{"title":"通过安全认证确保对服务消费的信任","authors":"M. Bezzi, Samuel Paul Kaluvuri, A. Sabetta","doi":"10.1145/2031746.2031758","DOIUrl":null,"url":null,"abstract":"The service-based paradigm is enabling new models of software provisioning based on cloud architectures. An increasing number of organizations are either providing their software as a service or acting as enablers by providing platforms on which service providers can offer their services. However the service implementations and the characteristics of the underlying cloud architectures are often opaque to the service consumers. The resulting deficit of trust on the security of such services is hampering the adoption of these new software paradigms by the industry.\n In this paper, we discuss an approach for security certification of services that can help fill this trust deficit, and we analyze the challenges that we face in realizing this approach. In particular, we concentrate on the problem of ensuring a robust binding between a security certificate and the corresponding service, outlining some possible approaches to tackle this issue.","PeriodicalId":357051,"journal":{"name":"QASBA '11","volume":"77 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Ensuring trust in service consumption through security certification\",\"authors\":\"M. Bezzi, Samuel Paul Kaluvuri, A. Sabetta\",\"doi\":\"10.1145/2031746.2031758\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The service-based paradigm is enabling new models of software provisioning based on cloud architectures. An increasing number of organizations are either providing their software as a service or acting as enablers by providing platforms on which service providers can offer their services. However the service implementations and the characteristics of the underlying cloud architectures are often opaque to the service consumers. The resulting deficit of trust on the security of such services is hampering the adoption of these new software paradigms by the industry.\\n In this paper, we discuss an approach for security certification of services that can help fill this trust deficit, and we analyze the challenges that we face in realizing this approach. In particular, we concentrate on the problem of ensuring a robust binding between a security certificate and the corresponding service, outlining some possible approaches to tackle this issue.\",\"PeriodicalId\":357051,\"journal\":{\"name\":\"QASBA '11\",\"volume\":\"77 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-09-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"QASBA '11\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2031746.2031758\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"QASBA '11","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2031746.2031758","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Ensuring trust in service consumption through security certification
The service-based paradigm is enabling new models of software provisioning based on cloud architectures. An increasing number of organizations are either providing their software as a service or acting as enablers by providing platforms on which service providers can offer their services. However the service implementations and the characteristics of the underlying cloud architectures are often opaque to the service consumers. The resulting deficit of trust on the security of such services is hampering the adoption of these new software paradigms by the industry.
In this paper, we discuss an approach for security certification of services that can help fill this trust deficit, and we analyze the challenges that we face in realizing this approach. In particular, we concentrate on the problem of ensuring a robust binding between a security certificate and the corresponding service, outlining some possible approaches to tackle this issue.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
