Title:An evidence-Based Incremental and Hybrid Security Certification Scheme for Cloud-Based Systems
Speaker:Marco Anisetti
Time:15:00-16:00,July 1 (Friday), 2016
Venue:Room203,College of Information Engineering
About speaker:
Marco Anisetti is an Associate Professor at the UniversitàdegliStudi di Milano. He received the Ph.D. degree in computer science from the UniversitàdegliStudi di Milano in 2009. His research interests are in the area of Computational Intelligence and its application to the design of complex systems and services. More in details he investigates/has investigated the adoption of advanced techniques based on Kalman filters, rough sets and fuzzy set theories for: i) low-level functionalities like display management, advanced image processing and mobile geolocation, and ii) high-level applications in the areas of Humanized Computing, Human Machine Interaction and Ambient Intelligence. Recently, he has been investigating the adoption of Computational Intelligence techniques in the area of security mechanisms for distributed systems, with particular consideration of Cloud and SOA security software/service certification and assurance for BigData.
Abstract:
One of the key functionalities of cloud computing is the ability of automatically reacting to events and context changes to maintain the desired Quality of Service (QoS). Another important functionality is being able to provide evidence supporting the QoS level actually delivered along time. Assurance techniques are designed to provide evidence that a given system has some functional/non-functional properties and behaves as expected. Cloud requires specific assurance techniques providing evidence across context changes and reconfigurations due to cloud management operations and events. Such techniques must be able to deal with multilayer nature of the cloud as well as deal with evidence of different types, meaning collected in different manner with different process and different peculiarities (e.g. testing, monitoring and trusted computing). For instance, testing is not always possible in online system, monitoring requires time and rare events may be not easy to evaluate while trusted computing shows a great level of assurance but requires hardware assisted systems. Among assurance techniques, certification-based assurance has received a lot of attention in the last few years, as a means to increase cloud security and trust.
This seminar will present an evidence-based assurance scheme aimed at incremental security certification of cloud system hybridizing evidence of different types is needed. The proposed solution minimizes the risk of unnecessary certificate revocation and reduces as much as possible the amount of re-certification activities. To this aim, it reuses evidence available in existing certificates to re-validate them when relevant changes are observed.
College of Information Engineering
2016-6-30