Security and Critical Infrastructure for Cloud, IoT and Decentralized Trust

Permanent URI for this collection

Browse

Recent Submissions

Now showing 1 - 3 of 3
  • Item
    Drivers vs. Inhibitors - What Clinches Continuous Service Certification Adoption by Cloud Service Providers?
    ( 2018-01-03) Teigeler, Heiner ; Lins, Sebastian ; Sunyaev, Ali
    Continuous service certification (CSC) is an innovative way to ensure ongoing security and reliability of cloud services by using (automated) monitoring and auditing techniques. Yet, CSC currently remains underexplored and is still in its early diffusion period, thus we require a deeper understanding about what influences cloud service providers to participate in CSC. In particular, cloud service providers are facing a trade-off between achieving unique advantages and participating in a complex and effortful CSC process. This study derives a theoretical model grounded on the Technology-Organization-Environment Framework and Diffusion of Innovations Theory to explain why cloud service providers might be willing to adopt CSC. To test our model, we surveyed 115 cloud service providers. Our findings reveal that perceived advantages have a significant influence on provider’s adoption intention and that they outweigh perceived inhibitors.
  • Item
    On Software Standards and Solutions for a Trusted Internet of Things
    ( 2018-01-03) Maher, David
    We discuss a high-level model for software applications and services that can support a minimal set of human-centric trust management capabilities. We outline the unique set of challenges we must address if we are to attain a level of trust that will be required for a robust deployment of an IoT. We discuss the role of standards and how we can maximize the effectiveness of standards and device and service certification. We suggest a set of solutions for trust management that can support the unique security, safety, and privacy requirements of a robust IoT. Prominent among these solutions is the use of an older approach for access control, viz. the reference monitor, and blockchain technologies that can record trust and policy graphs and trust-related attributes for IoT devices and supporting services. An open, but governed trust blockchain can serve as a universal trusted oracle.
  • Item