TY - GEN
T1 - A certification framework for cloud-based services
AU - Anisetti, M.
AU - Ardagna, C. A.
AU - Gaudenzi, F.
AU - Damiani, E.
N1 - Publisher Copyright:
© 2016 ACM.
PY - 2016/4/4
Y1 - 2016/4/4
N2 - Lack of trust and transparency are among the main reasons hindering adoption of cloud computing. Users in fact can inspect neither their applications nor the treatment of their data, and have little or no guarantees about their security. In this context, there is a pressing need for assurance techniques supporting some key properties of cloud services and applications. Cloud security certification is a major assurance technique that has been proposed to increase cloud security, trust, and transparency. However, certification is a tedious, costly, and time-consuming process for the provider that wants to certify one of its services/applications. In this paper, we propose a test-based security certification framework for the cloud implementing a certification process and a cloud engineering methodology based on it, which supports providers in the design and development of ready-tobe-certified services/applications.
AB - Lack of trust and transparency are among the main reasons hindering adoption of cloud computing. Users in fact can inspect neither their applications nor the treatment of their data, and have little or no guarantees about their security. In this context, there is a pressing need for assurance techniques supporting some key properties of cloud services and applications. Cloud security certification is a major assurance technique that has been proposed to increase cloud security, trust, and transparency. However, certification is a tedious, costly, and time-consuming process for the provider that wants to certify one of its services/applications. In this paper, we propose a test-based security certification framework for the cloud implementing a certification process and a cloud engineering methodology based on it, which supports providers in the design and development of ready-tobe-certified services/applications.
KW - Certification-aware cloud engineering
KW - Security certification
KW - Testing
UR - http://www.scopus.com/inward/record.url?scp=84975853009&partnerID=8YFLogxK
U2 - 10.1145/2851613.2851628
DO - 10.1145/2851613.2851628
M3 - Conference contribution
AN - SCOPUS:84975853009
T3 - Proceedings of the ACM Symposium on Applied Computing
SP - 440
EP - 447
BT - 2016 Symposium on Applied Computing, SAC 2016
T2 - 31st Annual ACM Symposium on Applied Computing, SAC 2016
Y2 - 4 April 2016 through 8 April 2016
ER -