Methodology to obtain the security controls in multi-cloud applications

Samuel Olaiya Afolaranmi, Luis E. Gonzalez Moctezuma, Massimiliano Rak, Valentina Casola, Erkuden Rios, Jose L. Martinez Lastra

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Citations (Scopus)
1 Downloads (Pure)

Abstract

What controls should be used to ensure adequate security level during operation is a non-trivial subject in complex software systems and applications. The problem becomes even more challenging when the application uses multiple cloud services which security measures are beyond the control of the application provider. In this paper, a methodology that enables the identification of the best security controls for multicloud applications which components are deployed in heterogeneous cloud providers is presented. The methodology is based on application decomposition and modelling of threats over the components, followed by the analysis of the risks together with the capture of cloud business and security requirements. The methodology has been applied in the MUSA EU H2020 project use cases as the first step for building up the multi-cloud applications’ security-aware Service Level Agreements (SLA). The identified security controls will be included in the applications’ SLAs for their monitoring and fulfilment assurance at operation.
Original languageEnglish
Title of host publicationunknown
EditorsJorge Cardoso, Jorge Cardoso, Donald Ferguson, Victor Mendez Munoz, Markus Helfert
PublisherSCITEPRESS Digital Library
Pages327-332
Number of pages6
ISBN (Electronic)9789897581823
ISBN (Print)978-989-758-182-3
DOIs
Publication statusPublished - 2016
Event6th International Conference on Cloud Computing and Services Science, CLOSER 2016 - Rome, Italy
Duration: 23 Apr 201625 Apr 2016

Publication series

Name1

Conference

Conference6th International Conference on Cloud Computing and Services Science, CLOSER 2016
Country/TerritoryItaly
CityRome
Period23/04/1625/04/16

Keywords

  • Multi-cloud
  • Security-by-design
  • Cyber-security methodologies
  • Threat modelling

Project and Funding Information

  • Project ID
  • info:eu-repo/grantAgreement/EC/H2020/644429/EU/MUlti-cloud Secure Applications/MUSA
  • Funding Info
  • European Commission's H2020

Fingerprint

Dive into the research topics of 'Methodology to obtain the security controls in multi-cloud applications'. Together they form a unique fingerprint.

Cite this