Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

An Assurance Framework and Process for Hybrid Systems

  • Conference paper
  • First Online:
E-Business and Telecommunications (ICETE 2020)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1484))

Included in the following conference series:

Abstract

Security assurance is a discipline aiming to demonstrate that a target system holds some non/functional properties and behaves as expected. These techniques have been recently applied to the cloud, facing some critical issues especially when integrated within existing security processes and executed in a programmatic way. Furthermore, they pose significant costs when hybrid systems, mixing public and private infrastructures, are considered. In this paper, we a present an assurance framework that implements an assurance process evaluating the trustworthiness of hybrid systems. The framework builds on a standard API/based interface supporting full and programmatic access to the functionalities of the framework. The process provides a transparent, non-invasive and automatic solution that does not interfere with the working of the target system. It builds on a Virtual Private Network (VPN)/based solution, to provide a smooth integration with target systems, in particular those mixing public and private clouds and corporate networks. A detailed walkthrough of the process along with a performance evaluation of the framework in a simulated scenario are presented.

Research supported, in parts, by EC H2020 Project CONCORDIA GA 830927 and Università degli Studi di Milano under the program “Piano sostegno alla ricerca”.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Aceto, G., Botta, A., de Donato, W., Pescapè, A.: Cloud monitoring: a survey. Comput. Netw. 57(9), 2093–2115 (2013). https://doi.org/10.1016/j.comnet.2013.04.001

    Article  Google Scholar 

  2. Alcaraz Calero, J.M., Aguado, J.G.: MonPaaS: an adaptive monitoring platform as a service for cloud computing infrastructures and services. IEEE TSC 8(1), 65–78 (2015). https://doi.org/10.1109/TSC.2014.2302810

    Article  Google Scholar 

  3. Alshalan, A., Pisharody, S., Huang, D.: A survey of mobile VPN technologies. IEEE COMST 18(2), 1177–1196 (2016). https://doi.org/10.1109/COMST.2015.2496624

    Article  Google Scholar 

  4. Anisetti, M., Ardagna, C.A., Bena, N., Damiani, E.: Stay thrifty, stay secure: a VPN-based assurance framework for hybrid systems. In: Proceedings of SECRYPT 2020, Paris, France (Virtual), July 2020

    Google Scholar 

  5. Anisetti, M., Ardagna, C.A., Damiani, E., Gaudenzi, F.: A certification framework for cloud-based services. In: Proceedings of ACM SAC 2016, Pisa, Italy, April 2016

    Google Scholar 

  6. Anisetti, M., Ardagna, C.A., Damiani, E., Gaudenzi, F.: A semi-automatic and trustworthy scheme for continuous cloud service certification. IEEE TSC 13, 30–43 (2017)

    Google Scholar 

  7. Ardagna, C., Asal, R., Damiani, E., Vu, Q.: From security to assurance in the cloud: a survey. ACM CSUR 48(1), 2:1-2:50 (2015)

    Google Scholar 

  8. Aslam, M., Mohsin, B., Nasir, A., Raza, S.: FoNAC - an automated fog node audit and certification scheme. Comput. Secur. 93, 101759 (2020)

    Article  Google Scholar 

  9. Baldini, G., Skarmeta, A., Fourneret, E., Neisse, R., Legeard, B., Le Gall, F.: Security certification and labelling in Internet of Things. In: Proceedings of IEEE WF-IoT 2016, Reston, VA, USA, December 2016

    Google Scholar 

  10. Cheah, M., Shaikh, S.A., Bryans, J., Wooderson, P.: Building an automotive security assurance case using systematic security evaluations. COSE 77, 360–379 (2018)

    Google Scholar 

  11. Ciuffoletti, A.: Application level interface for a cloud monitoring service. CS&I 46, 15–22 (2016)

    Google Scholar 

  12. De Chaves, S.A., Uriarte, R.B., Westphall, C.B.: Toward an architecture for monitoring private clouds. IEEE Commun. Mag. 49(12), 130–137 (2011). https://doi.org/10.1109/MCOM.2011.6094017

    Article  Google Scholar 

  13. Ed-douibi, H., Cánovas Izquierdo, J.L., Cabot, J.: OpenAPItoUML: a tool to generate UML models from OpenAPI definitions. In: Mikkonen, T., Klamma, R., Hernández, J. (eds.) ICWE 2018. LNCS, vol. 10845, pp. 487–491. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-91662-0_41

    Chapter  Google Scholar 

  14. Elsayed, M., Zulkernine, M.: Towards security monitoring for cloud analytic applications. In: Proceedings of IEEE BigDataSecurity/HPSC/IDS 2018, Omaha, NE, USA, May 2018. https://doi.org/10.1109/BDS/HPSC/IDS18.2018.00028

  15. Greenberg, M.S., Byington, J.C., Harper, D.G.: Mobile agents and security. IEEE Commun. Mag. 36(7), 76–85 (1998). https://doi.org/10.1109/35.689634

    Article  Google Scholar 

  16. Herrmann, D.: Using the Common Criteria for IT Security Evaluation. Auerbach Publications, Boca Raton (2002)

    Book  Google Scholar 

  17. Jahan, S., Pasco, M., Gamble, R., McKinley, P., Cheng, B.: MAPE-SAC: a framework to dynamically manage security assurance cases. In: Proceedings of IEEE FAS*W 2019, Umea, Sweden, June 2019. https://doi.org/10.1109/FAS-W.2019.00045

  18. Karlsson, S., Čaušević, A., Sundmark, D.: QuickREST: property-based test generation of OpenAPI-described RESTful APIs. In: Proceedings of IEEE ICST 2020, Porto, Portugal, March 2020

    Google Scholar 

  19. OpenAPI Initiative: OpenAPI Specification (2018). http://spec.openapis.org/oas/v3.0.2

  20. Ouedraogo, M., Mouratidis, H., Khadraoui, D., Dubois, E.: An agent-based system to support assurance of security requirements. In: Proceedings of SSIRI 2010, Singapore, June 2010. https://doi.org/10.1109/SSIRI.2010.32

  21. Povedano-Molina, J., Lopez-Vega, J.M., Lopez-Soler, J.M., Corradi, A., Foschini, L.: DARGOS: a highly adaptable and scalable monitoring architecture for multi-tenant Clouds. FGCS 29(8), 2041–2056 (2013). https://doi.org/10.1016/j.future.2013.04.022

    Article  Google Scholar 

  22. Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proc. IEEE 63(9), 1278–1308 (1975). https://doi.org/10.1109/PROC.1975.9939

    Article  Google Scholar 

  23. Sferruzza, D.: Top-down model-driven engineering of web services from extended OpenAPI models. In: Proceedings of IEEE/ACM ASE 2018, Montpellier, France, September 2018

    Google Scholar 

  24. Taherizadeh, S., Jones, A.C., Taylor, I., Zhao, Z., Stankovski, V.: Monitoring self-adaptive applications within edge computing frameworks: a state-of-the-art review. JSS 136, 19–38 (2018). https://doi.org/10.1016/j.jss.2017.10.033

    Article  Google Scholar 

  25. Teigeler, H., Lins, S., Sunyaev, A.: Chicken and egg problem: what drives cloud service providers and certification authorities to adopt continuous service certification? In: Proceedings of WISP 2017, Seoul, South Korea, December 2017

    Google Scholar 

  26. de la Vara, J.L., et al.: The AMASS approach for assurance and certification of critical systems. In: Proceedings of Embedded World 2019, Norimberg, Germany, February 2019

    Google Scholar 

  27. West, R.: The psychology of security. Commun. ACM 51(4), 34–40 (2008). https://doi.org/10.1145/1330311.1330320

    Article  Google Scholar 

  28. Wu, C., Marotta, S.: Framework for assessing cloud trustworthiness. In: Proceedings of IEEE CLOUD 2013, Santa Clara, CA, USA, June–July 2013 (2013). https://doi.org/10.1109/CLOUD.2013.76

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Informatica, Università degli Studi di Milano, Milan, Italy

    Marco Anisetti, Claudio A. Ardagna, Nicola Bena & Ernesto Damiani

Authors
  1. Marco Anisetti
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Claudio A. Ardagna
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nicola Bena
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ernesto Damiani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Marco Anisetti , Claudio A. Ardagna , Nicola Bena or Ernesto Damiani .

Editor information

Editors and Affiliations

  1. University of Jordan, Amman, Jordan

    Mohammad S. Obaidat

  2. Paris 13 University, Villetaneuse, France

    Jalel Ben-Othman

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Anisetti, M., Ardagna, C.A., Bena, N., Damiani, E. (2021). An Assurance Framework and Process for Hybrid Systems. In: Obaidat, M.S., Ben-Othman, J. (eds) E-Business and Telecommunications. ICETE 2020. Communications in Computer and Information Science, vol 1484. Springer, Cham. https://doi.org/10.1007/978-3-030-90428-9_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-90428-9_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-90427-2

  • Online ISBN: 978-3-030-90428-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation