TU Darmstadt / ULB / TUbiblio

A Framework for Evaluating Trust of Service Providers in Cloud Marketplaces

Habib, Sheikh Mahbub and Varadharajan, Vijay and Mühlhäuser, Max (2013):
A Framework for Evaluating Trust of Service Providers in Cloud Marketplaces.
In: SAC '13, In: Proceedings of 28th ACM SAC 2013, New York, NY, USA, ACM, pp. 1963-1965, DOI: 10.1145/2480362.2480727,
[Online-Edition: http://doi.acm.org/10.1145/2480362.2480727],
[Book Section]

Abstract

The Cloud Security Alliance (CSA) provides a framework for cloud platform providers that manages standardized self-assessments regarding security controls. The framework as it stands does not allow consumers to specify and check their own requirements, nor does it contain any means for verifying the capabilities claimed by the providers. From a customer perspective, both these aspects are essential for evaluating the trustworthiness of cloud providers and for making an informed decision. We propose a novel concept for verifying the capabilities captured in the CSA's framework, plus a decision model that checks consumer requirements against the verification results. Our capability verification combines hard trust based on rigid validation with soft trust based on evidence about past behaviour. Elaborate formal methods are applied in both fields and combined into a single concept.

Item Type: Book Section
Erschienen: 2013
Creators: Habib, Sheikh Mahbub and Varadharajan, Vijay and Mühlhäuser, Max
Title: A Framework for Evaluating Trust of Service Providers in Cloud Marketplaces
Language: English
Abstract:

The Cloud Security Alliance (CSA) provides a framework for cloud platform providers that manages standardized self-assessments regarding security controls. The framework as it stands does not allow consumers to specify and check their own requirements, nor does it contain any means for verifying the capabilities claimed by the providers. From a customer perspective, both these aspects are essential for evaluating the trustworthiness of cloud providers and for making an informed decision. We propose a novel concept for verifying the capabilities captured in the CSA's framework, plus a decision model that checks consumer requirements against the verification results. Our capability verification combines hard trust based on rigid validation with soft trust based on evidence about past behaviour. Elaborate formal methods are applied in both fields and combined into a single concept.

Title of Book: Proceedings of 28th ACM SAC 2013
Series Name: SAC '13
Volume: 2
Place of Publication: New York, NY, USA
Publisher: ACM
ISBN: 978-1-4503-1656-9
Uncontrolled Keywords: SST - Area Smart Security and Trust;- SST: CASED:;Secure Services;Security
Divisions: 20 Department of Computer Science
20 Department of Computer Science > System Security Lab
20 Department of Computer Science > Telecooperation
Profile Areas
Profile Areas > Cybersecurity (CYSEC)
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Event Title: Proceedings of the 28th Annual ACM Symposium on Applied Computing
Event Location: Coimbra, Portugal
Date Deposited: 13 Jun 2018 12:10
DOI: 10.1145/2480362.2480727
Official URL: http://doi.acm.org/10.1145/2480362.2480727
Identification Number: TUD-CS-2013-0054
Related URLs:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)

View Item View Item