1 Towards Trusted Environment in Cloud Monitoring Tuomas Kekkonen, Teemu Kanstrén VTT Technical Research Centre of Finland Oulu, Finland Kimmo Hätönen Nokia Solutions and Networks Espoo, Finland Abstract This paper investigates the problem of providing trusted monitoring information on a cloud environment to the cloud customers. The general trust between customer and provider is taken as a starting point. The paper discusses possible methods to strengthen this trust. It focuses on establishing a chain of trust inside the provider infrastructure to supply monitoring data for the customer. The goal is to enable delivery of state and event information to parties outside the cloud infrastructure. The current technologies and research are reviewed for the solution and the usage scenario is presented. Based on such technology, higher assurance of the cloud can be presented to the customer. This allows customers with high security requirements and responsibilities to have more confidence in accepting the cloud as their platform of choice. Keywords-cloud; TPM; integrity measurement; remote attestation; security measurement, security concerns I. INTRODUCTION Cloud platforms are used to host increasing number of services and data. The capability to provide resources flexibly with usage based pricing eases the launch of new services and relieves companies from the duty of running data centers while focusing more on their core knowledge. The extremely low investment in starting of operations has started a new generation of startup businesses. Still, giving data to cloud service provider raises concern in many users. This is sometimes considered a generation change in the information technology. Some administrators still have the need to manage their whole infrastructure from the underlying layers of hardware to applications. Convincing this group of administrators with new mechanisms, while at the same time running a highly dynamic and distributed platform, is a challenge. Also, news about leaks in provider infrastructures and cooperation with security agencies prove that it is not only paranoia of some administrators but a genuine concern. The task of convincing the cloud customers about the cloud infrastructure security lies on the shoulders of the cloud infrastructure providers. We assume an infrastructure provider to have a suitable level of security built in, and the availability of audit results to show this. In this paper we focus on the problem of providing reliable continuous operational assurance to the cloud customer that can show that the security is of acceptable or agreed level. We present a high-level approach for providing this assurance information and investigate its usability and security enhancements. More specifically this paper investigates the possibility to have a reliable high-assurance component in the cloud infrastructure. Specific means are taken to provide a chain of trust and the ability to communicate information from both the infrastructure services and the customer services to an external (outside the cloud) customer monitoring point. The customer needs to be able to have high assurance on the integrity of the received data. The component provides the customer with agreed but limited access to monitor the cloud infrastructure. As the infrastructure provider has full access to all hardware and the customer does not, providing such components with high assurance of no tampering from the cloud provider has proven difficult. The work presented in this paper aims to address 1) providing shared access to relevant cloud infrastructure information, and 2) high assurance means to provide confidence on the integrity of this information. The paper continues by describing the problem area in Section II. Section III lists existing work in the area. Section IV describes our approach to this problem by adapting existing technologies and making use of their advantages. Lastly Section V discusses the approach and its potential weaknesses to be addressed in a wider context. Section VI concludes of the paper. II. CLOUD SECURITY CONCERNS Research has listed security concerns and challenges in cloud computing vastly    . Often the technological research has quite different view of cloud security than surveys based on companies perception of cloud vulnerabilities. More focus is put on the implementation of security rather than how this security is seen by the potential customer. Cloud security alliance has a working group titled Top Threats which conducts surveys to understand the perceived risks in cloud computing . The latest publication lists the top threats in descending order to be data breaches, data loss, account hijacking, insecure APIs, denial of service, malicious insiders, abuse of cloud resources, insufficient due diligence and shared technology issues. Most of these threats are present in any type of hosting infrastructure but have a higher probability and impact in case of cloud. This is due to multi tenancy and centralized hosting. Some, such as insecure APIs and abuse of cloud resources, are somewhat specific or unique to cloud platforms.
2 A. Trust One key issue in adopting cloud platforms mentioned by the report is the bypassing of information technology departments and information officers. The possibility to outsource data centers should not mean to outsource all IT expertise as not all the responsibility can be handed over to the cloud providers. As the responsibility still stays with the customer of the cloud, the customer should have necessary capability to address these responsibilities. This psychological mind-troubling issue in cloud platforms is the lack of awareness or contact into the infrastructure. The implementation of security in a cloud provider s infrastructure might be paramount and all the certificates can show that. Despite of all this, for a traditional administrator, all this is irrelevant and it all comes down to trusting the provider. For a novice user with even less knowledge of security or computing, the list of certificates and security policies is even less convincing. The goal of the work presented in this paper is providing means to increase this trust. In a typical scenario of data center outsourcing, a company transfers its server to an Infrastructure as a Service (IAAS) cloud provider. To drastically simplify this scenario, nothing changes with regard to local deployment, but the previously local hardware servers are replaced with virtual machines running on an external hardware. So the new concerns stem from this set up. Newly introduced worries are the visibility of data from outside the virtual machine because now the data is in some other location and someone else s hard drive. It might need to be encrypted. These types of new mechanisms to compensate the lost confidence increase the complexity. One option to increase trust is enabling of customers own mechanism in security monitoring and control without compromising the multi-tenant infrastructure. This would require it to be implemented in a way that it does not interfere with the cloud infrastructure operation. Otherwise it would impact the performance and flexibility benefits gained from cloud based architecture. The approach of increasing the customer trust with inclusion of trusted execution components is investigated in this paper. This path is investigated by introducing a scenario where a cloud customer can retrieve information from the infrastructure any time in any data center of the cloud provider. The technical details of this scenario are described in Section IV. B. Virtualization Virtualization is the main enabler of cloud technologies. It is also the cause of many security concerns. Because of virtualization it is possible to share and use resources dynamically and more efficiently. This brings up one of the main causes of security concerns, the multi tenancy aspect. The privacy of data and communication inside a virtual machine and between the virtual machine and its owner is not absolute . During the development of hypervisors some vulnerabilities have been discovered which enable the visibility of data between virtual machines and from virtual machines to the host system . In another viewpoint the virtualization is often seen as limitation to the cloud provider in terms of security. It is difficult to provide security services when the customer has its own container for its operations. In such scenarios the provider offers security as a service functionalities which are delivered as additions to the virtual machines. Also the security monitoring of customers virtual machines is often in focus. The operations of customer inside its own environent are however difficult to monitor from the host perspective. Currently the research focuses in memory and network activity tracing.   C. Platforms There are varying technologies for providing cloud services. Depending on whether service, infrastructure or platform is provided the simplicity of interfaces and amount of choises for technology can be immense. Our focus is on infrastructure as a service (IAAS) and the tools in question are for provisioning and managing virtual machines. Managing virtual machines consists of tasks like monitoring their state, migrating to other locations, configuring their virtual system resources or externally configuring the virtual machine settings through an additional interface. Currently well-defined architectural models for the IAAS provisioning and management do not exist.  Therefore it is also difficult to design security infrastructures that take into account different provisioning and management approaches. III. EXISTING APPROACHES TO THE PROBLEM Approaches that can be described as to provide more information about the cloud deployed services and its surroundings are mostly relying on providing monitoring or separate authentication or key management solutions. The monitoring solutions often focus on resource monitoring and more general monitoring . Security event monitoring is less commonly provided by the cloud providers and is considered to be handled by the customer. In IAAS type of service this arrangement makes sense because of the limitations and nature of virtualization technologies. This all relates back to the multi-tenant usage mentioned earlier. Most common way of polishing the appearance of trustworthiness is displaying certificates. Certificates are a proof that system or process follows certain guidelines. Certificate authority performs audits to the system and grants those systems a certificate. IT security field has masses of certificates that can show the state of implemented security in a system. Amazon web services advertise a list of more than 10 certificates received. However a major security hole unblockable by certificate proven security is the insider who changes something in the system. After this the security of the system does not match the one at the time of the certificate given. The frequency of the audits plays important role in the certificate process and no human performed audit can reach adequate frequency affordably. A technology to automatically measure and show the integrity of the system would play a major role. The audit schemes of security measures were recently reviewed by the European Union Agency for Network and Information Security (ENISA) . They also came into conclusion that most auditing schemes are point-in-time assessments and that this
3 approach without capability to adapt to changes is not adequate. A. Monitoring Cloud monitoring is based on the data given to customers by the provider. In commercial systems it focuses on resource monitoring. However, research that focuses on security measurement delivery also exists. The common approach in operational monitoring is in gathering and delivery of information. Savola and Ahola in  depict an approach which focus on delivery and usability while leaving the reliability to less focus. In  the reliability aspect is covered in terms of communication reliability and information availability. The distributed nature of cloud infrastructures causes the problem of linking the context and the information. Resources in cloud can migrate between data centers and hosts. Also the information for monitoring can be provided from many sources. Especially when investigating causes of events the investigator has to rely on logs provided by possibly hundreds of applications and network components. Finding the correlation of entries becomes difficult. Monitoring for cloud infrastructures has some suggestions that formalize data provided from different sources and attach context information. With proper tools the analysis of such data is much more convenient. However such standards are still in drafting stage . B. Trusted execution The trusted cloud concept is mentioned in research.    This introduces the usage of secure elements as tools in security mechanisms. In this context this means Hardware Security Modules (HSM) in key management, Trusted Platform Module (TPM) in attestation or additional hardware tokens for authentication. TPM offers variety of additional functions. Its main features simply put are the capability to store secrets securely and perform integrity measurements. It is also attached to the hardware by the manufacturer and considered tamper free. This is defined by the trusted computing group (TCG) and it has become the industry standard of trusted environment implementation. These features are listed by TCG as protected capabilities, integrity measurement and integrity reporting.   Taking advantage of the TPM features in cloud infrastructure, management can have many approaches. Some scenarios of TPM usage in cloud security management are listed in the following. Integrity measurement features of TPM enable the secure measurement function and storage of the signature. It can be used by boot procedures and applications. Storing of keys for communication and encryption securely on TPM. Root of trust in integrity measurement. Chain of trust until operating system and applications can be established by measuring each component in chain of trust by a component that has already been measured. Cryptography features enable sending of information sealed so the target hardware is in assumed state when receiving. Remote attestation provides the capability of system integrity evaluation by a remote party. This is based on sharing the PCR values remotely. The integrity measurement of TPM relies on BIOS and operating system providing information to the TPMs platform configuration registers (PCR). The hardware configuration of the system results in a certain PCR content. Operating system is responsible for changing register values based on its configuration and running processes. Taking advantage of those features depends on the operating system and its configuration. This information can be used in cloud monitoring to reliably assess the system state. Part of the trusted environment concept is the operating system. Operating system is trusted to perform certain integrity measurements. IBM has developed Linux integrity measurement architecture (IMA) that performs measurements for accessed files. This measurement is stored and extended to TPM PCR registers. This way each time a file is accessed it leaves a trail. This is however not usable of approving a certain state in the system. An approved state could not be limited in such a way where file access would have to follow a specific order until a certain state where it would remain. However this also includes the measurement of Linux boot components and modules that include applications into the chain of trust. IMA is developed as a Linux security module (LSM). It extends the root of trust from TPM hardware to the booted kernel. Other approaches using LSM to extend the trust into kernel and applications exist. For example  and  exhibit applications of this trust into integrity measurements of applications and web services. This approach is also applied in the work presented in this paper. A commercially deployed solution specifically applicable for cloud platforms is a trusted execution technology based Intel TXT (Trusted execution technology). It uses TPM hardware and integrity measurements to assure that the data center server hardware and the hypervisor remain in the agreed state. It is available on servers using the Intel TXT technology with appropriate tools. It can also limit the migration map of virtual machines to servers which carry this trusted execution technology addition . Ultimately the problem is quite difficult. The administrator of the system hosting the cloud infrastructure has total control of everything. That enables it to alter any file, reset certain TPM PCRs, or even all PCRs by tampering with hardware , which however is hard to exploit and noticeable, reboot the machine, capture traffic or run false applications. It might be unfeasible to make a trust scenario where the customer does not need to trust the provider at all. The technical solution of the problem comes down to extending the root of trust from the TPM hardware into the applications.
4 IV. OUR APPROACH The approach taken here aims to have some new certainty in the integrity of information provided by the cloud provider about its infrastructure. It attempts to give broader understanding of the surroundings of the purchased resource as a service. It focuses on the case of IAAS provider but its concept is applicable throughout the cloud deployment layers. The philosophy is to have some shared reliable event and state data available from the cloud infrastructure. Based on customers desires they could subscribe to data delivered by the cloud infrastructure. The structure of this data has to follow a principle that enables it to be made anonymous to achieve privacy in multi tenancy when needed. Investigated scenario is a typical IAAS provider one where the customer wants to be certain of the integrity of the agreed environment. This integrity is assured with the integrity measurement capabilities of the TPM. This integrity attestation provides the customer a way to perform queries or requests to receive more detailed and reliable information about the infrastructure state. The main goal is to identify the capabilities of such setup and the usability of it in cloud management tasks. The information provided in the inspected scenario is delivered with a tool designed for operational security assurance called Le-mon . It includes probes, messaging protocol and measurement hierarchy for security measurement retrieval and delivery. This framework is used as basis for the cloud provider to share information. Its components, especially the probe at the host system, are measured for integrity by the customers. The motives of the approach presented in this paper are also based on the need of operational security assurance we have researched before and introducing its functionalities reliably in cloud infrastructures. The architecture of the monitoring approach motivating this paper is shown in Figure 1. The picture also shows another tool developed for measurement and metric visualization called MVS. A. Features of the approach Monitoring system offers few key features. The applications built on top of these can vary depending on the requirements. The system would provide necessary APIs to build applications with features such as cloud management, migration tracking, safe authentication, event tracing, provisioning and more. The three core features can be listed as following: The provider has a monitoring probe that provides certain set of measurements of a host system in its infrastructure. Customer can subscribe to these measurements according to its interest and level of service purchased from the provider. Any customer can at any time perform a measurement to attest the state of the host system and the monitoring application. The main focus of this investigation is on the last feature. B. Scenario details The scenario in focus is simply a delivery of operating system information from the host machine running the hypervisor and the virtual machines. This is challenging because of the multi tenancy and the virtual machine host communication and security. A simple delivery of system authentication log from a Linux operating system is used as an example. This is provided by the cloud provider and subscribed to by the customer. In a broader scenario the information provided by the cloud provider can be more extensive. For making the scenario more usable it is run with changing host system configurations which should be noticed by the integrity measurement function of the TPM. The key security goals are following: The integrity of the infrastructure and integrity of the information delivered. Figure 1 Attestation of the monitoring application integrity
5 In more detailed way the integrity of the infrastructure is assured by remotely attesting the TPM PCR registers. Those are written by the BIOS of the host system and they represent the state of the hardware configuration of the system. For simplicity only a few registers are chosen (PCR0 and PCR1). The integrity of the infrastructure includes that the probe software remains the same. PCR1 is extended with the probe application measurement when any customer wants to measure it. From the PCR register values the customer can be sure that the VM is running in an expected environment and the request is processed appropriately. Integrity of the information delivered deals with the information sent from the infrastructure to the customer. The reliability of this information is the key feature of gaining new trust in the awareness of the cloud infrastructure. It can be assured by using the signature created by the securely stored information within the TPM. The privacy of the information delivered in such multitenant scenario would require management of separate encryption keys. Another key point in virtual machine environment and multi tenancy is the point that no data contained in the host operating system is usually visible to the virtual machine unless it is made visible as some type of shared resource. In this scenario the shared resource would be the system log of the host operating system which would be delivered to the customers. This log can contain private data relevant to specific guest operating system and this privacy concern is ignored here. The system log is considered safe to deliver to all guests. In other scenarios, specific preprocessing could be performed to remove confidential customer specific information. The operation of these security features requires a previously completed approval of the system state and TPM PCR values. This can be done as a third party certification process or audit. In the following, we focus on proving assurance of the integrity of system state. The principle of assuring the integrity of the application providing the log is based on the chain of trust established by implementing an LSM based attestation component in the host system. In every boot this attestation component is checked for integrity and this can be verified by the customer by remote attestation. This attestation component can be called any time the integrity of the measurement probe has to be checked. The need for two separate components is required because the measurement probe can change but the attestation component does not need to. The attestation procedure is shown in Figure 2. C. The sequence of operations As a precondition the cloud customer has a virtual machine hosted by the cloud provider. The cloud provider has delivered the probe software and necessary attestation information about the software to the client. The probe software runs on each machine in the cloud provider infrastructure. Customers are subscribed to the measurement. This is the certified starting point. Customer uses a measurement API to generate a request for integrity measurement. API call generates a nonce parameter for the remote attestation. Request is sent to the measurement delivery system. Nonce is a freshness parameter included in the generation. The probe at the virtual machine receives the message and delivers to its host machine through the virtual network provided by the XEN hypervisor. Another probe component at the host system receives the request. It calculates new integrity metric of the measurement probe and extends the PCR register with the value. Key is to use a PCR register that cannot be reset. Remote attestation value of PCR registers is created. Values are relayed back to the origin through the virtual machine probe and the measurement delivery system. Integrity metric is compared with the certified one. Other customers are notified that the measurement was done. They can reflect this to their comparison hash. Figure 2 Attestation within cloud infrastructure component V. APPROACH EVALUATION The approach described in previous chapter provides trust that the system has remained in agreed state. This relies on the fact that PCR register in TPM cannot be reset and its values can only be changed by extending its registers with data that generates new value in it by adding new data to old value. If at any time the register is extended with other data the chain is broken and any customer will notice this. When applying this methodology to serve as a usable platform for cloud management, many other features need to be implemented and security concerns covered. As mentioned, to achieve privacy between tenants in the cloud, key management solutions need to be employed. The inclusion of more hosts and data centers requires management of integrity metrics comparison databases for the customer. Another thing to consider is the fact that the measured binary of measurement application might not be the one actually running on the system. This is a concern and needs to be taken care of by either measuring the operating system
6 processes more extensively or using authentication mechanism in the measurement application. Additional advantage of the approach is the capability to detect migration within the cloud infrastructure. This is established by the PCR attestation and the connection to the host being established by its own guest virtual machine. This however relies on the assumption that the host of the virtual machine is available and genuine in the virtual network and traffic is not routed to somewhere else. The actual usability of the information relies on creating metrics based on the available measurements. The way of using the information can vary and automatic monitoring might not be the goal for every customer. Some might need the measurement for later investigation in cases of data breaches. In such cases the data has to be stored and structured. It might also need to go through some filtration process to save only the relevant information. All the management tasks and providing of knowledge to the customer has to be implemented in a way that it allows the same functionality of cloud services. Limitation of accepted cloud infrastructure components can limit the capability of the provider and therefore the cloud philosophy. Because of this the extension of the new trusted technology capabilities to new cloud resources has to be fluent VI. CONCLUSION Establishing the chain of trust inside the cloud provider infrastructure to reach a monitoring probe was the main goal of this paper. This has been investigated and its capabilities and flaws listed by going through technologies and research relevant to this topic. The validity of the approach relies on the validity of the TPM implementation and its usage to validate the integrity of Linux kernel components. The approach will be further investigated with broad implementation and testing. ACKNOWLEDGMENT The research was carried out as part of Security Embedded Element and Data privacy for the Cloud (SEED4C) Celtic-Plus Eureka project. Multiple project partners have influenced the work. REFERENCES  Kresimir Popovic and Zeljko Hocenski, "Cloud computing security issues and challenges," in MIPRO, 2010 proceedings of the 33rd international convention, 2010, pp  Sara Bouchenak et al., "Verifying Cloud Services: Present and Future," Operating Systems Review, vol. 48,  Akhil Behl, "Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation," in Information and Communication Technologies (WICT), 2011 World Congress on, 2011, pp  Balachandra Reddy Kandukuri, V Ramakrishna Paturi, and Atanu Rakshit, "Cloud security issues," in Services Computing, SCC'09. IEEE International Conference on, 2009, pp  Top Threats Working Group, "The notorious nine: cloud computing top threats in 2013," Cloud Security Alliance, Tech. rep  Mihai Christodorescu, Reiner Sailer, Douglas Lee Schales, Daniele Sgandurra, and Diego Zamboni, "Cloud security is not (just) virtualization security: a short paper," in Proceedings of the 2009 ACM workshop on Cloud computing security, 2009, pp  Louis Turnbull and Jordan Shropshire, "Breakpoints: An analysis of potential hypervisor attack vectors," in Southeastcon, 2013 Proceedings of IEEE, 2013, pp  Seungwon Shin and Guofei Gu, "CloudWatcher: Network security monitoring using OpenFlow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?)," in Network Protocols (ICNP), th IEEE International Conference on, 2012, pp  Amani S Ibrahim, James Hamlyn-Harris, John Grundy, and Mohamed Almorsy, "Cloudsec: a security monitoring appliance for virtual machines in the iaas cloud model," in Network and System Security (NSS), th International Conference on, 2011, pp  Yuri Demchenko et al., "Security infrastructure for on-demand provisioned cloud infrastructure services," in Cloud Computing Technology and Science (CloudCom), 2011 IEEE Third International Conference on, 2011, pp  Shicong Meng et al., "Reliable state monitoring in cloud datacenters," in Cloud Computing (CLOUD), 2012 IEEE 5th International Conference on, 2012, pp  European Union Agency for Network and Information Security, "Schemes for Auditing Security Measures," European Union Agency for Network and Information Security, Tech. rep  Reijo M Savola and Jukka Ahola, "Towards remote security monitoring in cloud services utilizing security metrics," in Application of Information and Communication Technologies (AICT), th International Conference on, 2012, pp  The Distributed Management Task Force, Inc, Cloud Auditing Data Federation, Data Format and Interface Definitions Specification,  Hiroyuki Sato, Atsushi Kanai, and Shigeaki Tanimoto, "A cloud trust model in a security aware cloud," in Applications and the Internet (SAINT), th IEEE/IPSJ International Symposium on, 2010, pp  Derek Gordon Murray, Grzegorz Milos, and Steven Hand, "Improving Xen security through disaggregation," in Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, 2008, pp  Ronald Perez, Reiner Sailer, and Leendert van Doorn, "vtpm: virtualizing the trusted platform module," in Proceedings of the 15th conference on USENIX Security Symposium, 2006, pp  Allan Tomlinson, "Introduction to the TPM," in Smart Cards, Tokens, Security and Applications.: Springer, 2008, pp  Trusted Computing Group, "TPM Main Specification Version 1.2, Revision 94," Trusted Computing Group, Tech. rep..  Liang Gu, Xuhua Ding, Robert Huijie Deng, Bing Xie, and Hong Mei, "Remote attestation on program execution," in Proceedings of the 3rd ACM workshop on Scalable trusted computing, 2008, pp  Sachiko Yoshihama, Tim Ebringer, Megumi Nakamura, Seiji Munetoh, and Hiroshi Maruyama, "WS-Attestation: Efficient and fine-grained remote attestation on web services," in Web Services, ICWS Proceedings IEEE International Conference on,  James Greene, "Intel Trusted Execution Technology," Intel Corporation, White paper  ER Sparks and others, "TPM reset attack," Web page, URL: cs. dartmouth. edu/~ pkilab/sparks.  Sammy Haddad et al., "Operational security assurance evaluation in open infrastructures," in Risk and Security of Internet and Systems (CRiSIS), th International Conference on, 2011, pp. 1-6.
FRAUNHOFER RESEARCH INSTITUTION AISEC CLOUD COMPUTING SECURITY PROTECTION GOALS.TAXONOMY.MARKET REVIEW. DR. WERNER STREITBERGER, ANGELIKA RUPPEL 02/2010 Parkring 4 D-85748 Garching b. München Tel.: +49
November 09 Benefits, risks and recommendations for information security ABOUT ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the
Institute of Parallel and Distributed Systems University of Stuttgart Universitätsstraße 38 D 70569 Stuttgart Diplomarbeit Nr. 3242 Data security in multi-tenant environments in the cloud Tim Waizenegger
JANUARY 2013 REPORT OF THE DEFENSE SCIENCE BOARD TASK FORCE ON Cyber Security and Reliability in a Digital Cloud JANUARY 2013 Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
EINDHOVEN UNIVERSITY OF TECHNOLOGY Department of Mathematics and Computing Science MASTER S THESIS Cryptography as a service in a cloud computing environment Hugo a.w. Ideler Eindhoven, December 2012 Supervisors:
Special Publication 800-125 Guide to Security for Full Virtualization Technologies Recommendations of the National Institute of Standards and Technology Karen Scarfone Murugiah Souppaya Paul Hoffman NIST
Cloud-Based Software Engineering PROCEEDINGS OF THE SEMINAR NO. 58312107 DR. JÜRGEN MÜNCH 5.8.2013 Professor Faculty of Science Department of Computer Science EDITORS Prof. Dr. Jürgen Münch Simo Mäkinen,
Handbook of The Secure Agile Software Development Life Cycle 1 This work was supported by TEKES as part of the Cloud Software Program of DIGILE (Finnish Strategic Centre for Science, Technology and Innovation
Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered
SECURITY CONCERNS OF CLOUD COMPUTING SERVICE DELIVERY MODELS: A COMPARATIVE STUDY OF SELECTED COMPANIES IN KENYA RONOH KIPRUTTO LAMEK A Thesis Submitted to Graduate School in Partial Fulfillment of the
FRAUNHOFER INSTITUTE FOR OPEN COMMUNICATION SYSTEMS Cloud Concepts for the Public Sector in Germany Use Cases Peter Deussen, Klaus-Peter Eckert, Linda Strick, Dorota Witaszek Fraunhofer Institute FOKUS
Standard: Version: 2.0 Date: June 2011 Author: PCI Data Security Standard (PCI DSS) Virtualization Special Interest Group PCI Security Standards Council Information Supplement: PCI DSS Virtualization Guidelines
ARTICLE 29 DATA PROTECTION WORKING PARTY 01037/12/EN WP 196 Opinion 05/2012 on Cloud Computing Adopted July 1 st 2012 This Working Party was set up under Article 29 of Directive 95/46/EC. It is an independent
Analysis, Design and Implementation of a Helpdesk Management System Mark Knight Information Systems (Industry) Session 2004/2005 The candidate confirms that the work submitted is their own and the appropriate
Arbeitsberichte der Hochschule für Wirtschaft FHNW Nr. 28 Enterprise Architectures for Cloud Computing Laura Aureli, Arianna Pierfranceschi, Holger Wache ISSN Nr. 1662-3266 (Print) Nr. 1662-3274 (Online)
Institute of Architecture of Application Systems University of Stuttgart Universittsstrae 38 D 70569 Stuttgart Diplomarbeit Nr. 3538 Risk assessment-based decision support for the migration of applications
EVALUATIVE STANDARD THAT ADDRESS CLOUD-SPECIFIC VIRTUALIZATION SECURITY CONCERNS MAKANGA, VICTOR WESONGA Research thesis submitted in partial fulfillment of the requirements for the degree of Master of
The Critical Security Controls for Effective Cyber Defense Version 5.0 1 Introduction... 3 CSC 1: Inventory of Authorized and Unauthorized Devices... 8 CSC 2: Inventory of Authorized and Unauthorized Software...
Data protection Protecting personal data in online services: learning from the mistakes of others May 2014 Contents Introduction... 2 What the DPA says... 4 Software security updates... 5 Software security
Cloud Service Level Agreement Standardisation Guidelines Brussels 24/06/2014 1 Table of Contents Preamble... 4 1. Principles for the development of Service Level Agreement Standards for Cloud Computing...
New York State Office of the State Comptroller Division of Local Government and School Accountability LOCAL GOVERNMENT MANAGEMENT GUIDE Information Technology Governance Thomas P. DiNapoli State Comptroller
Risk perception and risk management in cloud computing: Results from a case study of Swiss companies Nathalie Brender Haute Ecole de Gestion de Genève Campus de Battelle, Bâtiment F 7 route de Drize, 1227
econstor www.econstor.eu Der Open-Access-Publikationsserver der ZBW Leibniz-Informationszentrum Wirtschaft The Open Access Publication Server of the ZBW Leibniz Information Centre for Economics Van Ooteghem,
WHITEPAPER CLOUD Possible Use of Cloud Technologies in Public Administration Version 1.0.0 2012 Euritas THE BEST WAY TO PREDICT THE FUTURE IS TO CREATE IT. [Willy Brandt] 2 PUBLISHER'S IMPRINT Publisher:
Getting Physical with the Digital Investigation Process Brian Carrier Eugene H. Spafford Center for Education and Research in Information Assurance and Security CERIAS Purdue University Abstract In this
Data Intensive Storage Services for Cloud Environments Dimosthenis Kyriazis National Technical University of Athens, Greece Athanasios Voulodimos National Technical University of Athens, Greece Spyridon