Secure Architectures in the Cloud

Sabrina De Capitani di Vimercati; Wolter Pieters; Christian W. Probst

doi:10.4230/DagRep.1.12.11

Secure Architectures in the Cloud

Sabrina De Capitani di Vimercati, Wolter Pieters, Christian W. Probst

Research output: Book/Report › Report › Professional

61 Downloads (Pure)

Abstract

This report documents the outcomes of Dagstuhl Seminar 11492 “Secure Architectures in the Cloud‿. In cloud computing, data storage and processing are offered as services, and data are managed by external providers that reside outside the control of the data owner. The use of such services reduces the burden of the owners in managing their data, and may provide significant cost savings. However, cloud computing introduces new security and privacy concerns. In fact, there is little consensus on how to guarantee the confidentiality, integrity, and availability of data in cloud computing scenarios. Also, it is unclear to what extent parties can be held accountable in case something goes wrong. In this seminar, we searched for architectures, modelling approaches, and mechanisms that can help in providing guarantees for cloud security. We proposed the concept of verification-as-a-service that can guide architectures for verification of cloud architectures and configurations, as well as results of computations. We also proposed architectures for organizing customisability of security and privacy for cloud customers.

Original language	Undefined
Place of Publication	Germany
Publisher	Dagstuhl
Number of pages	16
ISBN (Print)	2192-5283
DOIs	https://doi.org/10.4230/DagRep.1.12.11
Publication status	Published - 1 Dec 2011

Publication series

Name	Dagstuhl Reports
Publisher	Schloss Dagstuhl
No.	11492
Volume	1, issue 12
ISSN (Print)	2192-5283

Keywords

Verification modelling
Verification
Auditing
Security architectures
Attestation
Cloud computing
Security modelling

Access to Document

10.4230/DagRep.1.12.11

dagrep_v001_i012_p011_s11492
open
dagrep_v001_i012_p011_s11492
open

Cite this

@book{3c06f1a7ae624904a0e025ce17a75a01,

title = "Secure Architectures in the Cloud",

abstract = "This report documents the outcomes of Dagstuhl Seminar 11492 “Secure Architectures in the Cloud‿. In cloud computing, data storage and processing are offered as services, and data are managed by external providers that reside outside the control of the data owner. The use of such services reduces the burden of the owners in managing their data, and may provide significant cost savings. However, cloud computing introduces new security and privacy concerns. In fact, there is little consensus on how to guarantee the confidentiality, integrity, and availability of data in cloud computing scenarios. Also, it is unclear to what extent parties can be held accountable in case something goes wrong. In this seminar, we searched for architectures, modelling approaches, and mechanisms that can help in providing guarantees for cloud security. We proposed the concept of verification-as-a-service that can guide architectures for verification of cloud architectures and configurations, as well as results of computations. We also proposed architectures for organizing customisability of security and privacy for cloud customers.",

keywords = "Verification modelling, Verification, Auditing, Security architectures, Attestation, Cloud computing, Security modelling",

author = "{De Capitani di Vimercati}, Sabrina and Wolter Pieters and Probst, {Christian W.}",

year = "2011",

month = dec,

day = "1",

doi = "10.4230/DagRep.1.12.11",

language = "Undefined",

isbn = "2192-5283",

series = "Dagstuhl Reports",

publisher = "Dagstuhl",

number = "11492",

address = "Germany",

}

TY - BOOK

T1 - Secure Architectures in the Cloud

AU - De Capitani di Vimercati, Sabrina

AU - Pieters, Wolter

AU - Probst, Christian W.

PY - 2011/12/1

Y1 - 2011/12/1

N2 - This report documents the outcomes of Dagstuhl Seminar 11492 “Secure Architectures in the Cloud‿. In cloud computing, data storage and processing are offered as services, and data are managed by external providers that reside outside the control of the data owner. The use of such services reduces the burden of the owners in managing their data, and may provide significant cost savings. However, cloud computing introduces new security and privacy concerns. In fact, there is little consensus on how to guarantee the confidentiality, integrity, and availability of data in cloud computing scenarios. Also, it is unclear to what extent parties can be held accountable in case something goes wrong. In this seminar, we searched for architectures, modelling approaches, and mechanisms that can help in providing guarantees for cloud security. We proposed the concept of verification-as-a-service that can guide architectures for verification of cloud architectures and configurations, as well as results of computations. We also proposed architectures for organizing customisability of security and privacy for cloud customers.

AB - This report documents the outcomes of Dagstuhl Seminar 11492 “Secure Architectures in the Cloud‿. In cloud computing, data storage and processing are offered as services, and data are managed by external providers that reside outside the control of the data owner. The use of such services reduces the burden of the owners in managing their data, and may provide significant cost savings. However, cloud computing introduces new security and privacy concerns. In fact, there is little consensus on how to guarantee the confidentiality, integrity, and availability of data in cloud computing scenarios. Also, it is unclear to what extent parties can be held accountable in case something goes wrong. In this seminar, we searched for architectures, modelling approaches, and mechanisms that can help in providing guarantees for cloud security. We proposed the concept of verification-as-a-service that can guide architectures for verification of cloud architectures and configurations, as well as results of computations. We also proposed architectures for organizing customisability of security and privacy for cloud customers.

KW - Verification modelling

KW - Verification

KW - Auditing

KW - Security architectures

KW - Attestation

KW - Cloud computing

KW - Security modelling

U2 - 10.4230/DagRep.1.12.11

DO - 10.4230/DagRep.1.12.11

M3 - Report

SN - 2192-5283

T3 - Dagstuhl Reports

BT - Secure Architectures in the Cloud

PB - Dagstuhl

CY - Germany

ER -