EMERALD: Evidence Management for Continuous Certification as a Service in the Cloud

Christian Banse; Björn Fanta; Juncal Alonso; Cristina Martinez

doi:10.5220/0013348100003950

EMERALD: Evidence Management for Continuous Certification as a Service in the Cloud

Christian Banse, Björn Fanta, Juncal Alonso, Cristina Martinez

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

The conspicuous lack of cloud-specific security certifications, in addition to the existing market fragmentation, hinder transparency and accountability in the provision and usage of European cloud services. Both issues ultimately reflect on the level of customers’ trustworthiness and adoption of cloud services. The upcoming demand for continuous certification has not yet been definitively addressed and it remains unclear how the level’high’ of the European Cybersecurity Certification Scheme for Cloud Services (EUCS) shall be technologically achieved. The introduction of AI in cloud services is raising the complexity of certification even further. This paper presents the EMERALD Certification-as-a-Service (CaaS) concept for continuous certification of harmonized cybersecurity schemes, like the EUCS. EMERALD CaaS aims to provide agile and lean re-certification to consumers that adhere to a defined level of security and trust in a uniform way across heterogeneous environments consisting of combinations of different resources (Cloud, Edge, IoT). Initial findings suggest that EMERALD will significantly contribute to continuous certification, boosting providers and users of cloud services to maintain regulatory compliance towards the latest and upcoming security schemes.

Original language	English
Title of host publication	Proceedings of the 15th International Conference on Cloud Computing and Services Science, CLOSER 2025
Editors	Valeria Cardellini, Maarten van Steen
Publisher	Science and Technology Publications, Lda
Pages	190-197
Number of pages	8
ISBN (Electronic)	9789897587474
DOIs	https://doi.org/10.5220/0013348100003950
Publication status	Published - 2025
Event	15th International Conference on Cloud Computing and Services Science, CLOSER 2025 - Porto, Portugal Duration: 1 Apr 2025 → 3 Apr 2025

Publication series

Name	International Conference on Cloud Computing and Services Science, CLOSER - Proceedings
ISSN (Electronic)	2184-5042

Conference

Conference	15th International Conference on Cloud Computing and Services Science, CLOSER 2025
Country/Territory	Portugal
City	Porto
Period	1/04/25 → 3/04/25

Keywords

Artificial Intelligence
Cloud Computing
Compliance
Cyber Security Certification
Evidence Management

Access to Document

10.5220/0013348100003950

Cite this

Banse, C., Fanta, B., Alonso, J., & Martinez, C. (2025). EMERALD: Evidence Management for Continuous Certification as a Service in the Cloud. In V. Cardellini, & M. van Steen (Eds.), Proceedings of the 15th International Conference on Cloud Computing and Services Science, CLOSER 2025 (pp. 190-197). (International Conference on Cloud Computing and Services Science, CLOSER - Proceedings). Science and Technology Publications, Lda. https://doi.org/10.5220/0013348100003950

Banse, Christian ; Fanta, Björn ; Alonso, Juncal et al. / EMERALD : Evidence Management for Continuous Certification as a Service in the Cloud. Proceedings of the 15th International Conference on Cloud Computing and Services Science, CLOSER 2025. editor / Valeria Cardellini ; Maarten van Steen. Science and Technology Publications, Lda, 2025. pp. 190-197 (International Conference on Cloud Computing and Services Science, CLOSER - Proceedings).

@inproceedings{738b1b832c7946b1aaf9ad13867c36da,

title = "EMERALD: Evidence Management for Continuous Certification as a Service in the Cloud",

abstract = "The conspicuous lack of cloud-specific security certifications, in addition to the existing market fragmentation, hinder transparency and accountability in the provision and usage of European cloud services. Both issues ultimately reflect on the level of customers{\textquoteright} trustworthiness and adoption of cloud services. The upcoming demand for continuous certification has not yet been definitively addressed and it remains unclear how the level{\textquoteright}high{\textquoteright} of the European Cybersecurity Certification Scheme for Cloud Services (EUCS) shall be technologically achieved. The introduction of AI in cloud services is raising the complexity of certification even further. This paper presents the EMERALD Certification-as-a-Service (CaaS) concept for continuous certification of harmonized cybersecurity schemes, like the EUCS. EMERALD CaaS aims to provide agile and lean re-certification to consumers that adhere to a defined level of security and trust in a uniform way across heterogeneous environments consisting of combinations of different resources (Cloud, Edge, IoT). Initial findings suggest that EMERALD will significantly contribute to continuous certification, boosting providers and users of cloud services to maintain regulatory compliance towards the latest and upcoming security schemes.",

keywords = "Artificial Intelligence, Cloud Computing, Compliance, Cyber Security Certification, Evidence Management",

author = "Christian Banse and Bj{\"o}rn Fanta and Juncal Alonso and Cristina Martinez",

note = "Publisher Copyright: Copyright {\textcopyright} 2025 by SCITEPRESS - Science and Technology Publications, Lda.; 15th International Conference on Cloud Computing and Services Science, CLOSER 2025 ; Conference date: 01-04-2025 Through 03-04-2025",

year = "2025",

doi = "10.5220/0013348100003950",

language = "English",

series = "International Conference on Cloud Computing and Services Science, CLOSER - Proceedings",

publisher = "Science and Technology Publications, Lda",

pages = "190--197",

editor = "Valeria Cardellini and \{van Steen\}, Maarten",

booktitle = "Proceedings of the 15th International Conference on Cloud Computing and Services Science, CLOSER 2025",

}

Banse, C, Fanta, B, Alonso, J & Martinez, C 2025, EMERALD: Evidence Management for Continuous Certification as a Service in the Cloud. in V Cardellini & M van Steen (eds), Proceedings of the 15th International Conference on Cloud Computing and Services Science, CLOSER 2025. International Conference on Cloud Computing and Services Science, CLOSER - Proceedings, Science and Technology Publications, Lda, pp. 190-197, 15th International Conference on Cloud Computing and Services Science, CLOSER 2025, Porto, Portugal, 1/04/25. https://doi.org/10.5220/0013348100003950

EMERALD: Evidence Management for Continuous Certification as a Service in the Cloud. / Banse, Christian; Fanta, Björn; Alonso, Juncal et al.
Proceedings of the 15th International Conference on Cloud Computing and Services Science, CLOSER 2025. ed. / Valeria Cardellini; Maarten van Steen. Science and Technology Publications, Lda, 2025. p. 190-197 (International Conference on Cloud Computing and Services Science, CLOSER - Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - EMERALD

T2 - 15th International Conference on Cloud Computing and Services Science, CLOSER 2025

AU - Banse, Christian

AU - Fanta, Björn

AU - Alonso, Juncal

AU - Martinez, Cristina

PY - 2025

Y1 - 2025

N2 - The conspicuous lack of cloud-specific security certifications, in addition to the existing market fragmentation, hinder transparency and accountability in the provision and usage of European cloud services. Both issues ultimately reflect on the level of customers’ trustworthiness and adoption of cloud services. The upcoming demand for continuous certification has not yet been definitively addressed and it remains unclear how the level’high’ of the European Cybersecurity Certification Scheme for Cloud Services (EUCS) shall be technologically achieved. The introduction of AI in cloud services is raising the complexity of certification even further. This paper presents the EMERALD Certification-as-a-Service (CaaS) concept for continuous certification of harmonized cybersecurity schemes, like the EUCS. EMERALD CaaS aims to provide agile and lean re-certification to consumers that adhere to a defined level of security and trust in a uniform way across heterogeneous environments consisting of combinations of different resources (Cloud, Edge, IoT). Initial findings suggest that EMERALD will significantly contribute to continuous certification, boosting providers and users of cloud services to maintain regulatory compliance towards the latest and upcoming security schemes.

AB - The conspicuous lack of cloud-specific security certifications, in addition to the existing market fragmentation, hinder transparency and accountability in the provision and usage of European cloud services. Both issues ultimately reflect on the level of customers’ trustworthiness and adoption of cloud services. The upcoming demand for continuous certification has not yet been definitively addressed and it remains unclear how the level’high’ of the European Cybersecurity Certification Scheme for Cloud Services (EUCS) shall be technologically achieved. The introduction of AI in cloud services is raising the complexity of certification even further. This paper presents the EMERALD Certification-as-a-Service (CaaS) concept for continuous certification of harmonized cybersecurity schemes, like the EUCS. EMERALD CaaS aims to provide agile and lean re-certification to consumers that adhere to a defined level of security and trust in a uniform way across heterogeneous environments consisting of combinations of different resources (Cloud, Edge, IoT). Initial findings suggest that EMERALD will significantly contribute to continuous certification, boosting providers and users of cloud services to maintain regulatory compliance towards the latest and upcoming security schemes.

KW - Artificial Intelligence

KW - Cloud Computing

KW - Compliance

KW - Cyber Security Certification

KW - Evidence Management

UR - http://www.scopus.com/inward/record.url?scp=105003532703&partnerID=8YFLogxK

U2 - 10.5220/0013348100003950

DO - 10.5220/0013348100003950

M3 - Conference contribution

AN - SCOPUS:105003532703

T3 - International Conference on Cloud Computing and Services Science, CLOSER - Proceedings

SP - 190

EP - 197

BT - Proceedings of the 15th International Conference on Cloud Computing and Services Science, CLOSER 2025

A2 - Cardellini, Valeria

A2 - van Steen, Maarten

PB - Science and Technology Publications, Lda

Y2 - 1 April 2025 through 3 April 2025

ER -

Banse C, Fanta B, Alonso J , Martinez C. EMERALD: Evidence Management for Continuous Certification as a Service in the Cloud. In Cardellini V, van Steen M, editors, Proceedings of the 15th International Conference on Cloud Computing and Services Science, CLOSER 2025. Science and Technology Publications, Lda. 2025. p. 190-197. (International Conference on Cloud Computing and Services Science, CLOSER - Proceedings). doi: 10.5220/0013348100003950

EMERALD: Evidence Management for Continuous Certification as a Service in the Cloud

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this