@inproceedings{b995740535ac4df48a67dec98128e3f6,
title = "A Security Benchmark for OpenStack",
abstract = "The cloud computing paradigm entails a radical change in IT provisioning, which must be understood and correctly applied especially when security requirements are considered. Security requirements do not cover anymore just the application itself, but involve the whole cloud supply chain from the hosting infrastructure to the final applications. This scenario requires, on one side, new security mechanisms protecting the cloud against misbehaviors/malicious attacks and, on the other side, a continuous and adaptive assurance process evaluating the observed cloud security behavior against the expected one. In this paper, we focus on the evaluation of the security assurance of OpenStack, a major open source cloud infrastructure. We first define a security benchmark for OpenStack, inspired by Center for Internet Security (CIS) benchmark for cloud infrastructures. We then present a platform, called Moon Cloud, for cloud security assurance evaluation, showing an application of our benchmark and platform to the in-production OpenStack deployment of the University of Milan.",
keywords = "Assurance, Benchmark, Cloud, OpenStack, Security",
author = "Marco Anisetti and Ardagna, {Claudio A.} and Ernesto Damiani and Filippo Gaudenzi",
note = "Funding Information: ACKNOWLEDGMENTS This work was partly supported by the program “piano sostegno alla ricerca 2015-17” funded by Universit{\`a} degli Studi di Milano. Publisher Copyright: {\textcopyright} 2017 IEEE.; 10th IEEE International Conference on Cloud Computing, CLOUD 2017 ; Conference date: 25-06-2017 Through 30-06-2017",
year = "2017",
month = sep,
day = "8",
doi = "10.1109/CLOUD.2017.45",
language = "British English",
series = "IEEE International Conference on Cloud Computing, CLOUD",
publisher = "IEEE Computer Society",
pages = "294--301",
editor = "Fox, {Geoffrey C.}",
booktitle = "Proceedings - 2017 IEEE 10th International Conference on Cloud Computing, CLOUD 2017",
address = "United States",
}