Taha, Ahmed (2018)
Quantitative Trust Assessment in the Cloud.
Technische Universität Darmstadt
Dissertation, Erstveröffentlichung
Kurzbeschreibung (Abstract)
Cloud computing offers a model where resources (storage, applications, etc.) are abstracted and provided "as-a-service" in a remotely accessible manner. In such a service-based environment, the Cloud provisioning relies on stipulated Service Level Agreements (SLAs). Such an agreement is a contract between the Cloud Service Provider (CSP) and the Cloud Service Customer (CSC) regarding the offered services. These SLAs specify the Cloud services requested by the customers and are required to be achieved by the CSPs. A variety of parameters for different aspects of a service can be included in the SLA, such as but not limited to: availability, performance, downtime and location of the data.
Although there are numerous claimed benefits of the Cloud to ensure confidentiality, integrity, and availability of the stored data, the number of security breaches is still on the rise. The lack of security assurance and transparency prevented customers/enterprises from trusting the CSPs, and hence not using their services. Unless the customer's security requirements are identified and documented by the CSPs, customers can not be assured that the CSPs will satisfy their requirements. Although the recent efforts on specification of security services using SLAs, also known as security SLAs or secSLAs, is a positive development, multiple technical and usability issues limit the adoption of Cloud secSLAs in practice.
For example, multiple CSPs offer similar security services (e.g., "encryption key management") albeit with different capabilities and prices. The customers need to comparatively assess the offered security services in order to select the best CSP matching their security requirements. However, the presence of both explicit and implicit dependencies across security related services add further challenges for Cloud customers to: (i) specify their security requirements taking service dependencies into consideration, (ii) determine which CSP can satisfy these requirements in a qualitative way, and (iii) identify threats that can compromise their data ownership requirements of security, functionality and performance.
Although secSLA provides specifications for the security level to be provided, assurance mechanisms are required to validate the compliance of the enforced security mechanisms to the secSLA. The lack of security transparency on the security controls implemented in the Cloud and the diversity of the security specifications covered in the secSLA make validating the service to the secSLA a challenging task. Furthermore, the customer's compensation upon a violation is a manual time intensive process.
Finally, despite the benefits of enclosing security-related information in the secSLAs, CSPs are hesitant to release detailed information regarding their security posture for security and proprietary reasons. This lack of security transparency makes assessing and validating the offered security level and finding the best CSP matching the customer's security requirements a challenging task.
In this dissertation we address the aforementioned challenges. For challenges (i) and (ii), two evaluation techniques for conducting the quantitative assessment and analysis of the secSLA-based security level provided by CSPs with respect to a set of Cloud customer security requirements are presented. The proposed techniques help to improve the security requirements' specifications by introducing a flexible and simple methodology that allows customers to identify and represent their specific, imprecise and inconsistent security needs. The techniques automatically detect conflicts resulting from inconsistent customer requirements and provide an explanation for the detected conflicts which in-turn allows customers to resolve these conflicts. To tackle challenge (iii) and uncover threats that can compromise the customer's data ownership requirements, a threat analysis process is presented which establishes the viability of identifying threats based on the CSPs' offered services and customers' requirements.
To validate the compliance of CSPs to the contracted services in the secSLA(s), a decentralized customer-based monitoring approach is proposed. The monitoring approach detects secSLA's violations and autonomously compensates customers according to the violation severity. The approach relies on the Ethereum blockchain to securely store monitoring logs and incorporate secSLAs as smart contracts. The compliance validation framework is implemented and its functionality is evaluated on Amazon EC2.
Finally, a system that enables (a) CSPs to disclose detailed information about their offered security services in an encrypted form to ensure data confidentiality, and (b) customers to assess the CSPs' offered security services and find those satisfying their security requirements is presented. The system preserves each party's privacy by leveraging an evaluation method based on secure two-party computation and searchable encryption techniques. The system is implemented and evaluated by applying it to existing standardized secSLAs. We show that the system's performance is practical for the presented use-case. The system is formally proved against a strong realistic adversarial model, using an automated cryptographic protocol verifier.
Typ des Eintrags: | Dissertation | ||||
---|---|---|---|---|---|
Erschienen: | 2018 | ||||
Autor(en): | Taha, Ahmed | ||||
Art des Eintrags: | Erstveröffentlichung | ||||
Titel: | Quantitative Trust Assessment in the Cloud | ||||
Sprache: | Englisch | ||||
Referenten: | Suri, Prof. Dr. Neeraj ; Posegga, Prof. Dr. Joachim | ||||
Publikationsjahr: | 25 April 2018 | ||||
Ort: | Darmstadt | ||||
Verlag: | Ahmed Taha | ||||
Datum der mündlichen Prüfung: | 25 April 2018 | ||||
URL / URN: | http://tuprints.ulb.tu-darmstadt.de/7448 | ||||
Kurzbeschreibung (Abstract): | Cloud computing offers a model where resources (storage, applications, etc.) are abstracted and provided "as-a-service" in a remotely accessible manner. In such a service-based environment, the Cloud provisioning relies on stipulated Service Level Agreements (SLAs). Such an agreement is a contract between the Cloud Service Provider (CSP) and the Cloud Service Customer (CSC) regarding the offered services. These SLAs specify the Cloud services requested by the customers and are required to be achieved by the CSPs. A variety of parameters for different aspects of a service can be included in the SLA, such as but not limited to: availability, performance, downtime and location of the data. Although there are numerous claimed benefits of the Cloud to ensure confidentiality, integrity, and availability of the stored data, the number of security breaches is still on the rise. The lack of security assurance and transparency prevented customers/enterprises from trusting the CSPs, and hence not using their services. Unless the customer's security requirements are identified and documented by the CSPs, customers can not be assured that the CSPs will satisfy their requirements. Although the recent efforts on specification of security services using SLAs, also known as security SLAs or secSLAs, is a positive development, multiple technical and usability issues limit the adoption of Cloud secSLAs in practice. For example, multiple CSPs offer similar security services (e.g., "encryption key management") albeit with different capabilities and prices. The customers need to comparatively assess the offered security services in order to select the best CSP matching their security requirements. However, the presence of both explicit and implicit dependencies across security related services add further challenges for Cloud customers to: (i) specify their security requirements taking service dependencies into consideration, (ii) determine which CSP can satisfy these requirements in a qualitative way, and (iii) identify threats that can compromise their data ownership requirements of security, functionality and performance. Although secSLA provides specifications for the security level to be provided, assurance mechanisms are required to validate the compliance of the enforced security mechanisms to the secSLA. The lack of security transparency on the security controls implemented in the Cloud and the diversity of the security specifications covered in the secSLA make validating the service to the secSLA a challenging task. Furthermore, the customer's compensation upon a violation is a manual time intensive process. Finally, despite the benefits of enclosing security-related information in the secSLAs, CSPs are hesitant to release detailed information regarding their security posture for security and proprietary reasons. This lack of security transparency makes assessing and validating the offered security level and finding the best CSP matching the customer's security requirements a challenging task. In this dissertation we address the aforementioned challenges. For challenges (i) and (ii), two evaluation techniques for conducting the quantitative assessment and analysis of the secSLA-based security level provided by CSPs with respect to a set of Cloud customer security requirements are presented. The proposed techniques help to improve the security requirements' specifications by introducing a flexible and simple methodology that allows customers to identify and represent their specific, imprecise and inconsistent security needs. The techniques automatically detect conflicts resulting from inconsistent customer requirements and provide an explanation for the detected conflicts which in-turn allows customers to resolve these conflicts. To tackle challenge (iii) and uncover threats that can compromise the customer's data ownership requirements, a threat analysis process is presented which establishes the viability of identifying threats based on the CSPs' offered services and customers' requirements. To validate the compliance of CSPs to the contracted services in the secSLA(s), a decentralized customer-based monitoring approach is proposed. The monitoring approach detects secSLA's violations and autonomously compensates customers according to the violation severity. The approach relies on the Ethereum blockchain to securely store monitoring logs and incorporate secSLAs as smart contracts. The compliance validation framework is implemented and its functionality is evaluated on Amazon EC2. Finally, a system that enables (a) CSPs to disclose detailed information about their offered security services in an encrypted form to ensure data confidentiality, and (b) customers to assess the CSPs' offered security services and find those satisfying their security requirements is presented. The system preserves each party's privacy by leveraging an evaluation method based on secure two-party computation and searchable encryption techniques. The system is implemented and evaluated by applying it to existing standardized secSLAs. We show that the system's performance is practical for the presented use-case. The system is formally proved against a strong realistic adversarial model, using an automated cryptographic protocol verifier. |
||||
Alternatives oder übersetztes Abstract: |
|
||||
URN: | urn:nbn:de:tuda-tuprints-74488 | ||||
Sachgruppe der Dewey Dezimalklassifikatin (DDC): | 000 Allgemeines, Informatik, Informationswissenschaft > 004 Informatik | ||||
Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Sicherheit in der Informationstechnik |
||||
Hinterlegungsdatum: | 10 Jun 2018 19:55 | ||||
Letzte Änderung: | 10 Jun 2018 19:55 | ||||
PPN: | |||||
Referenten: | Suri, Prof. Dr. Neeraj ; Posegga, Prof. Dr. Joachim | ||||
Datum der mündlichen Prüfung / Verteidigung / mdl. Prüfung: | 25 April 2018 | ||||
Export: | |||||
Suche nach Titel in: | TUfind oder in Google |
Frage zum Eintrag |
Optionen (nur für Redakteure)
Redaktionelle Details anzeigen |