Security metrics, secure elements and operational measurement trust in cloud environments

Teemu Kanstrén, Antti Evesti

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    3 Citations (Scopus)

    Abstract

    Operational security assurance evaluation requires building security metrics models to express the expected security status of the system, and collecting data from the operational system to express the current state against these models. Many factors impact the confidence we can have in these metrics and their reported status. One major factor is the trust we can put in the provided measurement data. This paper describes the properties of a trusted measurement base, use of secure element functions and different probe form factors, and their impact on defining confidence levels for the measurement data. A way of quantifying this confidence level and using it as part of security metrics models is defined. Cloud computing is used as a domain to illustrate these concepts and the process of their application. The cloud environment is especially challenging for this type of assurance due to mixed ownership and potentially limited visibility into the infrastructure.
    Original languageEnglish
    Title of host publicationSecurity and Trust Management
    PublisherSpringer
    Pages37 -51
    ISBN (Electronic)978-3-319-24858-5
    ISBN (Print)978-3-319-24857-8
    DOIs
    Publication statusPublished - 9 Dec 2015
    MoE publication typeA4 Article in a conference publication
    Event11th International Workshop on Security and Trust Management, STM 2015 - Vienna, Austria
    Duration: 21 Sep 201522 Sep 2015
    Conference number: 11

    Publication series

    SeriesLecture Notes in Computer Science
    Volume9331

    Conference

    Conference11th International Workshop on Security and Trust Management, STM 2015
    Abbreviated titleSTM 2015
    CountryAustria
    CityVienna
    Period21/09/1522/09/15

      Fingerprint

    Keywords

    • security assurance
    • security metrics
    • secure element
    • measurement trust
    • confidence

    Cite this

    Kanstrén, T., & Evesti, A. (2015). Security metrics, secure elements and operational measurement trust in cloud environments. In Security and Trust Management (pp. 37 -51). Springer. Lecture Notes in Computer Science, Vol.. 9331 https://doi.org/10.1007/978-3-319-24858-5_3