Security measurement in service-based computing systems

Author

Chunyan Mu ; Wen Zeng

Author_Institution

Sch. of Comput. Sci., Newcastle Univ., Newcastle upon Tyne, UK

fYear

2012

fDate

17-19 Dec. 2012

Firstpage

1

Lastpage

8

Abstract

We propose a method for quantitative security analysis of service-based computing systems based on probabilistic and information theoretical approaches. We focus on the pattern of the user´s behaviours with the service providers. We build probabilistic models from system observations at various levels of abstraction depending on the confidentiality preserving mechanisms applied by the system. The probabilistic models allow us to quantify a system´s observable behaviours under any given security preserving mechanisms. We present a number of measurements on the confidentiality loss of the computing system. We show how such measurement can be used to determine the degree of protection provided by the computing solution.

Keywords

probability; security of data; service-oriented architecture; confidentiality preserving mechanisms; information theoretical approaches; probabilistic approach; quantitative security analysis; security measurement; security preserving mechanisms; service-based computing systems; Computational modeling; Entropy; Loss measurement; Probabilistic logic; Probability distribution; Random variables; Security; divergence; equivalence; information; measurement; relations; security;

fLanguage

English

Publisher

ieee

Conference_Titel

Service-Oriented Computing and Applications (SOCA), 2012 5th IEEE International Conference on

Conference_Location

Taipei

Print_ISBN

978-1-4673-4773-0

Electronic_ISBN

978-1-4673-4774-7

Type

conf

DOI

10.1109/SOCA.2012.6449459

Filename

6449459