Please use this identifier to cite or link to this item: http://hdl.handle.net/1959.3/240041

Download PDF (Accepted manuscript) (Adobe Acrobat PDF, -1 bytes)

Title

VAM-aaS: online cloud services security vulnerability analysis and mitigation-as-a-service

Author(s)

Almorsy, Mohamed;  Grundy, John;  Ibrahim, Amani S.

Abstract

Cloud computing introduces a new paradigm shift in service delivery models. However, the potential benefits reaped from the adoption of this model are threatened by public accessibility of the cloud-hosted services and sharing of resources with other service tenants. This increases the potential for exploitation of newly discovered vulnerabilities that usually take a long time to discover and to mitigate. On the other hand, existing cloud platforms do not provide a means to validate the security of offered cloud services or mitigating security vulnerabilities that arise at runtime. We introduce VAM-aaS, Vulnerability Analysis and Mitigation as-a-service, as a novel, integrated, and online cloud-based security vulnerability analysis and mitigation service. VAM-aaS performs online service analysis to pinpoint new vulnerabilities and weaknesses. It then uses this information to generate security control integration and configuration scripts to block these discovered security holes at runtime. Our approach is based on a new vulnerability signature and mitigation-actions specification approach. We introduce our approach, describe implementation details, and describe an evaluation of our prototype on a set of .NET benchmark applications.

Publication type

Conference paper

Research centre

Swinburne University of Technology. Faculty of Information and Communication Technologies

Source

Lecture Notes in Computer Science: proceedings of the 13th International Conference on Web Information Systems Engineering (WISE 2012), Paphos, Cyprus, 28-30 November 2012 / X. Sean Wang, Isabel Cruz, Alex Delis and Guangyan Huang (eds.), Vol. 7651, pp. 411-425

Publication year

2012

FOR Code(s)

08 Information and Computing Sciences

Keyword(s)

Cloud computing;  Online vulnerability;  SaaS security;  VAM-aaS;  Vulnerability analysis;  Vulnerability analysis and mitigation solution as a service;  Vulnerability mitigation

Publisher

Springer

ISSN

0302-9743 (series ISSN)

ISBN

9783642350627, 3642350623

Publisher URL

http://dx.doi.org/10.1007/978-3-642-35063-4_30

Copyright

Copyright © Springer-Verlag Berlin Heidelberg 2012. The accepted manuscript is reproduced in accordance with the copyright policy of the publisher. The definitive version of the publication is available at www.springer.com.

Full text

Peer reviewed