The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Despite its immense benefits in terms of flexibility, resource consumption, and simplified management, cloud computing raises several concerns due to lack of trust and transparency. Like all computing paradigms based on outsourcing, the use of cloud computing is largely a matter of trust. There is an increasing pressure by cloud customers for solutions that would increase their confidence that a cloud...
The success of web services is changing the way in which software is designed, developed, and distributed. Services are in fact continuously re-designed and incrementally developed, released in heterogeneous and distributed environments. They are selected and integrated at runtime within external business processes. To ensure that a deployed service fulfils the QoS requirements, a Service Level Agreement...
Cloud users and service providers are increasingly concerned about the management of their data and the behavior of the applications they use/own once stored/deployed in the cloud. They therefore ask for enhanced assurance solutions, which partially mitigate the new risks and threats they are facing. Among existing solutions, certification has been widely adopted as a preferable approach to increase...
We present a test-based assurance scheme aimed at incremental security certification. Our scheme assesses the impact of changes at cloud, system, and certification methodology levels on existing certification processes. The proposed solution minimizes the risk of unnecessary certificate revocation and reduces as much as possible the amount of re-certification activities. To this aim, it reuses evidence...
We provide an approach that permits service developers and software adopters to evaluate service performance at design time, in a scenario where neither the service code nor (test-based) information on service execution times are available. Our approach builds on expert knowledge, service complexity evaluation, and the performance (retrieved by testing) of some reference services, to estimate the...
Accurate and rapid evaluation of web service performance is a key problem of Service-Oriented Architecture (SOA), where services are continuously being (re-)designed and released, and integrated within heterogeneous environments. Unfortunately, pre-deployment testing of services is not suitable to evaluate service performance at both design time and runtime. As a result, often process designers get...
The use of clouds raises significant security concerns for the services they provide. Addressing these concerns requires novel models of cloud service certification based on multiple forms of evidence including testing and monitoring data, and trusted computing proofs. CUMULUS is a novel infrastructure for realising such certification models.
We present a solution for test-based security certification of services that models the service under certification using a Symbolic Transition System (STS). The STS-based model is readily derivable from the Web Service Description Language (WSDL) and Web Service Conversation Language (WSCL) of the service, and can be enriched with details about test-based conditions on inputs and outputs, implementation...
Following the Service-Oriented Architecture (SOA) and the Cloud paradigms, an increasing number of organizations implement their business processes and applications via runtime composition of services made available on the cloud by single suppliers. This scenario however introduces new security risks and threats, as the service providers may not provide the level of assurance required by their customers...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.