Keeping an Eye on Your Security Through Assurance Indicators

Moussa Ouedraogo; Chien-Ting Kuo; Simon Tjoa; David Preston; Eric Dubois; Paulo Simoes; Tiago Cruz

doi:10.5220/0005118504760483

Keeping an Eye on Your Security Through Assurance Indicators

Moussa Ouedraogo, Chien-Ting Kuo, Simon Tjoa, David Preston, Eric Dubois, Paulo Simoes, Tiago Cruz

2014

Abstract

Despite the incommensurable effort made from across computer sciences disciplines to provide more secure systems, compromising the security of a system has now become a very common and stark reality for organizations of all sizes and from a variety of sectors. The lax in the technology has often been cited as the salient cause of systems insecurity. In this paper we advocate the need for a Security Assurance (SA) system to be embedded within current IT systems. Such a system has the potential to address one facet of cyber insecurity, which is the exploit of lax within the deployed security and its underlining policy. We discuss the challenges associated to such an SA assessment and present the flavor of its evaluation and monitoring through an initial prototype. By providing indicators on the status of a security matter that is more and more devolved to the provider as it is the case in the cloud, the SA tool can be used as a means of fostering better security transparency between a cloud provider and client.

Download

Paper Citation

in Harvard Style

Ouedraogo M., Kuo C., Tjoa S., Preston D., Dubois E., Simoes P. and Cruz T. (2014). Keeping an Eye on Your Security Through Assurance Indicators . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 476-483. DOI: 10.5220/0005118504760483

in Bibtex Style

@conference{secrypt14,
author={Moussa Ouedraogo and Chien-Ting Kuo and Simon Tjoa and David Preston and Eric Dubois and Paulo Simoes and Tiago Cruz},
title={Keeping an Eye on Your Security Through Assurance Indicators},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={476-483},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005118504760483},
isbn={978-989-758-045-1},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - Keeping an Eye on Your Security Through Assurance Indicators
SN - 978-989-758-045-1
AU - Ouedraogo M.
AU - Kuo C.
AU - Tjoa S.
AU - Preston D.
AU - Dubois E.
AU - Simoes P.
AU - Cruz T.
PY - 2014
SP - 476
EP - 483
DO - 10.5220/0005118504760483