• A Cryptographic Protocol for Communication in a Redundant Array of Independent Net-storages 

      JAATUN, Martin Gilje; Zhao, Gansen; Alapnes, Stian (Chapter, 2011)
      This paper describes a cryptographic protocol for storing and processing data in a Cloud Computing setting, where users need not place absolute trust in the various Cloud Processing providers. This is achieved by distributing ...
    • A Farewell to Trust: An Approach to Confidentiality Control in the Cloud 

      JAATUN, Martin Gilje; Nyre, Åsmund Ahlmann; Alapnes, Stian; Zhao, Gansen (Chapter, 2011)
      This paper applies a divide-and-conquer approach to achieve confidentiality control in Cloud Computing. We sketch how a Redundant Array of Independent Net-storages (RAIN) for Cloud Computing can be designed using techniques ...
    • A Lightweight Approach to Secure Software Engineering 

      JAATUN, Martin Gilje; Jensen, Jostein; Meland, Per Håkon; Tøndel, Inger Anne (Chapter, 2011)
      Secure software engineering is much more than developing critical software. History has shown us that software bugs and design flaws also represent exploitable security vulnerabilities in seemingly innocuous applications ...
    • A New Dawn for the Dark Knight: Securing BATMAN 

      Graarud, Espen Grannes; Bowitz, Anne Gabrielle; Brown, Lawrie; JAATUN, Martin Gilje (Journal article; Peer reviewed, 2011)
      The Better Approach To Mobile Ad-hoc Networking (BATMAN) protocol is designed as an alternative to ad-hoc network routing protocols such as OLSR. Like most such proposals, BATMAN does not provide any security mechanisms ...
    • A secure MANET routing protocol for first responders 

      Nyre, Åsmund Ahlmann; JAATUN, Martin Gilje; Tøndel, Inger Anne (Chapter, 2011)
      Emergency and rescue operations are often carried out in areas where the network infrastructure cannot be relied on for message exchange between first responders. Since the fundamental feature of Mobile Ad Hoc Network is ...
    • As strong as the weakest link: Handling compromised components in OpenStack 

      Taheri Monfared, Aryan; JAATUN, Martin Gilje (Chapter, 2011)
      This paper presents an approach to handle compromised components in an Infrastructure-as-a-Service Cloud Computing platform. Our experiments show that traditional incident handling procedures are applicable for cloud ...
    • BatCave: Adding Security to the BATMAN Protocol 

      Bowitz, Anne Gabrielle; Graarud, Espen Grannes; Brown, Lawrie; JAATUN, Martin Gilje (Chapter, 2011)
      The Better Approach To Mobile Ad-hoc Networking (BATMAN) protocol is intended as a replacement for protocols such as OLSR, but just like most such efforts, BATMAN has no built-in security features. In this paper we describe ...
    • Deliverance from Trust through a Redundant Array of Independent Net-storages in Cloud Computing 

      Zhao, Gansen; JAATUN, Martin Gilje; Vasilakos, Athanasios; Nyre, Åsmund Ahlmann; Alapnes, Stian; Yue, Qiang; Tang, Yong (Chapter, 2011)
      Cloud storage services are gaining more and more attention. Surveys suggest that the confidentiality issue is one of the major obstacles for users to use cloud storage services to keep sensitive data. This paper proposes ...
    • Grunnprinsipper for IKT-sikkerhet i industrielle IKT-systemer 

      JAATUN, Martin Gilje; Wille, Egil; Bernsmed, Karin; Kilskar, Stine Skaufel (SINTEF rapport;2021:00055, Research report, 2021)
      Formålet med denne rapporten er å gi økt forståelse for grunnprinsipper for IKT sikkerhet i industrielle IKT-systemer (OT-systemer) i norsk petroleumsvirksomhet basert på NSMs grunnprinsipper for IKT-sikkerhet. Vi har ...
    • Improving smart grid security through 5G enabled IoT and edge computing 

      Borgaonkar, Ravishankar Bhaskarrao; Tøndel, Inger Anne; Degefa, Merkebu Zenebe; JAATUN, Martin Gilje (Peer reviewed; Journal article, 2021)
      This article investigates and analyzes the security aspects of 5G specifications from the perspective of IoT-based smart grids. As the smart grid requires high-speed and reliable communication to enable real-time grid ...
    • Influencing the security prioritisation of an agile software development project 

      Tøndel, Inger Anne; Cruzes, Daniela Soares; JAATUN, Martin Gilje; Sindre, Guttorm (Peer reviewed; Journal article, 2022)
      Software security is a complex topic, and for development projects it can be challenging to assess what security is necessary and cost-effective. Agile Software Development (ASD) values self-management. Thus, teams and ...
    • Monitoring Intrusions and Security Breaches in Highly Distributed Cloud Environments 

      Taheri Monfared, Aryan; JAATUN, Martin Gilje (Chapter, 2011)
      Cloud computing is a new computing model, and security is ranked first among its challenges. This paper reviews existing security monitoring mechanisms compared with new challenges which are caused by this new model. We ...
    • Premisser for digitalisering og integrasjon IT-OT 

      Hanssen, Geir Kjetil; Onshus, Tor; JAATUN, Martin Gilje; Myklebust, Thor; Ottermo, Maria Vatshaug; Lundteigen, Mary Ann (SINTEF Rapport;2021:00057, Research report, 2021)
      Formålet med denne rapporten er å gi næringen økt forståelse av pågående digitalisering, status og utfordringer, og hvordan denne utviklingen bør styres videre. Denne rapporten er en av seks SINTEF-rapporter fra prosjektet: ...
    • Regulering av IKT-sikkerhet i petroleumssektoren 

      Øien, Knut; Bodsberg, Lars; JAATUN, Martin Gilje; Myklebust, Thor; Onshus, Tor (SINTEF Rapport;2021:00054, Research report, 2021)
      Formålet med denne rapporten er å klargjøre hvordan beskyttelse av informasjons‐ og kommunikasjonsteknologi (IKT‐sikkerhet) i petroleumsindustrien blir regulert i gjeldende regelverk og belyse forventninger fra ...
    • Security in Model Driven Development: A Survey 

      Jensen, Jostein; JAATUN, Martin Gilje (Chapter, 2011)
      Model driven development (MDD) is considered a promising approach for software development. In this paper the results of a systematic survey is reported to identify state-of-the-art within the topic of security in model ...
    • Security in Service Level Agreements for Cloud Computing 

      Bernsmed, Karin; JAATUN, Martin Gilje; Undheim, Astrid (Chapter, 2011)
      The Cloud computing paradigm promises reliable services, accessible from anywhere in the world, in an on-demand manner. Insufficient security has been identified as a major obstacle to adopting Cloud services. To deal with ...
    • Security Requirements for MANETs Used in Emergency and Rescue Operations 

      Tøndel, Inger Anne; JAATUN, Martin Gilje; Nyre, Åsmund Ahlmann (Chapter, 2011)
      Ad hoc networks for first responders in emergency situations have some unique characteristics that differ from general ad hoc networks, since it is desirable to restrict who can participate in the network without relying ...
    • Threat Modeling of a Smart Grid Secondary Substation 

      Holik, Filip; Flå, Lars; JAATUN, Martin Gilje; Yildirim Yayilgan, Sule; Foros, Jørn (Peer reviewed; Journal article, 2022)
    • User agents for matching privacy policies with user preferences 

      Bernsmed, Karin; Nyre, Åsmund Ahlmann; JAATUN, Martin Gilje (Chapter, 2011)
      Privacy policies are commonly used by service providers to state how personal data obtained from users will be handled. However, the complexity and sheer length of such policies make them incomprehensible to the common web ...