research-article

Ontological approach toward cybersecurity in cloud computing

Authors:

Takeshi Takahashi,

Youki Kadobayashi, and

Hiroyuki FujiwaraAuthors Info & Claims

SIN '10: Proceedings of the 3rd international conference on Security of information and networks

September 2010

Pages 100 - 109

https://doi.org/10.1145/1854099.1854121

Published: 07 September 2010 Publication History

Abstract

Widespread deployment of the Internet enabled building of an emerging IT delivery model, i.e., cloud computing. Albeit cloud computing-based services have rapidly developed, their security aspects are still at the initial stage of development. In order to preserve cybersecurity in cloud computing, cybersecurity information that will be exchanged within it needs to be identified and discussed. For this purpose, we propose an ontological approach to cybersecurity in cloud computing. We build an ontology for cybersecurity operational information based on actual cybersecurity operations mainly focused on non-cloud computing. In order to discuss necessary cybersecurity information in cloud computing, we apply the ontology to cloud computing. Through the discussion, we identify essential changes in cloud computing such as data-asset decoupling and clarify the cybersecurity information required by the changes such as data provenance and resource dependency information.

References

[1]

European Network and Information Security Agency(ENISA). URL http://www.enisa.europa.eu/.

[2]

Security Guidance for Critical Areas of Focus in Cloud Computing V2.1. Cloud Security Alliance, December 2009.

[3]

J. Baker, A. Buttner, and T. Wittbold. Common Result Format (CRF) Specification Version 0.3. URL http://crf.mitre.org/, September 2009.

[4]

C. Blanco, J. Lasheras, R. Valencia-Garcia, E. Fernandez-Medina, A. Toval, and M. Piattini. A systematic review and comparison of security ontologies. In The Third International Conference on Availability, Reliability and Security, 2008.

Digital Library

[5]

A. Buttner and N. Ziring. Common Platform Enumeration (CPE) - Specification. URL http://cpe.mitre.org/, March 2009.

[6]

R. Danyliw, J. Meijer, and Y. Demchenko. The Incident Object Description Exchange Format. IETF Request For Comments 5070, December 2007.

[7]

S. Decker, M. Erdmann, D. Fensel, and R. Studer. Ontobroker: Ontology based access to distributed and semi-structured information. DS-8: Semantic Issues in Multimedia Systems, 1999.

Digital Library

[8]

G. Denker, L. Kagal, and T. Finin. Security in the semantic web using owl. In Information Security Technical Report, pages 51--58, 2005.

Digital Library

[9]

Distributed Management Task Force, Inc. Interoperabile Clouds - A White Paper from the Open Cloud Standards Incubator Version 1.0.0. DSP-IS0101, November 2009.

[10]

S. Fenz and A. Ekelhart. Formalizing information security knowledge. In ASIACCS '09: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pages 183--194, New York, NY, USA, 2009. ACM.

Digital Library

[11]

F. Gens. IDC's New IT Cloud Services Forecast: 2009--2013. Internal Data Corporation (IDC), October 2009.

[12]

T. R. Gruber. Toward principles for the design of ontologies used for knowledge sharing. International Journal of Human-Computer Studies, 43(5-6):907--928, 1995.

Digital Library

[13]

ISO/IEC/JTC 1/SC 27. Information Technology - Guidelines for the management of IT Security - Part 1: Concepts and models for IT Security. December 1996.

[14]

P. Johansson, L. Hall, S. Sikstrom, and A. Olsson. Failure to detect mismatches between intention and outcome in a simple decision task. Science, 310(5745):116, 2005.

[15]

P. Mell and T. Grance. The NIST Definition of Cloud Computing. National Institute of Standards and Technology, 2009.

Digital Library

[16]

P. Mell, K. Scarfone, and S. Romanosky. The Common Vulnerability Scoring System (CVSS) and Its Applicability to Federal Agency Systems. NIST Interagency Report 7435, August 2007.

[17]

L. Moreau, P. Groth, S. Miles, J. Vazquez-Salceda, J. Ibbotson, S. Jiang, S. Munroe, O. Rana, A. Schreiber, V. Tan, and L. Varga. The provenance of electronic data. Commun. ACM, 51(4):52--58, 2008.

Digital Library

[18]

T. Moses. eXtensible Access Control Markup Language (XACML) Version 2.0. Organization for the Advancement of Structured Information Standards, February 2005.

[19]

National Institute of Standards and Technology. National Vulnerability Database (NVD). URL http://nvd.nist.gov/.

[20]

Organisation for economic co-operation and development. OECD Guidelines for the Security of Information Systems and Networks. July 2002.

[21]

S. E. Parkin, A. van Moorsel, and R. Coles. An information security ontology incorporating human-behavioural implications. In SIN '09: Proceedings of the 2nd international conference on Security of information and networks, pages 46--55, New York, NY, USA, 2009. ACM.

Digital Library

[22]

Storage Networking Industry Association. Cloud Data Management Interface Version 1.0. URL http://cdmi.sniacloud.com/, April 2010.

[23]

T. Takahashi, H. Fujiwara, and Y. Kadobayashi. Building ontology of cybersecurity operational information. In CSIIRW '10: Proceedings of the 6th Annual Workshop on Cyber Security and Information Intelligence Research, 2010.

Digital Library

[24]

The MITRE Corporation. Common Attack Pattern Enumeration and Classification (CAPEC). URL http://capec.mitre.org/, September 2009.

[25]

The MITRE Corporation. Common Vulnerability and Exposures (CVE). URL http://cve.mitre.org/, March 2009.

[26]

The MITRE Corporation. Assessment Results Format (ARF). URL http://measurablesecurity.mitre.org/incubator/arf/, March 2010.

[27]

The MITRE Corporation. Common Configuration Enumeration (CCE). URL http://cce.mitre.org/, March 2010.

[28]

The MITRE Corporation. Common Event Expression (CEE). URL http://cee.mitre.org/, January 2010.

[29]

The MITRE Corporation. Common Weakness Enumeration (CWE). URL http://cwe.mitre.org/, February 2010.

[30]

The MITRE Corporation. Common Weakness Scoring System (CWSS). URL http://cwe.mitre.org/cwss/index.html, February 2010.

[31]

The MITRE Corporation. Malware Attribute Enumeration and Characterization. URL http://maec.mitre.org/, February 2010.

[32]

The MITRE Corporation. Open Vulnerability and Assessment Language (OVAL). URL http://oval.mitre.org/, February 2010.

[33]

Thijs Metsch. Use cases and requirements for a Cloud API. Open Cloud Computing Interface GFD-I. 162, January 2010.

[34]

B. Tsoumas, S. Dritsas, and D. Gritzalis. An ontology-based approach to information systems security management. Computer Network Security, pages 151--164, 2005.

Digital Library

[35]

B. Tsoumas and D. Gritzalis. Towards an ontology-based security management. In AINA '06: Proceedings of the 20th International Conference on Advanced Information Networking and Applications, pages 985--992, Washington, DC, USA, 2006. IEEE Computer Society.

Digital Library

[36]

J. A. Wang and M. Guo. OVM: an ontology for vulnerability management. In CSIIRW '09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research, pages 1--4, New York, NY, USA, 2009. ACM.

Digital Library

[37]

J. A. Wang and M. Guo. Security data mining in an ontology for vulnerability management. pages 597--603, aug. 2009.

Digital Library

[38]

N. Ziring and S. D. Quinn. Specification for the Extensible Configuration Checklist Description Format (XCCDF) version 1.1.4. NIST Interagency Report 7275 Revision 3, January 2008.

Cited By

Rekha SSharma MKannan SUpadhye VPatil HRajkumar S(2024)Hybrid Deep Learning Approaches for Data Security in Cloud Environments2024 2nd International Conference on Intelligent Data Communication Technologies and Internet of Things (IDCIoT)10.1109/IDCIoT59759.2024.10467848(467-472)Online publication date: 4-Jan-2024
https://doi.org/10.1109/IDCIoT59759.2024.10467848
Barik KMisra SMishra BMaathuis CChockalingama S(2024)Cyber Resilience for SDG Towards the Digitization: An Imperial StudyArtificial Intelligence of Things for Achieving Sustainable Development Goals10.1007/978-3-031-53433-1_18(361-388)Online publication date: 9-Mar-2024
https://doi.org/10.1007/978-3-031-53433-1_18
Ojha NKumar ATyagi NRanjan PVaish A(2023)Use of Machine Learning in Forensics and Computer SecurityArtificial Intelligence and Cyber Security in Industry 4.010.1007/978-981-99-2115-7_9(211-236)Online publication date: 14-Jun-2023
https://doi.org/10.1007/978-981-99-2115-7_9
Show More Cited By

Index Terms

Ontological approach toward cybersecurity in cloud computing

Recommendations

Harnessing the cloud for teaching cybersecurity
SIGCSE '14: Proceedings of the 45th ACM technical symposium on Computer science education

Cloud computing has become an attractive paradigm for many organizations in government, industry as well as academia. In academia, the cloud can offer instructors and students (whether local or at a distance) on-demand, dedicated, isolated, unlimited, ...
Read More
A Conceptual Platform of SLA in Cloud Computing
DASC '11: Proceedings of the 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing

Cloud computing is a promising technology, where the infrastructure, developing platform, software and storage are delivered as a service. With the development of cloud computing, more and more cloud service providers emerge. However, there are no ...
Read More
Analysis and Research of Cloud Computing System Instance
ICFN '10: Proceedings of the 2010 Second International Conference on Future Networks

As a kind of emerging business computational model, Cloud Computing distribute computation task on the resource pool which consists of massive computers, accordingly ,the application systems can gain the computation strength, the storage space and ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

SIN '10: Proceedings of the 3rd international conference on Security of information and networks

September 2010

286 pages

ISBN:9781450302340

DOI:10.1145/1854099

General Chairs:
Oleg Makarevich
Southern Federal University, Russia
,
Atilla Elçi
Toros University, Turkey
,
Mehmet Orgun
Macquarie University, Australia
,
Sorin A. Huss
Technische Universität Darmstadt, Germany
,
Program Chairs:
Ludmila Babenko
Southern Federal University, Russia
,
Alexander Chefranov
Eastern Mediterranean University, North Cyprus
,
Vijay Varadharajan
Macquarie University, Australia

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Microsoft: Microsoft
RFBR: Russian Foundation for Basic Research

In-Cooperation

SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Macquarie U., Austarlia
Darmstadt U., Germany
TBD, North Cyprus
TIT, South. Fed. U., Russia
Taganrog Institute of Technologies

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 September 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIN '10

Sponsor:

Microsoft
RFBR

SIN '10: 3rd International Conference of Security of Information and Networks

September 7 - 11, 2010

Rostov-on-Don, Taganrog, Russian Federation

Acceptance Rates

Overall Acceptance Rate 102 of 289 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

47
Total Citations
View Citations
2,648
Total Downloads

Downloads (Last 12 months)41
Downloads (Last 6 weeks)6

Other Metrics

View Author Metrics

Citations

Cited By

Rekha SSharma MKannan SUpadhye VPatil HRajkumar S(2024)Hybrid Deep Learning Approaches for Data Security in Cloud Environments2024 2nd International Conference on Intelligent Data Communication Technologies and Internet of Things (IDCIoT)10.1109/IDCIoT59759.2024.10467848(467-472)Online publication date: 4-Jan-2024
https://doi.org/10.1109/IDCIoT59759.2024.10467848
Barik KMisra SMishra BMaathuis CChockalingama S(2024)Cyber Resilience for SDG Towards the Digitization: An Imperial StudyArtificial Intelligence of Things for Achieving Sustainable Development Goals10.1007/978-3-031-53433-1_18(361-388)Online publication date: 9-Mar-2024
https://doi.org/10.1007/978-3-031-53433-1_18
Ojha NKumar ATyagi NRanjan PVaish A(2023)Use of Machine Learning in Forensics and Computer SecurityArtificial Intelligence and Cyber Security in Industry 4.010.1007/978-981-99-2115-7_9(211-236)Online publication date: 14-Jun-2023
https://doi.org/10.1007/978-981-99-2115-7_9
Xue XTan W(2022)Matching Cybersecurity Ontologies on Internet of Everything through Coevolutionary Multiobjective Evolutionary AlgorithmSecurity and Communication Networks10.1155/2022/35724042022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/3572404
Jain AMisra TTyagi NSuresh Kumar MPant B(2022)A Comparative Study on Cyber security Technology in Big data Cloud Computing Environment2022 5th International Conference on Contemporary Computing and Informatics (IC3I)10.1109/IC3I56241.2022.10072552(235-241)Online publication date: 14-Dec-2022
https://doi.org/10.1109/IC3I56241.2022.10072552
Martins BSerrano Gil LReyes Román JPanach JPastor OHadad MRochwerger B(2022)A framework for conceptual characterization of ontologies and its application in the cybersecurity domainSoftware and Systems Modeling10.1007/s10270-022-01013-021:4(1437-1464)Online publication date: 2-Jul-2022
https://doi.org/10.1007/s10270-022-01013-0
Bernabé IFernández ABillhardt HOssowski S(2022)Towards Semantic Modelling of the Edge-Cloud ContinuumHighlights in Practical Applications of Agents, Multi-Agent Systems, and Complex Systems Simulation. The PAAMS Collection10.1007/978-3-031-18697-4_6(71-82)Online publication date: 13-Oct-2022
https://doi.org/10.1007/978-3-031-18697-4_6
Lin WHaga R(2021)Matching Cyber Security Ontologies through Genetic Algorithm-Based Ontology Alignment TechniqueSecurity and Communication Networks10.1155/2021/48562652021Online publication date: 30-Nov-2021
https://dl.acm.org/doi/10.1155/2021/4856265
Hirsch LSchneegass CWelsch RButz A(2021)To See or Not to SeeProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/34481235:1(1-25)Online publication date: 30-Mar-2021
https://dl.acm.org/doi/10.1145/3448123
Hussain MHasan MSarwar NNasir JAslam N(2021)Cloud application importance and challenges: A Systematic Review2021 International Conference on Innovative Computing (ICIC)10.1109/ICIC53490.2021.9692995(1-6)Online publication date: 9-Nov-2021
https://doi.org/10.1109/ICIC53490.2021.9692995
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents