dc.contributor.author | Frøystad, Christian | |
dc.contributor.author | Tøndel, Inger Anne | |
dc.contributor.author | Jaatun, Martin Gilje | |
dc.date.accessioned | 2018-12-19T13:15:22Z | |
dc.date.available | 2018-12-19T13:15:22Z | |
dc.date.created | 2018-12-12T10:02:52Z | |
dc.date.issued | 2018-12 | |
dc.identifier.citation | Frøystad, C., Tøndel, I.A., Jaatun, M.G., (2018) Security Incident Information Exchange for Cloud Service Provisioning Chains, 2(4) | nb_NO |
dc.identifier.issn | 2410-387X | |
dc.identifier.uri | http://hdl.handle.net/11250/2578337 | |
dc.description.abstract | Online services are increasingly becoming a composition of different cloud services, making incident-handling difficult, as Cloud Service Providers (CSPs) with end-user customers need information from other providers about incidents that occur at upstream CSPs to inform their users. In this paper, we argue the need for commonly agreed-upon incident information exchanges between providers to improve accountability of CSPs, and present both such a format and a prototype implementing it. The solution can handle simple incident information natively as well as embed standard representation formats for incident-sharing, such as IODEF and STIX. Preliminary interviews show a desire for such a solution. The discussion considers both technical challenges and non-technical aspects related to improving the situation for incident response in cloud-computing scenarios. Our solution holds the potential of making incident-sharing more efficient | nb_NO |
dc.language.iso | eng | nb_NO |
dc.publisher | MDPI | nb_NO |
dc.rights | Navngivelse 4.0 Internasjonal | * |
dc.rights.uri | http://creativecommons.org/licenses/by/4.0/deed.no | * |
dc.subject | cryptography | nb_NO |
dc.subject | informasjonsteknologi | nb_NO |
dc.subject | accountability | nb_NO |
dc.subject | cloud computing | nb_NO |
dc.subject | skyteknologi | nb_NO |
dc.subject | incident response | nb_NO |
dc.title | Security Incident Information Exchange for Cloud Service Provisioning Chains | nb_NO |
dc.type | Journal article | nb_NO |
dc.type | Peer reviewed | nb_NO |
dc.description.version | publishedVersion | nb_NO |
dc.rights.holder | (c) 2018 by the authors | nb_NO |
dc.subject.nsi | VDP::Teknologi: 500::Informasjons- og kommunikasjonsteknologi: 550 | nb_NO |
dc.source.volume | 2 | nb_NO |
dc.source.journal | Cryptography | nb_NO |
dc.source.issue | 4 | nb_NO |
dc.identifier.doi | 10.3390/cryptography2040041 | |
dc.identifier.cristin | 1641993 | |
cristin.unitcode | 217,8,4,0 | |
cristin.unitname | Institutt for data- og elektroteknologi | |
cristin.ispublished | true | |
cristin.fulltext | original | |
cristin.qualitycode | 1 | |