Defining the cloud battlefield - supporting security assessments by cloud customers

Sören Bleikertz, Toni Mastelic, Sebastian Pape, Wolter Pieters, T. Dimkov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

  • 4 Citations

Abstract

Cloud computing is becoming more and more popular, but security concerns overshadow its technical and economic benefits. In particular, insider attacks and malicious insiders are considered as one of the major threats and risks in cloud computing. As physical boundaries disappear and a variety of parties are involved in cloud services, it is becoming harder to define a security perimeter that divides insiders from outsiders, therefore making security assessments by cloud customers more difficult. In this paper, we propose a model that combines a comprehensive system model of infrastructure clouds with a security model that captures security requirements of cloud customers as well as characteristics of attackers. This combination provides a powerful tool for systematically analyzing attacks in cloud environments, supporting cloud customers in their security assessment by providing a better understanding of existing attacks and threats. Furthermore, we use the model to construct "what-if" scenarios that could possible lead to new attacks and to raise concerns about unknown threats among cloud customers.
LanguageUndefined
Title of host publicationInternational Conference on Cloud Engineering (IC2E 2013)
Place of PublicationPiscataway, New Jersey
PublisherIEEE Computer Society
Pages78-87
Number of pages10
ISBN (Print)978-1-4673-6473-7
DOIs
StatePublished - Mar 2013

Publication series

Name
PublisherIEEE Computer Society

Keywords

  • EWI-24074
  • SCS-Cybersecurity
  • EC Grant Agreement nr.: FP7/2007-2013
  • METIS-302561
  • EC Grant Agreement nr.: FP7/257243
  • EC Grant Agreement nr.: FP7/318003
  • IR-88139
  • EC Grant Agreement nr.: FP7/261696

Cite this

Bleikertz, S., Mastelic, T., Pape, S., Pieters, W., & Dimkov, T. (2013). Defining the cloud battlefield - supporting security assessments by cloud customers. In International Conference on Cloud Engineering (IC2E 2013) (pp. 78-87). Piscataway, New Jersey: IEEE Computer Society. DOI: 10.1109/IC2E.2013.31
Bleikertz, Sören ; Mastelic, Toni ; Pape, Sebastian ; Pieters, Wolter ; Dimkov, T./ Defining the cloud battlefield - supporting security assessments by cloud customers. International Conference on Cloud Engineering (IC2E 2013). Piscataway, New Jersey : IEEE Computer Society, 2013. pp. 78-87
@inproceedings{a2f0cb439a3749c89eb2f14a8ae8c3a0,
title = "Defining the cloud battlefield - supporting security assessments by cloud customers",
abstract = "Cloud computing is becoming more and more popular, but security concerns overshadow its technical and economic benefits. In particular, insider attacks and malicious insiders are considered as one of the major threats and risks in cloud computing. As physical boundaries disappear and a variety of parties are involved in cloud services, it is becoming harder to define a security perimeter that divides insiders from outsiders, therefore making security assessments by cloud customers more difficult. In this paper, we propose a model that combines a comprehensive system model of infrastructure clouds with a security model that captures security requirements of cloud customers as well as characteristics of attackers. This combination provides a powerful tool for systematically analyzing attacks in cloud environments, supporting cloud customers in their security assessment by providing a better understanding of existing attacks and threats. Furthermore, we use the model to construct {"}what-if{"} scenarios that could possible lead to new attacks and to raise concerns about unknown threats among cloud customers.",
keywords = "EWI-24074, SCS-Cybersecurity, EC Grant Agreement nr.: FP7/2007-2013, METIS-302561, EC Grant Agreement nr.: FP7/257243, EC Grant Agreement nr.: FP7/318003, IR-88139, EC Grant Agreement nr.: FP7/261696",
author = "S{\"o}ren Bleikertz and Toni Mastelic and Sebastian Pape and Wolter Pieters and T. Dimkov",
note = "Foreground = 10{\%}; Type of activity = Conference; Main leader = IBM; Type of audience = scientific community; Size of audience = 30; Countries addressed = international;",
year = "2013",
month = "3",
doi = "10.1109/IC2E.2013.31",
language = "Undefined",
isbn = "978-1-4673-6473-7",
publisher = "IEEE Computer Society",
pages = "78--87",
booktitle = "International Conference on Cloud Engineering (IC2E 2013)",
address = "United States",

}

Bleikertz, S, Mastelic, T, Pape, S, Pieters, W & Dimkov, T 2013, Defining the cloud battlefield - supporting security assessments by cloud customers. in International Conference on Cloud Engineering (IC2E 2013). IEEE Computer Society, Piscataway, New Jersey, pp. 78-87. DOI: 10.1109/IC2E.2013.31

Defining the cloud battlefield - supporting security assessments by cloud customers. / Bleikertz, Sören; Mastelic, Toni; Pape, Sebastian; Pieters, Wolter; Dimkov, T.

International Conference on Cloud Engineering (IC2E 2013). Piscataway, New Jersey : IEEE Computer Society, 2013. p. 78-87.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Defining the cloud battlefield - supporting security assessments by cloud customers

AU - Bleikertz,Sören

AU - Mastelic,Toni

AU - Pape,Sebastian

AU - Pieters,Wolter

AU - Dimkov,T.

N1 - Foreground = 10%; Type of activity = Conference; Main leader = IBM; Type of audience = scientific community; Size of audience = 30; Countries addressed = international;

PY - 2013/3

Y1 - 2013/3

N2 - Cloud computing is becoming more and more popular, but security concerns overshadow its technical and economic benefits. In particular, insider attacks and malicious insiders are considered as one of the major threats and risks in cloud computing. As physical boundaries disappear and a variety of parties are involved in cloud services, it is becoming harder to define a security perimeter that divides insiders from outsiders, therefore making security assessments by cloud customers more difficult. In this paper, we propose a model that combines a comprehensive system model of infrastructure clouds with a security model that captures security requirements of cloud customers as well as characteristics of attackers. This combination provides a powerful tool for systematically analyzing attacks in cloud environments, supporting cloud customers in their security assessment by providing a better understanding of existing attacks and threats. Furthermore, we use the model to construct "what-if" scenarios that could possible lead to new attacks and to raise concerns about unknown threats among cloud customers.

AB - Cloud computing is becoming more and more popular, but security concerns overshadow its technical and economic benefits. In particular, insider attacks and malicious insiders are considered as one of the major threats and risks in cloud computing. As physical boundaries disappear and a variety of parties are involved in cloud services, it is becoming harder to define a security perimeter that divides insiders from outsiders, therefore making security assessments by cloud customers more difficult. In this paper, we propose a model that combines a comprehensive system model of infrastructure clouds with a security model that captures security requirements of cloud customers as well as characteristics of attackers. This combination provides a powerful tool for systematically analyzing attacks in cloud environments, supporting cloud customers in their security assessment by providing a better understanding of existing attacks and threats. Furthermore, we use the model to construct "what-if" scenarios that could possible lead to new attacks and to raise concerns about unknown threats among cloud customers.

KW - EWI-24074

KW - SCS-Cybersecurity

KW - EC Grant Agreement nr.: FP7/2007-2013

KW - METIS-302561

KW - EC Grant Agreement nr.: FP7/257243

KW - EC Grant Agreement nr.: FP7/318003

KW - IR-88139

KW - EC Grant Agreement nr.: FP7/261696

U2 - 10.1109/IC2E.2013.31

DO - 10.1109/IC2E.2013.31

M3 - Conference contribution

SN - 978-1-4673-6473-7

SP - 78

EP - 87

BT - International Conference on Cloud Engineering (IC2E 2013)

PB - IEEE Computer Society

CY - Piscataway, New Jersey

ER -

Bleikertz S, Mastelic T, Pape S, Pieters W, Dimkov T. Defining the cloud battlefield - supporting security assessments by cloud customers. In International Conference on Cloud Engineering (IC2E 2013). Piscataway, New Jersey: IEEE Computer Society. 2013. p. 78-87. Available from, DOI: 10.1109/IC2E.2013.31