基于语义证据的持续云服务认证方法

IF 0.4 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS
Christian Banse, Immanuel Kunz, Nico Haas, Angelika Schneider
{"title":"基于语义证据的持续云服务认证方法","authors":"Christian Banse, Immanuel Kunz, Nico Haas, Angelika Schneider","doi":"10.1145/3555776.3577600","DOIUrl":null,"url":null,"abstract":"Continuous certification of cloud services requires a high degree of automation in collecting and evaluating evidences. Prior approaches to this topic are often specific to a cloud provider or a certain certification catalog. This makes it costly and complex to achieve conformance to multiple certification schemes and covering multi-cloud solutions. In this paper, we present a novel approach to continuous certification which is scheme- and vendor-independent. Leveraging an ontology of cloud resources and their security features, we generalize vendor- and scheme-specific terminology into a new model of so-called semantic evidence. In combination with generalized metrics that we elicited out of requirements from the EUCS and the CCMv4, we present a framework for the collection and assessment of such semantic evidence across multiple cloud providers. This allows to conduct continuous cloud certification while achieving re-usability of metrics and evidences in multiple certification schemes. The performance benchmark of the framework's prototype implementation shows that up to 200,000 evidences can be processed in less than a minute, making it suitable for short time intervals used in continuous certification.","PeriodicalId":42971,"journal":{"name":"Applied Computing Review","volume":null,"pages":null},"PeriodicalIF":0.4000,"publicationDate":"2023-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Semantic Evidence-based Approach to Continuous Cloud Service Certification\",\"authors\":\"Christian Banse, Immanuel Kunz, Nico Haas, Angelika Schneider\",\"doi\":\"10.1145/3555776.3577600\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Continuous certification of cloud services requires a high degree of automation in collecting and evaluating evidences. Prior approaches to this topic are often specific to a cloud provider or a certain certification catalog. This makes it costly and complex to achieve conformance to multiple certification schemes and covering multi-cloud solutions. In this paper, we present a novel approach to continuous certification which is scheme- and vendor-independent. Leveraging an ontology of cloud resources and their security features, we generalize vendor- and scheme-specific terminology into a new model of so-called semantic evidence. In combination with generalized metrics that we elicited out of requirements from the EUCS and the CCMv4, we present a framework for the collection and assessment of such semantic evidence across multiple cloud providers. This allows to conduct continuous cloud certification while achieving re-usability of metrics and evidences in multiple certification schemes. The performance benchmark of the framework's prototype implementation shows that up to 200,000 evidences can be processed in less than a minute, making it suitable for short time intervals used in continuous certification.\",\"PeriodicalId\":42971,\"journal\":{\"name\":\"Applied Computing Review\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.4000,\"publicationDate\":\"2023-03-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Applied Computing Review\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3555776.3577600\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Applied Computing Review","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3555776.3577600","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

云服务的持续认证要求证据的收集和评估高度自动化。此主题的先前方法通常特定于云提供商或某个认证目录。这使得实现与多个认证方案的一致性并覆盖多云解决方案的成本高昂且复杂。本文提出了一种独立于方案和供应商的连续认证方法。利用云资源本体及其安全特性,我们将特定于供应商和方案的术语概括为所谓的语义证据的新模型。结合我们从EUCS和CCMv4的需求中得出的广义指标,我们提出了一个框架,用于跨多个云提供商收集和评估此类语义证据。这允许进行持续的云认证,同时在多个认证方案中实现指标和证据的可重用性。该框架原型实现的性能基准表明,在不到一分钟的时间内可以处理多达20万个证据,适用于短时间间隔的连续认证。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
A Semantic Evidence-based Approach to Continuous Cloud Service Certification
Continuous certification of cloud services requires a high degree of automation in collecting and evaluating evidences. Prior approaches to this topic are often specific to a cloud provider or a certain certification catalog. This makes it costly and complex to achieve conformance to multiple certification schemes and covering multi-cloud solutions. In this paper, we present a novel approach to continuous certification which is scheme- and vendor-independent. Leveraging an ontology of cloud resources and their security features, we generalize vendor- and scheme-specific terminology into a new model of so-called semantic evidence. In combination with generalized metrics that we elicited out of requirements from the EUCS and the CCMv4, we present a framework for the collection and assessment of such semantic evidence across multiple cloud providers. This allows to conduct continuous cloud certification while achieving re-usability of metrics and evidences in multiple certification schemes. The performance benchmark of the framework's prototype implementation shows that up to 200,000 evidences can be processed in less than a minute, making it suitable for short time intervals used in continuous certification.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Applied Computing Review
Applied Computing Review COMPUTER SCIENCE, INFORMATION SYSTEMS-
自引率
40.00%
发文量
8
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信