How to establish a security metrics in Software Defined Networks and Cloud Computing?
Industry bodies such as the Cloud Security Alliance, of which Symantec is a member, are helping to achieve these goals, and many security practitioners are volunteering their time and talent. In addition, solutions to protect cloud data keep getting stronger. Symantec O3 enables its partners and customers to embrace the business agility and cost advantages of the cloud. O3 offers a single point of identity and access control, and related policies, for cloud apps for all endpoints. O3 is also easily integrated with existing identity stores, various cloud app authentication and a simple cloud single-sign-on for user. For information security practitioners, an important first step is to establish a baseline that is appropriate for the business to determine what is the new normal for security in cloud computing. Businesses will need to make decisions based on concrete data, and a comprehensive security metrics program can support important planning and decision making, and drive beneficial changes in an organization.
Hi Eduard
I have attached a list of papers you might find useful, both on cloud security metrics and software defined network metrics. Your approach will very much be influenced by the specific needs of the business. You might want to check out our papers on this work, which are included on the lists I have attached.
Regards
Bob
enc
Eduard,
I am also looking at this area. I find that security is like the conversation between Alice (as in Alice in Wonderland) and the Cheshire Cat. I have started to look at this https://attack.mitre.org/wiki/Main_Page - the trouble is that a definitive guide for security depends on the size, shape of the organisation. One size fits all doesn't seem to work so a comprehensive framework which gets reduced down as appropriate seems to work for me. I find anything which comes out of Defence is a good value.
Great question and great answers
Bruce
Hi Eduard,
I wrote a paper related "Inclusion of security requirements in SLA lifecycle management for cloud computing" - link: http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7330161
In this paper you will find references that are working with metrics for cloud, for me the best work on this domais was developed by Darmstad University (Prof. Suri and Prof Luna) - link: http://www1.deeds.informatik.tu-darmstadt.de/External/publications/
Related to metrics in SDN, you can read our paper "Applying Software-defined Networks to Cloud Computing" link: sbrc2015.ufes.br/wp-content/uploads/Ch1.pdf. Based on this paper I think that you can try to identiy the security requirements and metrics.
best
Marco
- Badges
- Science method