IIT Home Page CNR Home Page

Seminario: "Trust Validation of Cloud IaaS" , CNR-IIT, 16 Marzo 2017

A multitude of issues affect the broader adoption of Cloud computing, with the perceived lack of trust on the Cloud Service Providers (CSPs) often listed as a significant concern. To address this, CSPs typically set up Service Level Agreements (SLAs) that contractually list what the CSP is obligated to provide to meet the customer requirements. While SLAs are promising as a concept, the inadequacy of schemes to actually monitor and validate the run-time compliance of SLAs limits the customer’s capability to evaluate the offered services to assess the actual trust to put in the CSPs.

In the context of this problem, I will present a methodology that enables customers to identify violation of their requirements. For detecting a violation, we compare and validate each SLA attribute with respect to the customer requirements. In case of a requirement violation, we calculate the severity of the violation and based on the severity we dynamically assess trust of the CSP over the life-cycle of the services.

In second part of the talk I will talk about the enhancements in the methodology by applying threat analysis techniques. For this, we develop a comprehensive Cloud model using High Level Petri Nets (HPLN) and analyze structural and behavioral properties of the system in presence of a vulnerable service. The main objective is to explore combination of vulnerable service interaction that could undermine security goals.

Dal 16/03/2017-15.30 al 16/03/2017-15.30 , CNR-IIT, Aula 32

Speaker: Salman Manzoor, TU Darmstadt, DE

Responsabile: Fabio Martinelli

Note: Salman Manzoor completed his Master degree from University of Turku, Finland with specialization in network and system security. Currently he is an Early Sage Researcher (ESR) in NeCS project and a Doctoral candidate at Technische Universität Darmstadt. His research interest includes security quantification, Cloud security, threat and risk assessment.