File(s) under permanent embargo
VAM-aaS: online cloud services security vulnerability analysis and mitigation-as-a-service
conference contribution
posted on 2012-11-26, 00:00 authored by M Almorsy, John Grundy, Amani IbrahimCloud computing introduces a new paradigm shift in service delivery models. However, the potential benefits reaped from the adoption of this model are threatened by public accessibility of the cloud-hosted services and sharing of resources with other service tenants. This increases the potential for exploitation of newly discovered vulnerabilities that usually take a long time to discover and to mitigate. On the other hand, existing cloud platforms do not provide a means to validate the security of offered cloud services or mitigating security vulnerabilities that arise at runtime. We introduce VAM-aaS, Vulnerability Analysis and Mitigation as-a-service, as a novel, integrated, and online cloud-based security vulnerability analysis and mitigation service. VAM-aaS performs online service analysis to pinpoint new vulnerabilities and weaknesses. It then uses this information to generate security control integration and configuration scripts to block these discovered security holes at runtime. Our approach is based on a new vulnerability signature and mitigation-actions specification approach. We introduce our approach, describe implementation details, and describe an evaluation of our prototype on a set of .NET benchmark applications.
History
Event
Web Information Systems Engineering. International Conference (13th : 2012 : Paphos, Cyrus)Volume
7651Series
Lecture Notes in Computer SciencePagination
411 - 425Publisher
SpringerLocation
Paphos, CyprusPlace of publication
Berlin, GermanyPublisher DOI
Start date
2012-11-28End date
2012-11-30ISSN
0302-9743eISSN
1611-3349ISBN-13
9783642350627Language
engPublication classification
E Conference publication; E1.1 Full written paper - refereedCopyright notice
2012, SpringerTitle of proceedings
WISE 2012 : Proceedings of the 13th International Conference on Web Information Systems EngineeringUsage metrics
Categories
No categories selectedLicence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC