Cloud-Trust - A Security Assessment Model for Infrastructure as a Service (IaaS) Clouds

Simple item page
dc.contributor.authorGonzales, Daniel
dc.contributor.authorKaplan, Jeremy
dc.contributor.authorSaltzman, Evan
dc.contributor.authorWinkelman, Zev
dc.contributor.authorWoods, Dulani
dc.date2023-05-17T17:31:38.000
dc.date.accessioned2023-05-22T12:06:37Z
dc.date.available2023-05-22T12:06:37Z
dc.date.issued2015-03-01
dc.date.submitted2017-07-17T13:54:37-07:00
dc.description.abstractThe vulnerability of Cloud Computing Systems (CCSs) to Advanced Persistent Threats (APTs) is a significant concern to government and industry. We present a cloud architecture reference model that incorporates a wide range of security controls and best practices, and a cloud security assessment model – Cloud-Trust – that estimates high level security metrics to quantify the degree of confidentiality and integrity offered by a CCS or cloud service provider (CSP). Cloud-Trust is used to assess the security level of four multi-tenant IaaS cloud architectures equipped with alternative cloud security controls and to show the probability of CCS penetration (high value data compromise) is high if a minimal set of security controls are implemented. CCS penetration probability drops substantially if a cloud defense in depth security architecture is adopted that protects virtual machine (VM) images at rest, strengthens CSP and cloud tenant system administrator access controls, and which employs other network security controls to minimize cloud network surveillance and discovery of live VMs.
dc.description.commentsAt the time of this publication, Mr. Saltzman was affiliated with the RAND Corporation, but he is now associated with the Department of Healthcare Management within the Wharton School, University of Pennsylvania.
dc.identifier.urihttps://repository.upenn.edu/handle/20.500.14332/2655
dc.legacy.articleid1113
dc.legacy.fields10.1109/TCC.2015.2415794
dc.legacy.fulltexturlhttps://repository.upenn.edu/cgi/viewcontent.cgi?article=1113&context=hcmg_papers&unstamped=1
dc.rights© 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
dc.source.issue38
dc.source.issue99
dc.source.journalHealth Care Management Papers
dc.source.journaltitleIEEE Transactions on Cloud Computing
dc.source.peerreviewedtrue
dc.source.statuspublished
dc.source.volumePP
dc.subject.othercloud computing
dc.subject.otherservers
dc.subject.othercomputer architecture
dc.subject.othercryptography
dc.subject.othermonitoring
dc.subject.otherfirewalls
dc.subject.othercyber security
dc.subject.otheradvanced persistent threats
dc.subject.othersecurity metrics
dc.subject.othervirtual machine (VM) isolation
dc.subject.otherOther Electrical and Computer Engineering
dc.titleCloud-Trust - A Security Assessment Model for Infrastructure as a Service (IaaS) Clouds
dc.typeReport
digcom.contributor.authorGonzales, Daniel
digcom.contributor.authorKaplan, Jeremy
digcom.contributor.authorSaltzman, Evan
digcom.contributor.authorWinkelman, Zev
digcom.contributor.authorWoods, Dulani
digcom.identifierhcmg_papers/38
digcom.identifier.contextkey10442363
digcom.identifier.submissionpathhcmg_papers/38
digcom.typereport
dspace.entity.typePublication
upenn.schoolDepartmentCenterHealth Care Management Papers
Files
Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
Cloud_Trust___A_Security_Assessment_Model_for_Infrastructure.pdf
Size:
22.8 MB
Format:
Adobe Portable Document Format
Download
Collection
Reports