
The cloud computing paradigm entails a radical change in IT provisioning, which must be understood and correctly applied especially when security requirements are considered. Security requirements do not cover anymore just the application itself, but involve the whole cloud supply chain from the hosting infrastructure to the final applications. This scenario requires, on one side, new security mechanisms protecting the cloud against misbehaviors/malicious attacks and, on the other side, a continuous and adaptive assurance process evaluating the observed cloud security behavior against the expected one. In this paper, we focus on the evaluation of the security assurance of OpenStack, a major open source cloud infrastructure. We first define a security benchmark for OpenStack, inspired by Center for Internet Security (CIS) benchmark for cloud infrastructures. We then present a platform, called Moon Cloud, for cloud security assurance evaluation, showing an application of our benchmark and platform to the in-production OpenStack deployment of the University of Milan.
| selected citations These citations are derived from selected sources. This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically). | 9 | |
| popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network. | Top 10% | |
| influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically). | Top 10% | |
| impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network. | Average |
