 ; Vol. 62. pp. 1-18.

Bibtex

@article{8d1acdc9a8184f588eed3da4140d4282,
title = "Novel efficient techniques for real-time cloud security assessment",
abstract = "Cloud computing offers multiple benefits to users by offloading them of the tasks of setting up complex infrastructure and costly services. However, these benefits come with a price, namely that the Cloud Service Customers (CSCs) need to trust the Cloud Service Providers (CSPs) with their data, and additionally being exposed to integrity and confidentiality related incidents on the CSPs. Thus, it is important for CSCs to know what security assurances the CSPs are able to guarantee by being able to quantitatively or qualitatively compare CSPs offers with respect to their own needs. On the other hand, it is also important for CSPs to assess their own offers by comparing them to the competition and with the CSCs needs, to consequently improve their offers and to gain better trust. Thus there is a basic need for techniques that address the Cloud security assessment problem. Although a few assessment methodologies have recently been proposed, their value comes only if they can be efficiently executed to support actual decisions at run time. For an assessment methodology to be practical, it should be efficient enough to allow CSCs to adjust their preferences while observing on the fly the current evaluation of CSPs{\textquoteright} offers based on the preferences that are being chosen. Furthermore, for an assessment methodology to be useful in real-world applications, it should be efficient enough to support many requests in parallel, taking into account the growing number of CSPs and the variety of requirements that CSCs might have. In this paper, we develop a novel Cloud security assessment technique called Moving Intervals Process (MIP) that possesses all these qualities. Unlike the existing complex approaches (e.g., Quantitative Hierarchical Process – QHP) that are computationally too expensive to be deployed for the needed on-line real-time assessment, MIP offers both accuracy and high computational efficiency. Additionally, we also show how to make the existing QHP competitively efficient.",
keywords = "Cloud security, Security evaluation, Security level agreements, Security metrics, Security quantification, Computational efficiency, Distributed database systems, Embedded systems, Cloud securities, Trusted computing",
author = "J. Modic and R. Trapero and A. Taha and J. Luna and M. Stopar and Neeraj Suri",
year = "2016",
month = sep,
day = "1",
doi = "10.1016/j.cose.2016.06.003",
language = "English",
volume = "62",
pages = "1--18",
journal = "Computers and Security",
issn = "0167-4048",
publisher = "Elsevier Ltd",

}

RIS

TY - JOUR

T1 - Novel efficient techniques for real-time cloud security assessment

AU - Modic, J.

AU - Trapero, R.

AU - Taha, A.

AU - Luna, J.

AU - Stopar, M.

AU - Suri, Neeraj

PY - 2016/9/1

Y1 - 2016/9/1

N2 - Cloud computing offers multiple benefits to users by offloading them of the tasks of setting up complex infrastructure and costly services. However, these benefits come with a price, namely that the Cloud Service Customers (CSCs) need to trust the Cloud Service Providers (CSPs) with their data, and additionally being exposed to integrity and confidentiality related incidents on the CSPs. Thus, it is important for CSCs to know what security assurances the CSPs are able to guarantee by being able to quantitatively or qualitatively compare CSPs offers with respect to their own needs. On the other hand, it is also important for CSPs to assess their own offers by comparing them to the competition and with the CSCs needs, to consequently improve their offers and to gain better trust. Thus there is a basic need for techniques that address the Cloud security assessment problem. Although a few assessment methodologies have recently been proposed, their value comes only if they can be efficiently executed to support actual decisions at run time. For an assessment methodology to be practical, it should be efficient enough to allow CSCs to adjust their preferences while observing on the fly the current evaluation of CSPs’ offers based on the preferences that are being chosen. Furthermore, for an assessment methodology to be useful in real-world applications, it should be efficient enough to support many requests in parallel, taking into account the growing number of CSPs and the variety of requirements that CSCs might have. In this paper, we develop a novel Cloud security assessment technique called Moving Intervals Process (MIP) that possesses all these qualities. Unlike the existing complex approaches (e.g., Quantitative Hierarchical Process – QHP) that are computationally too expensive to be deployed for the needed on-line real-time assessment, MIP offers both accuracy and high computational efficiency. Additionally, we also show how to make the existing QHP competitively efficient.

AB - Cloud computing offers multiple benefits to users by offloading them of the tasks of setting up complex infrastructure and costly services. However, these benefits come with a price, namely that the Cloud Service Customers (CSCs) need to trust the Cloud Service Providers (CSPs) with their data, and additionally being exposed to integrity and confidentiality related incidents on the CSPs. Thus, it is important for CSCs to know what security assurances the CSPs are able to guarantee by being able to quantitatively or qualitatively compare CSPs offers with respect to their own needs. On the other hand, it is also important for CSPs to assess their own offers by comparing them to the competition and with the CSCs needs, to consequently improve their offers and to gain better trust. Thus there is a basic need for techniques that address the Cloud security assessment problem. Although a few assessment methodologies have recently been proposed, their value comes only if they can be efficiently executed to support actual decisions at run time. For an assessment methodology to be practical, it should be efficient enough to allow CSCs to adjust their preferences while observing on the fly the current evaluation of CSPs’ offers based on the preferences that are being chosen. Furthermore, for an assessment methodology to be useful in real-world applications, it should be efficient enough to support many requests in parallel, taking into account the growing number of CSPs and the variety of requirements that CSCs might have. In this paper, we develop a novel Cloud security assessment technique called Moving Intervals Process (MIP) that possesses all these qualities. Unlike the existing complex approaches (e.g., Quantitative Hierarchical Process – QHP) that are computationally too expensive to be deployed for the needed on-line real-time assessment, MIP offers both accuracy and high computational efficiency. Additionally, we also show how to make the existing QHP competitively efficient.

KW - Cloud security

KW - Security evaluation

KW - Security level agreements

KW - Security metrics

KW - Security quantification

KW - Computational efficiency

KW - Distributed database systems

KW - Embedded systems

KW - Cloud securities

KW - Trusted computing

U2 - 10.1016/j.cose.2016.06.003

DO - 10.1016/j.cose.2016.06.003

M3 - Journal article

VL - 62

SP - 1

EP - 18

JO - Computers and Security

JF - Computers and Security

SN - 0167-4048

ER -