Browsing UiS Brage by Author "Jaatun, Martin Gilje"
Now showing items 1-16 of 16
-
Accountability Requirements for the Cloud
Jaatun, Martin Gilje; Tøndel, Inger Anne; Moe, Nils Brede; Cruzes, Daniela Soares; Bernsmed, Karin; Haugset, Børge (Chapter, 2017)In order to be responsible stewards of other people’s data, cloud providers must be accountable for their data handling practices. The potential long provider chains in cloud computing introduces additional accountability ... -
Accountability Requirements in the Cloud Provider Chain
Jaatun, Martin Gilje; Tøndel, Inger Anne; Moe, Nils Brede; Cruzes, Daniela Soares; Bernsmed, Karin; Haugset, Børge (Journal article; Peer reviewed, 2018-04)In order to be responsible stewards of other people’s data, cloud providers must be accountable for their data handling practices. The potential long provider chains in cloud computing introduce additional accountability ... -
Architectural Risk Analysis in Agile Development of Cloud Software
Jaatun, Martin Gilje (Chapter, 2019)Software in the cloud is predominantly developed using agile methodologies, where practices such as continuous deployment and DevOps contribute to increased speed and quick turnarounds. This increased speed does however ... -
Automated software security activities in a continuous delivery pipeline
Pham, Bao Khanh; Chalishhafshejani, Sohrab (Master thesis, 2021)Due to the rise of cyberattacks in IT companies, software security has become a topic for debate. Currently, to secure their products, companies often use manual methods, which makes development stalled and inefficient. ... -
Bastion: En applikasjon for å dele hemmeligheter
Johannessen, Oda Marie (Bachelor thesis, 2023)Bastion er en webapplikasjon for deling av hemmeligheter, og den gjør deling av hemmeligheter raskt, enkelt og trygt for ansatte og kunder hos Bouvet. Ved hjelp av Bastion kan man dele krypterte hemmeligheter gjennom en ... -
Exploring the need for a CERT for the Norwegian Construction Sector
Skytterholm, Andrea Neverdal; Jaatun, Martin Gilje (Chapter, 2023)This paper presents an empirical study on the need for sector-specific CERT capacity in the Norwegian construction sector. Findings from the interviews demonstrate a need for developing competence in ICT security in this ... -
Risk in the Age of Software Security
Jaatun, Martin Gilje (Others, 2017)For general applications, it is way too costly to aim for 100 % secure software; for complex systems it may even be impossible. To achieve effective software security at reasonable cost, it is thus necessary to identify ... -
Saving Nine Without Stitching in Time: Integrity Check After-the-fact
Gudmestad, Racin; Houmb, Siv Hilde; Jaatun, Martin Gilje (Chapter, 2021)Electrical substations transform voltage from high to low, or low to high for distribution and transmission, respectively, and are a critical part of our electricity infrastructure. The state of a substation is continuously ... -
Scanning the Medical Terrain : an aid to quicker adoption of guidelines
Jaatun, Ellen A. Andreassen; Hepburn, Leigh-Anne; Jaatun, Martin Gilje (Peer reviewed; Journal article, 2019)Guidelines exist in order to ensure efficient, effective and consistent provision of healthcare service. Unfortunately, existing guidelines are often not adopted in a timely manner, even to the point of being outdated at ... -
Security in Critical Information Infrastructures
Jaatun, Martin Gilje (PhD thesis UiS;254, Doctoral thesis, 2015-06-05)Information and Communication Technologies (ICT) are permeating the critical infrastructures that our modern society relies on, and ICT security is becoming increasingly important to all aspects of our lives. This dissertation ... -
Security Incident Information Exchange for Cloud Service Provisioning Chains
Frøystad, Christian; Tøndel, Inger Anne; Jaatun, Martin Gilje (Journal article; Peer reviewed, 2018-12)Online services are increasingly becoming a composition of different cloud services, making incident-handling difficult, as Cloud Service Providers (CSPs) with end-user customers need information from other providers about ... -
Software Bill of Materials in Critical Infrastructure
Jaatun, Lars Andreassen; Sørlien, Silje Marie; Borgaonkar, Ravishankar Bhaskarrao; Steve, Taylor; Jaatun, Martin Gilje (Chapter, 2024)Critical infrastructure today is comprised of cyber-physical systems, and therefore also vulnerable to cyber threats. Many of these threats come from within, through malicious code in software updates or bugs that can be ... -
A Survey on Infrastructure-as-Code Solutions for Cloud Development
Teppan, Håkon; Flå, Lars; Jaatun, Martin Gilje (Chapter, 2022)Cloud software is increasingly written according to the DevOps paradigm, where use of virtualization and Infrastructure-as-Code is prevalent. This paper surveys the state of the art of IaC cloud development, and proposes ... -
Tackling the Cloud Forensic Problem while Keeping your Eye on the GDPR
Westerlund, Magnus; Jaatun, Martin Gilje (Chapter, 2019)If the cloud is just someone else's computer, securing forensic evidence in case of a breach can be tricky. A blockchain-based distributed ledger could contribute to solve this problem, provided the required forensic ... -
Threat Modeling of a Smart Grid Secondary Substation
Holik, Filip; Flå, Lars; Jaatun, Martin Gilje; Yildirim Yayilgan, Sule; Foros, Jørn (Peer reviewed; Journal article, 2022)A full smart grid implementation requires the digitization of all parts of the smart grid infrastructure, including secondary electrical substations. Unfortunately, this introduces new security threats, which were not ... -
Utilize GitOps for Smart Grid Security Lab
Teppan, Håkon (Master thesis, 2022)This thesis will provide an installation of a self-managed, on-premise Kubernetes platform for SINTEF's Smart Grid Security Lab, running a network simulator application called Network Simulator verion 3 (NS-3). The solution ...