TUM Logo

Generating threat profiles for cloud service certification systems

Cloud service certification aims at automatically validating whether a cloud service satisfies a predefined set of requirements. To that end, certification systems collect and evaluate sensitive data from various sources of a cloud service. At the same time, the certification system itself has to be resilient to attacks to generate trustworthy statements about the cloud service. Thus system architects are faced with the task of assessing the trustworthiness of different certification system designs. To cope with that challenge, we propose a method to model different architecture variants of cloud service certification systems and analyze threats these systems face. By applying our method to a specific cloud service certification system, we show how threats to such systems can be derived in a standardized way that allows us to evaluate different architecture configurations.

Generating threat profiles for cloud service certification systems

IEEE 17th International Symposium on High Assurance Systems Engineering

Authors: Philipp Stephanow, Christian Banse, and Julian Schütte
Year/month: 2016/1
Booktitle: IEEE 17th International Symposium on High Assurance Systems Engineering
Pages: 260-267
Address: Orlando, Florida, USA
Fulltext:

Abstract

Cloud service certification aims at automatically validating whether a cloud service satisfies a predefined set of requirements. To that end, certification systems collect and evaluate sensitive data from various sources of a cloud service. At the same time, the certification system itself has to be resilient to attacks to generate trustworthy statements about the cloud service. Thus system architects are faced with the task of assessing the trustworthiness of different certification system designs. To cope with that challenge, we propose a method to model different architecture variants of cloud service certification systems and analyze threats these systems face. By applying our method to a specific cloud service certification system, we show how threats to such systems can be derived in a standardized way that allows us to evaluate different architecture configurations.

Bibtex:

@inproceedings { stephanow2016generating,
author = { Philipp Stephanow and Christian Banse and Julian Schütte},
title = { Generating threat profiles for cloud service certification systems },
year = { 2016 },
month = { January },
booktitle = { IEEE 17th International Symposium on High Assurance Systems Engineering },
address = { Orlando, Florida, USA },
pages = { 260-267 },

}