Back to Search Start Over

Towards a Security Stress-Test for Cloud Configurations

Authors :
Minna, Francesco
Massacci, Fabio
Tuma, Katja
Ardagna, Claudio Agostino
Atukorala, Nimanthi
Buyya, Rajkumar
Chang, Carl K.
Chang, Rong N.
Damiani, Ernesto
Dasgupta, Gargi Banerjee
Gagliardi, Fabrizio
Hagleitner, Christoph
Milojicic, Dejan
Trong, Tuan M Hoang
Ward, Robert
Xhafa, Fatos
Zhang, Jia
Ardagna, Claudio Agostino
Atukorala, Nimanthi
Buyya, Rajkumar
Chang, Carl K.
Chang, Rong N.
Damiani, Ernesto
Dasgupta, Gargi Banerjee
Gagliardi, Fabrizio
Hagleitner, Christoph
Milojicic, Dejan
Trong, Tuan M Hoang
Ward, Robert
Xhafa, Fatos
Zhang, Jia
Computer Systems
Network Institute
Source :
Minna, F, Massacci, F & Tuma, K 2022, Towards a Security Stress-Test for Cloud Configurations . in C A Ardagna, N Atukorala, R Buyya, C K Chang, R N Chang, E Damiani, G B Dasgupta, F Gagliardi, C Hagleitner, D Milojicic, T M H Trong, R Ward, F Xhafa & J Zhang (eds), 2022 IEEE 15th International Conference on Cloud Computing (CLOUD) : [Proceedings] . IEEE International Conference on Cloud Computing, CLOUD, vol. 2022-July, IEEE Computer Society, pp. 191-196, 15th IEEE International Conference on Cloud Computing, CLOUD 2022, Barcelona, Spain, 10/07/21 . https://doi.org/10.1109/CLOUD55607.2022.00038, 2022 IEEE 15th International Conference on Cloud Computing (CLOUD): [Proceedings], 191-196, STARTPAGE=191;ENDPAGE=196;TITLE=2022 IEEE 15th International Conference on Cloud Computing (CLOUD)
Publication Year :
2022
Publisher :
IEEE Computer Society, 2022.

Abstract

Securing cloud configurations is an elusive task, which is left up to system administrators who have to base their decisions on ``trial and error'' experimentations or by observing good practices (e.g., CIS Benchmarks). We propose a knowledge, AND/OR, graphs approach to model cloud deployment security objects and vulnerabilities. In this way, we can capture relationships between configurations, permissions (e.g., CAP\_SYS\_ADMIN), and security profiles (e.g., AppArmor and SecComp), as first-class citizens. Such an approach allows us to suggest alternative and safer configurations, support administrators in the study of what-if scenarios, and scale the analysis to large scale deployments. We present an initial validation and illustrate the approach with three real vulnerabilities from known sources.<br />Comment: Conference: The IEEE International Conference on Cloud Computing (CLOUD) 2022

Subjects

Subjects :
FOS: Computer and information sciences
Computer Science - Cryptography and Security
SDG 16 - Peace
microservices
knowledge graph
SDG 16 - Peace, Justice and Strong Institutions
cloud
containers
security
Cryptography and Security (cs.CR)
AND/OR graphs
Justice and Strong Institutions

Details

Language :
English
Database :
OpenAIRE
Journal :
Minna, F, Massacci, F & Tuma, K 2022, Towards a Security Stress-Test for Cloud Configurations . in C A Ardagna, N Atukorala, R Buyya, C K Chang, R N Chang, E Damiani, G B Dasgupta, F Gagliardi, C Hagleitner, D Milojicic, T M H Trong, R Ward, F Xhafa & J Zhang (eds), 2022 IEEE 15th International Conference on Cloud Computing (CLOUD) : [Proceedings] . IEEE International Conference on Cloud Computing, CLOUD, vol. 2022-July, IEEE Computer Society, pp. 191-196, 15th IEEE International Conference on Cloud Computing, CLOUD 2022, Barcelona, Spain, 10/07/21 . https://doi.org/10.1109/CLOUD55607.2022.00038, 2022 IEEE 15th International Conference on Cloud Computing (CLOUD): [Proceedings], 191-196, STARTPAGE=191;ENDPAGE=196;TITLE=2022 IEEE 15th International Conference on Cloud Computing (CLOUD)
Accession number :
edsair.doi.dedup.....f6b462016c52e17efde658311d5fde11

Tools

Authors Abstract Subjects Details