dc.contributor.author | Frøystad, Christian | |
dc.contributor.author | Tøndel, Inger Anne | |
dc.contributor.author | Jaatun, Martin Gilje | |
dc.date.accessioned | 2018-12-13T06:46:46Z | |
dc.date.available | 2018-12-13T06:46:46Z | |
dc.date.created | 2018-12-12T10:02:52Z | |
dc.date.issued | 2018 | |
dc.identifier.citation | Cryptography, 2018, 2 (4), art. 41 | nb_NO |
dc.identifier.issn | 2410-387X | |
dc.identifier.uri | http://hdl.handle.net/11250/2577499 | |
dc.description.abstract | Online services are increasingly becoming a composition of different cloud services, making incident-handling difficult, as Cloud Service Providers (CSPs) with end-user customers need information from other providers about incidents that occur at upstream CSPs to inform their users. In this paper, we argue the need for commonly agreed-upon incident information exchanges between providers to improve accountability of CSPs, and present both such a format and a prototype implementing it. The solution can handle simple incident information natively as well as embed standard representation formats for incident-sharing, such as IODEF and STIX. Preliminary interviews show a desire for such a solution. The discussion considers both technical challenges and non-technical aspects related to improving the situation for incident response in cloud-computing scenarios. Our solution holds the potential of making incident-sharing more efficient | nb_NO |
dc.language.iso | eng | nb_NO |
dc.rights | Navngivelse 4.0 Internasjonal | * |
dc.rights.uri | http://creativecommons.org/licenses/by/4.0/deed.no | * |
dc.title | Security Incident Information Exchange for Cloud Service Provisioning Chains | nb_NO |
dc.type | Journal article | nb_NO |
dc.type | Peer reviewed | nb_NO |
dc.description.version | publishedVersion | nb_NO |
dc.source.pagenumber | art. 41, pp16 | nb_NO |
dc.source.volume | 2 | nb_NO |
dc.source.journal | Cryptography | nb_NO |
dc.source.issue | 4, | nb_NO |
dc.identifier.doi | 10.3390/cryptography2040041 | |
dc.identifier.cristin | 1641993 | |
dc.relation.project | EC/FP7/317550 | nb_NO |
cristin.unitcode | 7401,90,13,0 | |
cristin.unitname | Software Engineering, Safety and Security | |
cristin.ispublished | true | |
cristin.fulltext | original | |
cristin.qualitycode | 1 | |