Abstract
Original language | English |
---|---|
Title of host publication | Security and Trust Management |
Publisher | Springer |
Pages | 37 -51 |
ISBN (Electronic) | 978-3-319-24858-5 |
ISBN (Print) | 978-3-319-24857-8 |
DOIs | |
Publication status | Published - 9 Dec 2015 |
MoE publication type | A4 Article in a conference publication |
Event | 11th International Workshop on Security and Trust Management, STM 2015 - Vienna, Austria Duration: 21 Sep 2015 → 22 Sep 2015 Conference number: 11 |
Publication series
Series | Lecture Notes in Computer Science |
---|---|
Volume | 9331 |
Conference
Conference | 11th International Workshop on Security and Trust Management, STM 2015 |
---|---|
Abbreviated title | STM 2015 |
Country | Austria |
City | Vienna |
Period | 21/09/15 → 22/09/15 |
Fingerprint
Keywords
- security assurance
- security metrics
- secure element
- measurement trust
- confidence
Cite this
}
Security metrics, secure elements and operational measurement trust in cloud environments. / Kanstrén, Teemu; Evesti, Antti.
Security and Trust Management. Springer, 2015. p. 37 -51 (Lecture Notes in Computer Science, Vol. 9331).Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review
TY - GEN
T1 - Security metrics, secure elements and operational measurement trust in cloud environments
AU - Kanstrén, Teemu
AU - Evesti, Antti
PY - 2015/12/9
Y1 - 2015/12/9
N2 - Operational security assurance evaluation requires building security metrics models to express the expected security status of the system, and collecting data from the operational system to express the current state against these models. Many factors impact the confidence we can have in these metrics and their reported status. One major factor is the trust we can put in the provided measurement data. This paper describes the properties of a trusted measurement base, use of secure element functions and different probe form factors, and their impact on defining confidence levels for the measurement data. A way of quantifying this confidence level and using it as part of security metrics models is defined. Cloud computing is used as a domain to illustrate these concepts and the process of their application. The cloud environment is especially challenging for this type of assurance due to mixed ownership and potentially limited visibility into the infrastructure.
AB - Operational security assurance evaluation requires building security metrics models to express the expected security status of the system, and collecting data from the operational system to express the current state against these models. Many factors impact the confidence we can have in these metrics and their reported status. One major factor is the trust we can put in the provided measurement data. This paper describes the properties of a trusted measurement base, use of secure element functions and different probe form factors, and their impact on defining confidence levels for the measurement data. A way of quantifying this confidence level and using it as part of security metrics models is defined. Cloud computing is used as a domain to illustrate these concepts and the process of their application. The cloud environment is especially challenging for this type of assurance due to mixed ownership and potentially limited visibility into the infrastructure.
KW - security assurance
KW - security metrics
KW - secure element
KW - measurement trust
KW - confidence
U2 - 10.1007/978-3-319-24858-5_3
DO - 10.1007/978-3-319-24858-5_3
M3 - Conference article in proceedings
SN - 978-3-319-24857-8
T3 - Lecture Notes in Computer Science
SP - 37
EP - 51
BT - Security and Trust Management
PB - Springer
ER -