Automated Cloud Service Certification

Abstract

Cloud service certifications (CSC) are good means to establish trust, increase transparency of the cloud market, and allow providers to improve their processes and systems. Several CSCs, such as ‘CSA STAR’, ‘EuroCloud Star Audit’ or ‘TÜV Cloud Security’, have recently evolved. However, cloud services (CSs) are part of an ever-changing environment, resulting from fast technology life cycles and inherent cloud computing characteristics, like on-demand provisioning and entangled supply chains. Hence, such long validity periods may put in doubt the reliability of issued certificates. Conditions and requirements of CSCs may no longer be met throughout these periods, for instance, due to configuration changes or major security incidents. Continuous monitoring and auditing of selected certification criteria (henceforth defined as dynamic certification) is required to assure continuously reliable and secure CSs, and to establish a trustworthy CSC, after the initial certification process is accomplished. Dynamic certification is still in its beginning, literature concerning the usage of (semi) automated methods is scarce, and automated methods have to be evaluated regarding their practical feasibility. To address these research gaps, this thesis aims to answer the question Which automated monitoring and auditing methods can be used in practice to assure ongoing CSC adherence? (RQ 1). To answer this question, this thesis first focuses on the question Which CSC criteria should be continuously monitored and audited? (RQ 2). Moreover, for each CSC criterion an auditing frequency is determined (e.g., monthly or quarterly). After defining a set of CSC criteria appropriate, automated monitoring and auditing methods are identified. In addition, these methods are evaluated regarding their applicability in CS contexts, hence, answering the question Which (semi) automated monitoring and auditing methods exist and are applicable in the context of cloud computing? (RQ 3). Identified methods are discussed with practitioners involved in conducting CSC audits, to ensure applicability in auditing practice, therefore answering the question Which monitoring and auditing methods can be applied in practice? (RQ 4). Based upon these discussions and assessments, design recommendations and guidelines for dynamic CSCs are derived, and a first conceptual model of dynamic CSC is developed to answer the research question What needs to be considered when designing dynamic certifications? (RQ 5). Finally, on the basis of this model of dynamic certification, CSC criteria are mapped to applicable methods, hence, answering the question Which CSC criteria can be monitored and audited by which methods? (RQ 6).