Abstract
Critical Infrastructures (CIs) such as e-commerce, energy, transportation, defense, monitoring etc., form the basis of the modern ICT society, and these CI’s increasingly utilize ICT services such as the Cloud to provide for scalable, robust and cost-efficient services. Consequently, the resilience of the CI is directly connected with the resilience of the underlying Cloud infrastructure. However, performing a Cloud threat analysis (TA) is a challenging task given the complex interconnection of underlying computing and communication services. Thus, the need is of a comprehensive TA approach that can holistically analyze the relation across system level requirements and Cloud vulnerabilities.
We target achieving such a requirement based threat analysis by developing an ontology depicting the relations among actors involved in the Cloud ecosystem. The ontology comprehensively covers requirement specifications, interaction among the Cloud services and vulnerabilities violating the requirements. By mapping the ontology to a design structure matrix, our approach obtains security assessments from varied actor perspectives. We demonstrate the effectiveness of our approach by assessing the security of OpenStack, an open source Cloud platform, covering user requirements and services involved in Cloud operations.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
At a semantic level, a CI is an instantiation of a user.
References
NIST. National Vulnerability Database. https://nvd.nist.gov/
Eppinger, S., Browning, T.: Design Structure Matrix Methods and Applications. MIT Press, Cambridge (2012)
Gebala, D., Eppinger, S.: Methods for analyzing design procedures. In: Proceedings of Design Theory and Methodology, pp. 227–233 (1991)
Hernan, S., Lambert, S., Ostwald, T., Shostack, A.: Uncover security design flaws using the STRIDE approach. MSDN Magazine (2006)
Hiller, M., Jhumka, A., Suri, N.: An approach for analysing the propagation of data errors in software. In: International Conference on Dependable Systems and Networks, DSN 2001, pp. 161–170. IEEE (2001)
Hiller, M., Jhumka, A., Suri, N.: EPIC: profiling the propagation and effect of data errors in software. IEEE Trans. Comput. 53(5), 512–530 (2004)
Kamongi, P., et al.: VULCAN: vulnerability assessment framework for cloud computing. In: Proceedings of IEEE Software Security and Reliability (SERE), pp. 218–226 (2013)
Manzoor, S., Luna, J., Suri, N.: AttackDive: diving deep into the cloud ecosystem to explore attack surfaces. In: Proceedings of IEEE Services Computing (SCC), pp. 499–502 (2017)
Manzoor, S., Taha, A., Suri, N.: Trust validation of cloud IaaS: a customer-centric approach. In: Proceedings of IEEE Conference on Trust, Security and Privacy in Computing and Communications (Trustcom), pp. 97–104 (2016)
Milojičić, D., Llorente, I., Montero, R.: Opennebula: a cloud management tool. IEEE Internet Comput. 15, 11–14 (2011)
Myagmar, S., Lee, A., Yurcik, W.: Threat modeling as a basis for security requirements. In: Symposium on Requirements Engineering for Information Security (SREIS), pp. 1–8 (2005)
Nurmi, D., et al.: The eucalyptus open-source cloud-computing system. In: Proceedings of Cluster Computing and the Grid (CCGRID), pp. 124–131 (2009)
Oladimeji, E., Supakkul, S., Chung, L.: Security threat modeling and analysis: a goal-oriented approach. In: Proceedings of IEEE International Conference on Software Engineering and Applications (IASTED), pp. 13–15 (2006)
Perez-Botero, D., et al.: Characterizing hypervisor vulnerabilities in cloud computing servers. In: Proceedings of the International Workshop on Security in Cloud Computing, pp. 3–10 (2013)
Sefraoui, O., Aissaoui, M., Eleuldj, M.: OpenStack: toward an open-source solution for cloud computing. Int. J. Comput. Appl. 55, 38–42 (2012)
Swiderski, F., Snyder, W.: Threat Modeling. Microsoft Press (2004)
Tsai, H., et al.: Threat as a service?: virtualization’s impact on cloud security. IT Prof. 14, 32–37 (2012)
Walter, C.J., Suri, N., Hugue, M.M.: Continual on-line diagnosis of hybrid faults. In: Cristian, F., Le Lann, G., Lunt, T. (eds.) Dependable Computing for Critical Applications 4. DEPENDABLECOMP, vol. 9, pp. 233–249. Springer, Vienna (1995). https://doi.org/10.1007/978-3-7091-9396-9_21
Wang, J.A., Guo, M.: Security data mining in an ontology for vulnerability management. In: Proceedings of IEEE Bioinformatics, Systems Biology and Intelligent Computing (IJCBS), pp. 597–603 (2009)
Wang, P., Lin, W.-H., Kuo, P.-T., Lin, H.-T., Wang, T.C.: Threat risk analysis for cloud security based on attack-defense trees. In: Proceedings of Computing Technology and Information Management (ICCM), pp. 106–111 (2012)
Winter, S., Sârbu, C., Suri, N., Murphy, B.: The impact of fault models on software robustness evaluations. In: Proceedings of International Conference on Software Engineering (ICSE), pp. 51–60 (2011)
Acknowledgments
Research supported in part by grants NECS GA# 675320 and CIPSEC GA# 700378.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Manzoor, S., Vateva-Gurova, T., Trapero, R., Suri, N. (2019). Threat Modeling the Cloud: An Ontology Based Approach. In: Fournaris, A., Lampropoulos, K., Marín Tordera, E. (eds) Information and Operational Technology Security Systems. IOSec 2018. Lecture Notes in Computer Science(), vol 11398. Springer, Cham. https://doi.org/10.1007/978-3-030-12085-6_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-12085-6_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12084-9
Online ISBN: 978-3-030-12085-6
eBook Packages: Computer ScienceComputer Science (R0)