CfP: The 2nd Int. Workshop on Dependability of Clouds, Data Centers and Virtual Machine Tech (DCDV 2012)

2012/01/29 by Leave a Comment Print This Post Print This Post

I’ll participate in the Program Committee of DCDV 2012. Topics of particular interest include, but are not limited to:

  • Architecture and design of clouds and data centers for dependability
  • Faults, failure diagnosis, and recovery issues in clouds and data centers
  • Dependability challenges and solutions for cloud users and cloud providers
  • Dependability and security of virtual machine and multicore technology
  • Dependability metrics, analysis, and evaluation for clouds and data centers
  • Assured services, protocols and standards for clouds
  • Dependability benchmarking and measurements in clouds and data centers
  • Security and privacy issues in clouds and data centers
  • Sustainability issues and energy management in clouds/data centers
  • Trust, policy management and regulatory compliance issues

IMPORTANT DATES

  • Paper submission: Mar. 15, 2012
  • Acceptance notification: Apr. 15, 2012
  • Camera-ready version: May. 01, 2012
  • Workshop: June 25, 2012

The full Call for Papers can be found at http://www.cse.ust.hk/DCDV2012/cfp.html

Filed under Conferences Tagged with , ,

Paper at ESORICS 2011: Automated Information Flow Analysis of Virtualized Infrastructures

2011/05/22 by Leave a Comment Print This Post Print This Post

Today, we received an acceptance note for our submission to ESORICS 2011:

Sören Bleikertz, Thomas Gross, Matthias Schunter, Konrad Eriksson: Automated Information Flow Analysis of Virtualized Infrastructures, European Symposium on Research in Computer Security (ESORICS 2011)

You can download the paper (PDF)

Abstract
The use of server virtualization has been growing steadily, but many enterprises are still reluctant to migrate critical workloads to such infrastructures. One key inhibitor is the complexity of correctly configuring virtualized cloud infrastructures, and in particular, of isolating workloads or subscribers across all potentially shared physical and virtual resources. Imagine analyzing systems with half a dozen virtualization platforms, thousands of virtual machines and hundreds of thousands of inter-resource connections by hand: large topologies demand tool support.
We study the automated information flow analysis of heterogeneous virtualized infrastructures. We propose an analysis system that performs a static information
flow analysis based on graph traversal. The system discovers the actual configurations of diverse virtualization environments and unifies them in a graph representation. It computes the transitive closure of information flow and isolation rules over the graph and diagnoses isolation breaches from that. The system effectively reduces the analysis complexity for humans from checking the entire infrastructure, to checking a few well-designed trust rules on components’ information flow.

Graph for Mid-size Cloud

Case Study: Graph-based Model for mid-size Cloud

Read more of this post

Filed under Publications Tagged with , , ,

CCSW 2011: The ACM Cloud Computing Security Workshop (Program Committee)

2011/05/16 by Leave a Comment Print This Post Print This Post

I’ll participate in the Program Committee of the ACM Cloud Computing Security Workshop. . Please consider submitting your latest research on cloud security.

Important Dates:

  • Submissions: July 1, 2011July 16, 2011
  • Author notification: August 4, 2010

Filed under Conferences Tagged with , , ,

2011-06-09 Invited Presentation at the 2011 Conference of the Swiss Telecommunications Association (ASUT)

2011/05/01 by Leave a Comment Print This Post Print This Post

The Swiss Telecommunications Association is a non-profit organisation that represents users and providers of telecommunication. All major Swiss telcos are members:

I gave a presentation on cloud security at the 2011 ASUT Seminar that will be held on June 09 at the Kursaal in Berne. The ASUT Seminar constitutes the #1 event for the telco industry in Switzerland.

The program can be found here, abstract here.

Enclosed you find a report about the event (in German) that has been broadcasted by the SF Tagesschau.
Tagesschau vom 09.06.2011

Read more of this post

Filed under Presentations Tagged with , , ,

2011-04-13: Keynote on “Cloud Computing – Sicherheitsrisiko oder Chance?” (in German)

2011/03/15 by Leave a Comment Print This Post Print This Post

I’m honored to give a keynote on “Cloud Computing – Sicherheitsrisiko oder Chance?” at the Eurocloud Swiss conference. See http://www.swisscloudconference.ch for details:

Presentation (PDF)

Zusammenfassung:
Cloud Computing strebt die industrialisierte Produktion von IT Dienstleistungen an. Der Vortrag gibt einen Ãœberblick über die Sicherheit von Cloud Infrastrukturen. Es werden die neuen Cloud Sicherheits-Risiken sowie ausgewählte Ansätze zum Schutz von Cloud Infrastrukturen wie das von der EU gestartete “Trustworthy Cloud Project” vorgestellt.

Filed under Presentations Tagged with , , ,

Co-authored IBM’s Cloud Security Assessment and Roadmap Service Products

2010/10/25 by Leave a Comment Print This Post Print This Post

In 2010, I co-authored two of IBM’s cloud security services products:

  • IBM Cloud Security Assessment aims at assessing the overall security of a cloud run by an enterprise.
  • IBM Cloud Security Roadmap offering develops a cloud security roadmap for a enterprise identifies risks and prioritizes controls for a given enterprise that wants to embark in the cloud.

The products were successfully launched in October 2010 and are now part of IBM’s services portfolio.

You can find more information on IBM Security and IBM Cloud Computing, and IBM Cloud Security.

IBM's Security Framework

Filed under Products Tagged with , ,