Skip to main content

2020 | OriginalPaper | Buchkapitel

Representing Multicloud Security and Privacy Policies and Detecting Potential Problems

verfasst von : Anthony Opara, Youngsang Song, Seong-je Cho, Lawrence Chung

Erschienen in: Service-Oriented Computing – ICSOC 2019 Workshops

Verlag: Springer International Publishing

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

As more organizations adopt cloud computing, they are increasingly moving towards a mixture of public, private, and hybrid cloud services and infrastructure. These organizations turn to multicloud, which involves the use of two or more public clouds, to avoid vendor lock-in, overcome latency, mitigate risks, and control costs. The use of multicloud does have some advantages, such as flexibility and redundancy, but comes with some management, security, and privacy challenges as well. To overcome some of the security challenges, organizations would have to capture and analyze security and privacy policies across multiple clouds to ensure the policies are free from errors and enforce them at runtime independent of the cloud provider. In this paper, we present CERBERUS, a framework for representing multicloud security and privacy policies and detecting potential problems in the policies. CERBERUS adopts an object-oriented approach and consists of an ontology and notation, policies, guidelines and rules, and a tool for capturing and detecting policy errors. Using CERBERUS, policies can be analyzed for potential problems, including policy conflicts, inconsistencies, ambiguities, and incompleteness. An application of CERBERUS shows that it indeed helps discover policy errors, that would otherwise go undetected, or in many cases would be detected a posteriori at runtime.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Takabi, H., Joshi, J.B.D., Ahn, G.-J.: Security and privacy challenges in cloud computing environments. IEEE Secur. Priv. 8(6), 24–31 (2010)CrossRef Takabi, H., Joshi, J.B.D., Ahn, G.-J.: Security and privacy challenges in cloud computing environments. IEEE Secur. Priv. 8(6), 24–31 (2010)CrossRef
2.
Zurück zum Zitat Baron, J., et al.: AWS Certified Solutions Architect Official Study Guide, 1st edn. Wiley, Indianapolis (2017) Baron, J., et al.: AWS Certified Solutions Architect Official Study Guide, 1st edn. Wiley, Indianapolis (2017)
3.
Zurück zum Zitat Tianfield, H.: Security issues in cloud computing. In: 2012 IEEE International Conference on Systems, Man, and Cybernetics (SMC), COEX, Seoul, Korea, pp. 1082–1089 (2012) Tianfield, H.: Security issues in cloud computing. In: 2012 IEEE International Conference on Systems, Man, and Cybernetics (SMC), COEX, Seoul, Korea, pp. 1082–1089 (2012)
4.
Zurück zum Zitat Singhal, M., et al.: Collaboration in multicloud computing environments: framework and security issues. Computer 46(2), 76–84 (2013)CrossRef Singhal, M., et al.: Collaboration in multicloud computing environments: framework and security issues. Computer 46(2), 76–84 (2013)CrossRef
6.
Zurück zum Zitat Moffett, J., Sloman, M.: Policy conflict analysis in distributed systems management. J. Organ. Comput. 4, 1–22 (1993) Moffett, J., Sloman, M.: Policy conflict analysis in distributed systems management. J. Organ. Comput. 4, 1–22 (1993)
7.
Zurück zum Zitat Lupu, E.C., Sloman, M.: Conflicts in policy-based distributed systems management. IEEE Trans. Software Eng. 25, 852–869 (1999)CrossRef Lupu, E.C., Sloman, M.: Conflicts in policy-based distributed systems management. IEEE Trans. Software Eng. 25, 852–869 (1999)CrossRef
8.
Zurück zum Zitat Oladimeji, E.A., Chung, L.: Representing security goals, policies and objects. In: Proceedings of the 5th IEEE/ACIS International Conference on Computer and Information Science, Honolulu, Hawaii, pp. 160–167 (2006) Oladimeji, E.A., Chung, L.: Representing security goals, policies and objects. In: Proceedings of the 5th IEEE/ACIS International Conference on Computer and Information Science, Honolulu, Hawaii, pp. 160–167 (2006)
11.
Zurück zum Zitat Damianou, N., Bandara, A., Sloman, M. and Lupu, E.: A survey of policy specification approaches, pp. 142–156. Department of Computing, Imperial College of Science Technology and Medicine, London (2002) Damianou, N., Bandara, A., Sloman, M. and Lupu, E.: A survey of policy specification approaches, pp. 142–156. Department of Computing, Imperial College of Science Technology and Medicine, London (2002)
12.
Zurück zum Zitat Kagal, L., Finin, T., Joshi, A.: A policy language for pervasive systems. In: Fourth IEEE International Workshop on Policies for Distributed Systems and Networks (2003) Kagal, L., Finin, T., Joshi, A.: A policy language for pervasive systems. In: Fourth IEEE International Workshop on Policies for Distributed Systems and Networks (2003)
13.
Zurück zum Zitat Opara, A., Song, Y., Cho, S. and Chung, L.: Representing multicloud security and privacy policies and detecting potential problems (2019, in preparation) Opara, A., Song, Y., Cho, S. and Chung, L.: Representing multicloud security and privacy policies and detecting potential problems (2019, in preparation)
Metadaten
Titel
Representing Multicloud Security and Privacy Policies and Detecting Potential Problems
verfasst von
Anthony Opara
Youngsang Song
Seong-je Cho
Lawrence Chung
Copyright-Jahr
2020
DOI
https://doi.org/10.1007/978-3-030-45989-5_5

Premium Partner