Next Article in Journal
CMCC: Misuse Resistant Authenticated Encryption with Minimal Ciphertext Expansion
Previous Article in Journal
Redundancy in Key Management for WSNs
Article

Security Incident Information Exchange for Cloud Service Provisioning Chains

SINTEF Digital, Postbox 4760 Torgarden, 7465 Trondheim, Norway
*
Author to whom correspondence should be addressed.
Current address: Strindvegen 4, 7034 Trondheim, Norway.
Cryptography 2018, 2(4), 41; https://doi.org/10.3390/cryptography2040041
Received: 30 October 2018 / Revised: 23 November 2018 / Accepted: 5 December 2018 / Published: 11 December 2018
(This article belongs to the Special Issue Cloud, IoT and Software Defined Networks Security)
Online services are increasingly becoming a composition of different cloud services, making incident-handling difficult, as Cloud Service Providers (CSPs) with end-user customers need information from other providers about incidents that occur at upstream CSPs to inform their users. In this paper, we argue the need for commonly agreed-upon incident information exchanges between providers to improve accountability of CSPs, and present both such a format and a prototype implementing it. The solution can handle simple incident information natively as well as embed standard representation formats for incident-sharing, such as IODEF and STIX. Preliminary interviews show a desire for such a solution. The discussion considers both technical challenges and non-technical aspects related to improving the situation for incident response in cloud-computing scenarios. Our solution holds the potential of making incident-sharing more efficient. View Full-Text
Keywords: incident response; cloud computing; accountability incident response; cloud computing; accountability
Show Figures

Figure 1

MDPI and ACS Style

Frøystad, C.; Tøndel, I.A.; Jaatun, M.G. Security Incident Information Exchange for Cloud Service Provisioning Chains. Cryptography 2018, 2, 41. https://doi.org/10.3390/cryptography2040041

AMA Style

Frøystad C, Tøndel IA, Jaatun MG. Security Incident Information Exchange for Cloud Service Provisioning Chains. Cryptography. 2018; 2(4):41. https://doi.org/10.3390/cryptography2040041

Chicago/Turabian Style

Frøystad, Christian, Inger A. Tøndel, and Martin G. Jaatun 2018. "Security Incident Information Exchange for Cloud Service Provisioning Chains" Cryptography 2, no. 4: 41. https://doi.org/10.3390/cryptography2040041

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop