Security Incident Information Exchange for Cloud Services
The complex provider landscape in cloud computing makes incident handling difficult, as Cloud Service Providers (CSPs) with end-user customers do not necessarily get sufficient information about incidents that occur at upstream CSPs. In this paper, we argue the need for commonly agreed-upon incident information exchanges between providers as a means to improve accountability of CSPs. The discussion considers several technical challenges and non-technical aspects related to improving the situation for incident response in cloud computing scenarios. In addition, we propose a technical implementation which can embed standard representation formats for incidents in notification messages, built over a publish-subscribe architecture, and a web-based dashboard for handling the incident workflow.
Christian Frøystad, Erlend Andreas Gjære, Inger Anne Tøndel, Martin Gilje Jaatun, "Security Incident Information Exchange for Cloud Services", IoTBD 2016 proceedings, April, 2016, Rome, Italy, DOI: 10.5220/0005953803910398.