Martin Bedoya, Sara Palacios, Daniel Díaz-López, P. Nespoli, Estefania Laverde, Sebastián Suárez
{"title":"Securing cloud-based military systems with Security Chaos Engineering and Artificial Intelligence","authors":"Martin Bedoya, Sara Palacios, Daniel Díaz-López, P. Nespoli, Estefania Laverde, Sebastián Suárez","doi":"10.1145/3600160.3605076","DOIUrl":null,"url":null,"abstract":"Recently, system security represents a big challenge for many organizations, and it must be specifically handled when a system is intended to be deployed in a cloud environment. Cloud environments provide multiple security services that run over a Shared Responsibility Model that requires the participation of the cloud provider and the customer. Thus, this paper proposes an architecture based on Artificial Intelligence to support the finding of system threats and errors in an early stage and on Security Chaos Engineering methodology to reliably test the existence of such errors. This proposed architecture may help orientate better system designs and contribute to building holistic security. A particular use case is described to show how the proposal can be applied to a system that supports services for a military-related organization.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 18th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3600160.3605076","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Recently, system security represents a big challenge for many organizations, and it must be specifically handled when a system is intended to be deployed in a cloud environment. Cloud environments provide multiple security services that run over a Shared Responsibility Model that requires the participation of the cloud provider and the customer. Thus, this paper proposes an architecture based on Artificial Intelligence to support the finding of system threats and errors in an early stage and on Security Chaos Engineering methodology to reliably test the existence of such errors. This proposed architecture may help orientate better system designs and contribute to building holistic security. A particular use case is described to show how the proposal can be applied to a system that supports services for a military-related organization.