A Security Benchmark for OpenStack

Marco Anisetti, Claudio A. Ardagna, Ernesto Damiani, Filippo Gaudenzi

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

14 Scopus citations


The cloud computing paradigm entails a radical change in IT provisioning, which must be understood and correctly applied especially when security requirements are considered. Security requirements do not cover anymore just the application itself, but involve the whole cloud supply chain from the hosting infrastructure to the final applications. This scenario requires, on one side, new security mechanisms protecting the cloud against misbehaviors/malicious attacks and, on the other side, a continuous and adaptive assurance process evaluating the observed cloud security behavior against the expected one. In this paper, we focus on the evaluation of the security assurance of OpenStack, a major open source cloud infrastructure. We first define a security benchmark for OpenStack, inspired by Center for Internet Security (CIS) benchmark for cloud infrastructures. We then present a platform, called Moon Cloud, for cloud security assurance evaluation, showing an application of our benchmark and platform to the in-production OpenStack deployment of the University of Milan.

Original languageBritish English
Title of host publicationProceedings - 2017 IEEE 10th International Conference on Cloud Computing, CLOUD 2017
EditorsGeoffrey C. Fox
PublisherIEEE Computer Society
Number of pages8
ISBN (Electronic)9781538619933
StatePublished - 8 Sep 2017
Event10th IEEE International Conference on Cloud Computing, CLOUD 2017 - Honolulu, United States
Duration: 25 Jun 201730 Jun 2017

Publication series

NameIEEE International Conference on Cloud Computing, CLOUD
ISSN (Print)2159-6182
ISSN (Electronic)2159-6190


Conference10th IEEE International Conference on Cloud Computing, CLOUD 2017
Country/TerritoryUnited States


  • Assurance
  • Benchmark
  • Cloud
  • OpenStack
  • Security


Dive into the research topics of 'A Security Benchmark for OpenStack'. Together they form a unique fingerprint.

Cite this