Ehemaliger FH Mitarbeiter
Scopus Author ID
Now showing 1 - 10 of 58
- PublicationSelf-Adaptation Applied to Peer-Set Maintenance in Chord via a Generic Autonomic Management Framework(2010)
; ;Kirby, G. N. C.Dearle, A. 94
- PublicationA Multi-Layer and Multi-Tenant Cloud Assurance Evaluation Methodology(2015)
;Hudic, A. ; ;Loruenser, T. ;Krotsiani, M. ;Spanoudakis, G. ;Mauthe, A.Weippl, E.Data with high security requirements is being processed and stored with increasing frequency in the Cloud. To guarantee that the data is being dealt in a secure manner we investigate the applicability of Assurance methodologies. In a typical Cloud environment the setup of multiple layers and different stakeholders determines security properties of individual components that are used to compose Cloud applications. We present a methodology adapted from Common Criteria for aggregating information reflecting the security properties of individual constituent components of Cloud applications. This aggregated information is used to categorise overall application security in terms of Assurance Levels and to provide a continuous assurance level evaluation. It gives the service owner an overview of the security of his service, without requiring detailed manual analyses of log files. 153Scopus© Citations 8
- PublicationEmbedded Artificial Intelligence: The ARTEMIS Vision(IEEE, 2020-11)
;Serpanos, Dimitrios ;Ferrari, Gianluigi ;Nikolakopoulos, George ;Perez, Jon ;van Baelen, StefanAdvances in embedded and cyberphysical systems have disrupted numerous application domains. We examine the requirements and challenges of these technologies, which present significant opportunities for interdisciplinary research. 191Scopus© Citations 4
- PublicationHarmonized Monitoring for High Assurance CloudsDue to a lack of transparency in cloud based services well-defined security levels cannot be assured within current cloud infrastructures. Hence sectors with stringent security requirements hesitate to migrate their services to the cloud. This applies especially when considering services where high security requirements are combined with legal constraints. To tackle this challenge this paper presents an extension to our existing work on assurance methodologies in cloud based environments by investigating how current state of the art monitoring solutions can be used to support assurance throughout the entire infrastructure. A case study is used in which monitoring information representing a set of relevant security properties is being collected. As result, we propose that a combination of existing tools should be used to harmonize existing monitoring artifacts. We describe and evaluate an Evidence Gathering Mechanism (EGM) that provides this harmonization and show how this can support assurance. This can also underpin legal proceedings from an evidence law perspective.
165Scopus© Citations 8
- PublicationTrustworthy and High Assurance Cyber-Physical Systems - A Research Agenda(ERCIM EEIG, 2015)
; ;Wagner, ChristianMauthe, Andreas 127
- PublicationImpact of Critical Infrastructure Requirements on Service Migration Guidelines to the CloudA high level of information security in critical infrastructure IT systems and services has to be preserved when migrating their IT services to the cloud. Often various legislative and security constraints have to be met in line with best practice guidelines and international standards to perform the migration. To support the critical infrastructure providers in migrating their services to the cloud we are developing a process based migration guideline for critical infrastructure providers focusing on information security. First of all we investigate, via questionnaires, how the importance of individual security topics covered in such guidelines differentiates between industry stakeholders and critical infrastructure providers. This supports the selection of relevant security topics and the considered guidelines and standards, which we survey in search for common relevant security topics. Subsequently we present the analysis of the above-mentioned security requirements and how they affect a here developed taxonomy for a process-based security guideline. Furthermore we present potential service migration use cases and how our methodology would affect the migration of secure critical infrastructure services.
151Scopus© Citations 4
- PublicationInformation Assurance System in the Arrowhead Project(ERCIM EEIG, 2014-04)
;Plosz, S. ;Varga, P. 126
- PublicationFunction-as-a-Service Benchmarking FrameworkCloud Service Providers deliver their products in form of ”as-a-Service”, which are typically categorized by the level of abstraction. This approach hides the implementation details and shows only functionality to the user. However, the problem is that it is hard to measure the performance of Cloud services, because they behave like black boxes. Especially with Function-as-a-Service it is even more difficult because it completely hides server and infrastructure management from users by design. Cloud Service Prodivers usually restrict the maximum size of code, memory and runtime of Cloud Functions. Nevertheless, users need clarification if more ressources are needed to deliver services in high quality. In this regard, we present the architectural design of a new Function-as-a-Service benchmarking tool, which allows users to evaluate the performance of Cloud Functions. Furthermore, the capabilities of the framework are tested on an isolated platform with a specific workload. The results show that users are able to get insights into Function-as-a-Service environments. This, in turn, allows users to identify factors which may slow down or speed up the performance of Cloud Functions.
509Scopus© Citations 1