A security metric catalogue for cloud applications

Advances in Intelligent Systems and Computing

Volumn 611, Issue , 2017, Pages 854-863

  Casola, Valentina ^a   De Benedictis, Alessandra ^a   Rak, Massimiliano ^b   Villano, Umberto ^c  

^a UNIVERSITY OF NAPLES FEDERICO II   (Italy)

^b SECOND UNIVERSITY OF NAPLES   (Italy)

^c UNIVERSITY OF SANNIO   (Italy)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER PROGRAMMING; COMPUTER SCIENCE;

CLOUD APPLICATIONS; CLOUD MONITORING; MONITORING TOOLS; SECURITY METRICES; SECURITY MONITORING; SECURITY PARAMETERS; SERVICE LEVEL AGREEMENTS; SERVICE LEVEL OBJECTIVE;

REGULATORY COMPLIANCE;

EID: 85026325143     PISSN: 21945357     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1007/978-3-319-61566-0_81     Document Type: Conference Paper

References (19)

1. A4Cloud project web site (2017). http://www.a4cloud.eu/
2. MUSA project web site (2017). http://www.musa-project.eu
3. SPECS project web site (2017). http://www.specs-project.eu
4. A4Cloud Consortium: Deliverable D: 35.1: Metrics for Accountability. (2013). http://www.a4cloud.eu/sites/default/files/D35.1%20Metrics%20for%20account-ability.pdf
5. Andrieux, A., Czajkowski, K., Dan, A., Keahey, K., Ludwig, H., Nakata, T., Pruyne, J., Rofrano, J., Tuecke, S., Xu, M.: Web services agreement specification (WS-Agreement). In: Global Grid Forum. The Global Grid Forum (GGF) (2004)
6. Casola, V., De Benedictis, A., Rak, M.: On the Adoption of Security SLAs in the Cloud. In: Felici, M., Fernández-Gago, C. (eds.) A4Cloud 2014. LNCS, vol. 8937, pp. 45–62. Springer, Cham (2015). doi:10.1007/978-3-319-17199-9 2
7. Casola, V., De Benedictis, A., Rak, M.: Security monitoring in the cloud: an SLA-based approach. In: 2015 10th International Conference on Availability, Reliability and Security (ARES), pp. 749–755 (2015). doi:10.1109/ARES.2015.74(2015)
8. Casola, V., De Benedictis, A., Rak, M., Modic, J., Erascu, M.: Automatically enforcing security slas in the cloud. IEEE Trans. Serv. Comput. PP(99), 1 (2016). doi:10.1109/TSC.2016.2540630
9. Casola, V., De Benedictis, A., Rak, M., Villano, U.: Preliminary design of a platform-as-a-service to provide security in cloud. In: CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science, Barcelona, Spain, 3–5 April 2014, pp. 752–757 (2014)
10. Center for Internet Security: The CIS Security Metrics v1.1.0. (2010). https://benchmarks.cisecurity.org/tools2/metrics/cis security metrics v1.1.0.pdf
11. Cloud Security Alliance: Cloud Control Matrix v3.0. https://cloudsecurityalliance. org/download/cloud-controls-matrix-v3/
12. Cloud Security Alliance: The Treacherous Twelve, Cloud Computing Top Threats in 2016 (2016). https://cloudsecurityalliance.org/download/the-treacherous-twelve-cloud-computing-top-threats-in-2016/
13. International Organization for Standardization: ISO/IEC CD 19086–2. Information Technology - Cloud computing - Service level agreement (SLA) framework - Part 2: Metric Model (2017). https://www.iso.org/standard/67546.html
14. MUSA Consortium: Deliverable D2.1: Initial Sbd methods for multi-cloud applications (2016). http://www.tut.fi/musa-project/wp-content/uploads/2017/02/MUSA-D2.1-Initial-SbD-methods-for-multi-cloud-applications.pdf
15. National Institute of Standards and Technology: NIST Special Publication 800– 55 Rev1. Performance measurement guide for information security (2008). http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-55r1.pdf
16. National Institute of Standards and Technology: NIST SP-800-53: Recommended Security Controls for Federal Information Systems (2013)
17. SPECS Consortium: Deliverable D4.3.2: Implementation of the enforcement SLA components - Intermediary (2015).
18. SPECS Consortium: The SPECS Security Metric Catalogue (2017). http://apps. specs-project.eu/specs-app-security metric catalogue/
19. Jansen, W.: NIST Interagency/Internal Report (NISTIR) - 7564. Directions in Security Metrics Research (2009). http://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7564.pdf