Habib, Sheikh Mahbub ; Varadharajan, Vijay ; Mühlhäuser, Max (2013):
A Framework for Evaluating Trust of Service Providers in Cloud Marketplaces.
pp. 1963-1965, ACM, Proceedings of the 28th Annual ACM Symposium on Applied Computing (SAC'13), Coimbra, Portugal, March 2013, ISBN 978-1-4503-1656-9,
DOI: 10.1145/2480362.2480727,
[Conference or Workshop Item]
Abstract
The Cloud Security Alliance (CSA) provides a framework for cloud platform providers that manages standardized self-assessments regarding security controls. The framework as it stands does not allow consumers to specify and check their own requirements, nor does it contain any means for verifying the capabilities claimed by the providers. From a customer perspective, both these aspects are essential for evaluating the trustworthiness of cloud providers and for making an informed decision. We propose a novel concept for verifying the capabilities captured in the CSA's framework, plus a decision model that checks consumer requirements against the verification results. Our capability verification combines hard trust based on rigid validation with soft trust based on evidence about past behaviour. Elaborate formal methods are applied in both fields and combined into a single concept.
| Item Type: | Conference or Workshop Item |
|---|---|
| Erschienen: | 2013 |
| Creators: | Habib, Sheikh Mahbub ; Varadharajan, Vijay ; Mühlhäuser, Max |
| Title: | A Framework for Evaluating Trust of Service Providers in Cloud Marketplaces |
| Language: | English |
| Abstract: | The Cloud Security Alliance (CSA) provides a framework for cloud platform providers that manages standardized self-assessments regarding security controls. The framework as it stands does not allow consumers to specify and check their own requirements, nor does it contain any means for verifying the capabilities claimed by the providers. From a customer perspective, both these aspects are essential for evaluating the trustworthiness of cloud providers and for making an informed decision. We propose a novel concept for verifying the capabilities captured in the CSA's framework, plus a decision model that checks consumer requirements against the verification results. Our capability verification combines hard trust based on rigid validation with soft trust based on evidence about past behaviour. Elaborate formal methods are applied in both fields and combined into a single concept. |
| Publisher: | ACM |
| ISBN: | 978-1-4503-1656-9 |
| Uncontrolled Keywords: | SST - Area Smart Security and Trust;- SST: CASED:;Secure Services;Security |
| Divisions: | 20 Department of Computer Science 20 Department of Computer Science > System Security Lab 20 Department of Computer Science > Telecooperation Profile Areas Profile Areas > Cybersecurity (CYSEC) LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt |
| Event Title: | Proceedings of the 28th Annual ACM Symposium on Applied Computing (SAC'13) |
| Event Location: | Coimbra, Portugal |
| Event Dates: | March 2013 |
| Date Deposited: | 13 Jun 2018 12:10 |
| DOI: | 10.1145/2480362.2480727 |
| URL / URN: | http://doi.acm.org/10.1145/2480362.2480727 |
| Identification Number: | TUD-CS-2013-0054 |
| Corresponding Links: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Send an inquiry |
Options (only for editors)
 |
Show editorial Details |
Drucken
Impressum