Bridging the GAP between software certification and trusted computing for securing cloud computing

Proceedings - 2013 IEEE 9th World Congress on Services, SERVICES 2013

Volumn , Issue , 2013, Pages 103-110

  Munoz, Antonio ^a   Mana, Antonio ^a  

^a UNIVERSITY OF MÁLAGA   (Spain)

Author keywords

certification; cloud computing; security; trusted computing technology

Indexed keywords

DYNAMIC CHANGES; SECURITY PROPERTIES; SOFTWARE CERTIFICATION; SOFTWARE SECURITY; SYSTEM STRUCTURES; TRUSTED COMPUTING; TRUSTED COMPUTING TECHNOLOGY;

HARDWARE;

CLOUD COMPUTING;

EID: 84888019509     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SERVICES.2013.15     Document Type: Conference Paper

References (24)

1. Trusted Computing Group: TCG Specifications. Available online at. https://www.trustedcomputinggroup.org/specs/
2. M. Anisetti, C.A. Ardagna, and E. Damiani. Fine-grained modeling of web services for testbased security certification. In Proc. of the 8th International Conference on Service Computing (SCC 2011), Washington, DC, USA, July 2011.
3. E. Damiani, and A. Mana. Toward WS-Certificate. In Proc. of the ACM Workshop on Secure Web Services (SWS 2009). Chicago, IL, USA, November 2009.
4. B. Grobauer, T. Walloschek, and E. Stocker, "Understanding Cloud Computing Vulnerabilities," Security &Privacy, IEEE, vol.9, no.2, pp.50-57, March-April 2011
5. K.M. Khan, Q. Malluhi, "Establishing Trust in Cloud Computing," IT Professional, vol.12, no.5, pp.20-27, Sept.-Oct. 2010
6. E. Damiani, C.A. Ardagna, and N. El Ioini, "Open Source Security Certification". Springer, December 2008.
7. Securing Web services for army SOA, http://www.sei.cmu.edu/solutions/ softwaredev/securing-webservices. cfm
8. M. Anisetti, C.A. Ardagna, E. Damiani: Defining and matching testbased certificates in open SOA. In: Proc. of the Second International Workshop on Security Testing (SECTEST 2011). Berlin, Germany, March 2011, short paper.
9. A. Al-Moayed and B. Hollunder. Quality of service attributes in web services. In Proc. of the 5th International Conference on Software Engineering Advances (ICSEA 2010). Nice, France, August 2010.
10. T. Rajendran, P. Balasubramanie, E. Cherian. An efficient WS-QoS broker based architecturefor web services selection. International Journal of Computer Applications 1, 9, 79-84, 2010.
11. S. Ran. A model for web services discovery with QoS. ACM SIGecom Exchanges 4, 1, 1-10, 2003.
12. M. Serhani, R. Dssouli, A. Hafid, H. Sahraoui. A QoS broker based architecture for efficient web services selection. In Proc. of the IEEE International Conference on Web Services (ICWS 2005). Orlando, FL, USA, July 2005.
13. J. Heiser and M. Nicolett, Assessing the Security Risks of Cloud Computing, Gartner technical report 3 June 2008 ID Number: G00157782.
14. Truste, online available at http://www.truste.com/
15. Cloud Security Alliance, Cloud Security Alliance GRC stack, available from: https://cloudsecurityalliance.org/research/grc-stack/ (last accessed on 8/1/2012)
16. Cloud Security Alliance, CloudAudit, Available from: https:// cloudsecurityalliance.org/research/cloudaudit/ (last accessed on 8/1/2012)
17. Cloud Security Alliance, Cloud Controls Matrix, Available from: https://cloudsecurityalliance.org/research/ccm/ (last accessed on 8/1/2012)
18. R. Knode and D. Egan, Digital Trust in the Cloud-Into the Cloud with CTP: A Precis for the Cloud Trust Protocol v2.0, Available from: https://cloudsecurityalliance.org/wpcontent/ uploads/2011/05/ cloudtrustprotocolprecis-073010.pdf (last accessed on 8/1/2012)
19. George Coker, Joshua Guttman, Peter Loscocco, Amy Herzog, Jonathan Millen, Brian O'Hanlon, John Ramsdell, Ariel Segall, Justin Sheehy and Brian Sniffen. Principles of remote attestation. From the issue entitled "Special Issue:10th International Conference on Information and Communications Security (ICICS)"
20. V. Likitalo. Remote Attestation and Peer-to-Peer Networks. In Helsinki University of Technology Laboratory of Information Processing Science. Available at http://www.tml.tkk.fi/Publications/C/18/likitalo.pdf. 2005.
21. Siani Pearson and et al. Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall PTR, 2002.
22. Vivek Haldar, Deepak Chandra, Michael Franz, Semantic remote attestation: a virtual machine directed approach to trusted computing, Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium, p.3-3, May 06-07, 2004, San Jose, California
23. Fabrizio Baiardi, Diego Cilea, Daniele Sgandurra, Francesco Ceccarelli, Measuring Semantic Integrity for Remote Attestation, Proceedings of the 2nd International Conference on Trusted Computing, April 06-08, 2009, Oxford, UK [doi10.1007/978-3-642-00587-9-6]
24. M. Anisetti, C.A. Ardagna, E. Damiani, "A Low-Cost Security Certification Scheme for Evolving Services," in Proc. of the 19th IEEE International Conference on Web Services (ICWS 2012), Honolulu, HI, USA, June, 2012