Jesus Luna

Security as a Service Using an SLA-Based Approach via SPECS

The cloud offers attractive options to migrate corporate applications, without any implication for the corporate security manager to manage or to secure physical resources. While this ease of migration is appealing, several security issues arise: can the validity of corporate legal compliance regulations still be ensured for remote data storage? How is it possible to assess the Cloud Service Provider (CSP) ability to meet corporate security requirements? Can one monitor and enforce the agreed cloud security levels? Unfortunately, no comprehensive solutions exist for these issues. In this context, we introduce a new approach, named SPECS. It aims to offer mechanisms to specify cloud security requirements and to assess the security features offered by CSPs, and to integrate the desired security services (e.g., credential and access management) into cloud services with a Security-as-a-Service approach. Furthermore, SPECS intends to provide systematic approaches to negotiate, to monitor and to enforce the security parameters specified in Service Level Agreements (SLA), to develop and to deploy security services that are cloud SLA-aware and are implemented as an open-source Platform-as-a-Service (PaaS). This paper introduces the main concepts of SPECS.

Geolocation-Based Trust for Vanet's Privacy

Research in vehicular ad hoc networks (VANETs) has evolved considerably over the last years. Security and privacy in VANETs have recently appealed special interest in the research community. In this paper we overview the main privacy concepts and explain why this concept is fundamental for wide adoption of VANETs. A set of privacy requirements for VANETs are established and studied, towards proposing a novel mechanism beyond the use of pseudonyms. In particular, this research demonstrates that there are still several challenges concerning privacy which solution is feasible to be extrapolated from highly demanding environments like e-Health. This paper reports our work in progress mainly describing the basis of a privacy mechanism that uses an authorization paradigm based on a Mandatory Access Control model and a novel mechanism that propagates trust information based on a vehicles geolocation.

AHP-Based Quantitative Approach for Assessing and Comparing Cloud Security

While Cloud usage increasingly involves security considerations, there is still a conspicuous lack of techniques for users to assess/ensure that the security level advertised by the Cloud Service Provider (CSP) is actually delivered. Recent efforts have proposed extending existing Cloud Service Level Agreements (SLAs) to the security domain, by creating Security SLAs (SecLAs) along with attempts to quantify and reason about the security assurance provided by CSPs. However, both technical and usability issues limit their adoption in practice. In this paper we introduce a new technique for conducting quantitative and qualitative analysis of the security level provided by CSPs. Our methodology significantly improves upon contemporary security assessment approaches by creating a novel decision making technique based on the Analytic Hierarchy Process (AHP) that allows the comparison and benchmarking of the security provided by a CSP based on its SecLA. Furthermore, our technique improves security requirements specifications by introducing a flexible and simple methodology that allows users to identify their specific security needs. The proposed technique is demonstrated with real-world CSP data obtained from the Cloud Security Alliances Security, Trust and Assurance Registry.

Quantitative Reasoning about Cloud Security Using Service Level Agreements

While the economic and technological advantages of cloud computing are apparent, its overall uptake has been limited, in part, due to the lack of security assurance and transparency on the Cloud Service Provider (CSP). Although, the recent efforts on specification of security using Service Level Agreements, also known as “Security Level Agreements” or secSLAs is a positive development multiple technical and usability issues limit the adoption of Cloud secSLA’s in practice. In this paper we develop two evaluation techniques, namely QPT and QHP, for conducting the quantitative assessment and analysis of the secSLA based security level provided by CSPs with respect to a set of Cloud Customer security requirements. These proposed techniques help improve the security requirements specifications by introducing a flexible and simple methodology that allows Customers to identify and represent their specific security needs. Apart from detailing guidance on the standalone and collective use of QPT and QHP, these techniques are validated using two use case scenarios and a prototype, leveraging actual real-world CSP secSLAdata derived from the Cloud Security Alliance’s Security, Trust and Assurance Registry.

A framework for financial botnet analysis

Financial botnets, those specifically aimed at carrying out financial fraud, represent a well-known threat for banking institutions all around the globe. Unfortunately, these malicious networks are responsible for huge economic losses or for conducting money laundering operations. Contrary to DDoS and spam malware, the stealthy nature of financial botnets requires new techniques and novel research in order to detect, analyze and even to take them down.

Towards a unified authentication and authorization infrastructure for grid services: implementing an enhanced OCSP service provider into GT4

The OGSA definition of a Grid Service as a transient, stateful and dynamically instantiated Web Service introduced new authentication and authorization requirements beyond those already established for existing Grid environments. However such design features have begun to be developed currently following a pre-Web Services approach in two aspects: in the first place making a clear separation of authentication from authorization issues, and in the second place not designing them over the OGSI/WSRF defined mechanisms and specifications. In this paper we are proposing a new Security Framework that unifies identified common points of both features, Authentication and Authorization, into a mechanism called validation policy which is expected to improve service performance and security. Our framework seeks to implement these aspects over the Grid Services Operations and Service Data concepts to fully exploit its functionalities. The paper also presents the integration of an enhanced OCSP Service Provider into the Globus Toolkit 3.9.4 as a first proof of concept.

Quantitative assessment of software vulnerabilities based on economic-driven security metrics

Vulnerability exploits cost organizations large amounts of resources, mainly due to disruption of ICT services, and thus loss of confidentiality, integrity and availability. As security managers in the industry usually have to operate with limited budgets allocated to information security, they need to prioritize their investment efforts regarding the response mechanisms to the existing vulnerabilities. The utilization of quantitative security vulnerability assessment methods enables efficient prioritization of security efforts and investments to mitigate the discovered vulnerabilities and thus an opportunity to lower expected losses. State of the art approaches for vulnerability assessment such as the Common Vulnerability Scoring System (CVSS), which is the de facto standard quantifying the severity of vulnerabilities, do not consider the economic impact in case of a vulnerability exploit. To this end, our paper targets the quantitative understanding of vulnerability severity taking into account the potential economic damage a successful vulnerability exploit can cause. We propose a novel approach for a systematic consideration of the relevant cost units (associated costs) for the economic damage estimation of vulnerability exploits. Our approach utilizes Multiple Criteria Decision Analysis (MCDA) methods to perform a prioritization of the existing vulnerabilities within the target system. The evaluation results show the potential cost savings w.r.t. the mitigation costs using our approach. Our method supports managers and decision makers in the process of prioritizing security investments to mitigate the discovered vulnerabilities.

Interoperable grid PKIs among untrusted domains: an architectural proposal

In the last years several Grid Virtual Organizations -VOs- have been proliferating, each one usually installing its own Certification Authority and thus giving birth to a large set of different and possibly untrusted security domains. Nevertheless, despite the fact that the adoption of Grid Certification Authorities (CAs) has partially solved the problem of identification and authentication between the involved parties, and that Public Key Infrastructure (PKI) technologies are mature enough, we cannot make the same assumptions when untrusted domains are involved. In this paper we propose an architecture to face the problem of secure interoperability among untrusted Grid-domains. Our approach is based on building a dynamic federation of CAs, formed thorough the quantitative and automatic evaluation of their Certificate Policies. In this paper we describe the proposed architecture and its integration into Globus Toolkit 4.

Privacy-by-design based on quantitative threat modeling

While the general concept of “Privacy-by-Design (PbD)” is increasingly a popular one, there is considerable paucity of either rigorous or quantitative underpinnings supporting PbD. Drawing upon privacy-aware modeling techniques, this paper proposes a quantitative threat modeling methodology (QTMM) that can be used to draw objective conclusions about different privacy-related attacks that might compromise a service. The proposed QTMM has been empirically validated in the context of the EU project ABC4Trust, where the end-users actually elicited security and privacy requirements of the so-called privacy-Attribute Based Credentials (privacy-ABCs) in a real-world scenario. Our overall objective, is to provide architects of privacy-respecting systems with a set of quantitative and automated tools to help decide across functional system requirements and the corresponding trade-offs (security, privacy and economic), that should be taken into account before the actual deployment of their services.

Static evaluation of Certificate Policies for GRID PKIs interoperability

Validating an end-entity X.509 digital certificate prior to authorizing it for using a resource into the computational grid has become a widely studied topic due to its importance for security. A more comprehensive validation process involves not only a real-time check on the credentials status, but also an evaluation of the trust level applicable to its certification authority. Nowadays policy management authorities (PMAs) gather grid CAs fulfilling a minimum set of requirements defined in an authentication profile thus guaranteeing a trusted interoperability environment for grid projects. Currently this is a manual process that only results in a binary decision (the CA is able to become part of the PMA or not), however in practice, different CAs offer different security levels. In this paper we present ways to apply the reference evaluation methodology (REM) to automatically obtain the security level of a CA. The described process is based on the building of a formalized policy template for grid certificate policies. This methodology has been used to evaluate the security level offered by a set of EUGridPMAs CAs; the obtained results are then conveyed to relying parties using an infrastructure composed of CertiVeRs validation service and the Open GRid Ocsp (OGRO) middleware for the Globus Toolkit 4, thus providing enough information for a comprehensive certificate validation decision