6,715 Hits in 5.6 sec

A Machine-Checked Proof of Security for AWS Key Management Service

José Bacelar Almeida, Serdar Tasiran, Manuel Barbosa, Gilles Barthe, Matthew Campagna, Ernie Cohen, Benjamin Gregoire, Vitor Pereira, Bernardo Portela, Pierre-Yves Strub
2019 Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS '19  
We present a machine-checked proof of security for the domain management protocol of Amazon Web Services' KMS (Key Management Service) a critical security service used throughout AWS and by AWS customers  ...  Domain management is at the core of AWS KMS; it governs the top-level keys that anchor the security of encryption services at AWS.  ...  For this reason, our machine-checked proof is actually carried out in a stronger security model.  ... 
doi:10.1145/3319535.3354228 dblp:conf/ccs/AlmeidaBBCCGPPS19 fatcat:wtlzcshvo5cshof74xr4lg5g4a

Code‐level model checking in the software development workflow at Amazon Web Services

Nathan Chong, Byron Cook, Jonathan Eidelman, Konstantinos Kallas, Kareem Khazem, Felipe R. Monteiro, Daniel Schwartz‐Narbonne, Serdar Tasiran, Michael Tautschnig, Mark R. Tuttle
2021 Software, Practice & Experience  
This article describes a style of applying symbolic model checking developed over the course of four years at Amazon Web Services (AWS).  ...  As part of this effort, we have developed a CI system that allows integration of the proofs into standard development workflows and extended the proof tools to provide better feedback to users.  ...  CONCLUSIONS AND FUTURE WORK We have described a proof development style that embeds the proof creation and maintenance process in the software development cycle to deeply engage software developers and  ... 
doi:10.1002/spe.2949 fatcat:3sirdpatwbdxvkard4fghvs3l4

Security for Devops Deployment Processes: Defenses, Risks, Research Directions

Norman Wilde, Brian Eddy, Khyati Patel, Nathan Cooper, Valeria Gamboa, Bhavyansh Mishra, Keenal Shah
2016 International Journal of Software Engineering & Applications  
In this paper we examine the security implications of two of the key DevOps practices, automation of the deployment pipeline using a deployment toolchain and infrastructure-as-code to specify the environment  ...  When code is checked in by a developer, a series of steps take place with little or no manual intervention.  ...  "Amazon AWS", "EC2", "CloudFormation", "CodeDeploy" and "S3" are trademarks of, Inc. or its affiliates in the United States and/or other countries.  ... 
doi:10.5121/ijsea.2016.7601 fatcat:u3ayin7nl5chbpg5m6i54cg65q

Implementation of a secure genome sequence search platform on public cloud-leveraging open source solutions

Vikas Saxena, Shyam Doddavula, Akansha Jain
2012 Journal of Cloud Computing: Advances, Systems and Applications  
Cloud computing has proven to be scalable and capable of meeting the computation needs in life sciences domain but a key inhibitor has been security concerns.  ...  This paper is an extension of an earlier paper we had written that describes how to leverage a public cloud to build a scalable genome sequence search platform to enable secure collaboration among multiple  ...  Acknowledgment Authors would like to thank the Pistoia Alliance Sequence Service team members -Simon, Claude, Ralf, Cary, John, and Nick for their help while defining the solution.  ... 
doi:10.1186/2192-113x-1-14 fatcat:ctavsgtmrrh7fi5ug3xsf357i4

Implementation of a Secure Genome Sequence Search Platform on Public Cloud: Leveraging Open Source Solutions

Shyam Kumar Doddavula, Vikas Saxena
2011 2011 IEEE Third International Conference on Cloud Computing Technology and Science  
Cloud computing has proven to be scalable and capable of meeting the computation needs in life sciences domain but a key inhibitor has been security concerns.  ...  This paper is an extension of an earlier paper we had written that describes how to leverage a public cloud to build a scalable genome sequence search platform to enable secure collaboration among multiple  ...  Acknowledgment Authors would like to thank the Pistoia Alliance Sequence Service team members -Simon, Claude, Ralf, Cary, John, and Nick for their help while defining the solution.  ... 
doi:10.1109/cloudcom.2011.36 dblp:conf/cloudcom/DoddavulaS11 fatcat:nrbh427dvbc4df3spnpgpliile

Attribute-Based Access Control for AWS Internet of Things and Secure Industries of the Future

Smriti Bhatt, Thanh Kim Pham, Maanak Gupta, James Benson, Jaehong Park, Ravi Sandhu
2021 IEEE Access  
These keys represent the Machine Group and Employee Group and allow to check whether a machine is sending its state or a smart watch of a factory worker is sending messages.  ...  Services refer to AWS cloud services. Object Types represent a specific type of an object in a cloud service, such as virtual machines in EC2 service.  ...  FIGURE 11: External Services Authorizing Sequences C. PERFORMANCE EVALUATION We now present the performance evaluation and results of our proof-of-concept implementation.  ... 
doi:10.1109/access.2021.3101218 fatcat:nr2hm7ldlnf6dorgn544sg2s6m

Cluster as a Service (CaaS) in Secure Deduplication System

A.Kumari savitha sree, R.Nalla Kumar, X. Alphonseinbaraj
2015 International Journal of Computer Applications Technology and Research  
generation , moreover one of additional cloud storage service such that Cluster as a Service (CaaS) can make secure deduplication possible and reduced cloud storage space.With out key generation ,attribute  ...  of clients ,support for human users is minimal .To provide better security ,this paper makes the first attempt to formally address the problem of authentication ,integrity and availability.By using Tag  ...  It encrypt and decrypts a data copy with convergent key and further to avoid unauthorized entry in system, a secure proof of ownership [5] is also needed to provide the proof that the user indeed owns  ... 
doi:10.7753/ijcatr0401.1004 fatcat:4vn576owxvacvoxucf6jbisagi

Cybersecurity in the AWS Cloud [article]

Michael Soltys
2020 arXiv   pre-print
More precisely, we review the core concepts of Cybersecurity, as presented in a senior undergraduate or graduate class, in light of the Amazon Web Services (AWS) cloud.  ...  This paper re-examines the content of a standard advanced course in Cybersecurity from the perspective of Cloud Computing.  ...  ., public key) algorithms. AWS has tools for managing both keys and certificates: the Key Management Service (KMS) manages keys for both symmetric and asymmetric encryption [25] .  ... 
arXiv:2003.12905v1 fatcat:ewxjtg2j2bfuhfapsbfjuhgkqi

Detecting Malware Infection on Infrastructure Hosted in Iaas Cloud using Cloud Visibility and Forensics

Lama Almadhoor, A. A. bd El-Aziz, Hedi Hamdi
2021 International Journal of Advanced Computer Science and Applications  
security for granted.  ...  Keywords-Malware attacks; infrastructure as a service (IaaS); amazon web services (AWS); malware detection; cloud forensics; visibility (  ...  the system as shown in Fig. 16 . e) Performing Anti-Virus checks 1) Find any security software installed: Most cloud providers provide a mechanism for central management of VMs' systems deployed on the  ... 
doi:10.14569/ijacsa.2021.01206106 fatcat:qax2cwnuzfckriaypux6rs6r2y

Design of Security Technique through Secure Logging for Cloud Forensics

2019 International Journal of Engineering and Advanced Technology  
Ensuring the reliability and integrity of logs is crucial. Most existing solutions for secure logging are designed for traditional systems rather than the complexity of a cloud environment.  ...  This PPL helps in the verification process of changed logs by CSP the actual implementation of this application on AWS Infrastructure as a service ( IAAS ) cloud shows real-time use of this structure  ...  Results are verified on AWS IAAS Service by creating two instances one using Elastic beanstalk for deploying the application and another using AWS RDS (Relational Database Service).SQL workbench is connected  ... 
doi:10.35940/ijeat.f9312.088619 fatcat:hlvwvd6hyjhtjfzlvh7qv7rydi

Continuous Formal Verification of Amazon s2n [chapter]

Andrey Chudnov, Nathan Collins, Byron Cook, Joey Dodds, Brian Huffman, Colm MacCárthaigh, Stephen Magill, Eric Mertens, Eric Mullen, Serdar Tasiran, Aaron Tomb, Eddy Westbrook
2018 Lecture Notes in Computer Science  
A key aspect of this proof infrastructure is continuous checking, to ensure that properties remain proved during the lifetime of the software.  ...  We describe formal verification of s2n, the open source TLS implementation used in numerous Amazon services.  ...  In this case study we have described the development and operation in practice of a continuously checked proof ensuring key properties of the TLS implementation used by many Amazon and AWS services.  ... 
doi:10.1007/978-3-319-96142-2_26 fatcat:tefiqbkw7rdj7b23utmxg2uwia

Biomedical Cloud Computing With Amazon Web Services

Vincent A. Fusaro, Prasad Patil, Erik Gafni, Dennis P. Wall, Peter J. Tonellato, Fran Lewitter
2011 PLoS Computational Biology  
Second, we follow our best practices and create a new security group and key pair for the cluster.  ...  Access an Instance Using a Secure Connection For security of data and encryption of data transfers, it is imperative that access to an instance is via a secure protocol such as Secure Shell (ssh) or Secure  ... 
doi:10.1371/journal.pcbi.1002147 pmid:21901085 pmcid:PMC3161908 fatcat:zu34vjbq4vewripkp4dzws2ybq

All your clouds are belong to us

Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, Luigi Lo Iacono
2011 Proceedings of the 3rd ACM workshop on Cloud computing security workshop - CCSW '11  
In this paper, we provide a security analysis pertaining to the control interfaces of a large Public Cloud (Amazon) and a widely used Private Cloud software (Eucalyptus).  ...  As a follow up to those discoveries, we additionally describe the countermeasures against these attacks, as well as introduce a novel "black box" analysis methodology for public Cloud interfaces.  ...  Acknowledgement We would like to thank the Amazon and Eucalyptus security staff for their cooperation, and wish to note that throughout the collaboration both teams effectuated an excellent, productive  ... 
doi:10.1145/2046660.2046664 dblp:conf/ccs/SomorovskyHJSGI11 fatcat:ytxh57hokzdpfbs563njgmo4fy

Securing Software as a Service Model of Cloud Computing: Issues and Solutions

Sahoo G, Mehfuz S
2013 International Journal on Cloud Computing Services and Architecture  
It also makes an attempt to describe the security challenges in Software as a Service (SaaS) model of cloud computing and also endeavors to provide future security research directions.  ...  This paper provides an insightful analysis of the existing status on cloud computing security issues based on a detailed survey carried by the author.  ...  In addition, the scheme also provides mutual authentication, identity management, session key establishment, user privacy and security against many popular attacks; however the formal security proofing  ... 
doi:10.5121/ijccsa.2013.3401 fatcat:3qlyvngt5je2rc33iduzcaebou

Development of an Internet-of-Healthcare System Using Blockchain

Suparat Yongjoh, Chakchai So-In, Peerapol Kompunt, Paisarn Muneesawang, Roy I. Morien
2021 IEEE Access  
, with permissions controlled by the Key Management System.  ...  Mobile device apps enable secure direct access to patient data in a central blockchain with download capability to a mobile device, under strict and fully managed access control using Amazon Web Services  ...  In addition, Key Management Service (KMS) from Amazon Web Services (AWS) was used for securing the search through the mobile application.  ... 
doi:10.1109/access.2021.3103443 fatcat:zzxn43fgofgtjfstaylewnuejq
« Previous Showing results 1 — 15 out of 6,715 results