• home
• current students
• graduate
• events

Presenter: Fahad Alruwaili
Supervisor: Prof. Aaron Gulliver

Date: Fri, July 17, 2015
Time: 13:00:00 - 00:00:00
Place: EOW 430

ABSTRACT

Summary:

The management of information security operations is an arduous task, especially in a cloud computing environment. The cloud service layers and multi-tenancy architecture create a complex environment in which to develop and manage an information security incident management and compliance program. This work presents a novel security operations center framework as a service (SOCaaS) for cloud service providers and customers. The goal is to protect cloud services against new and existing attacks as well as comply with security policies and regulatory requirements. The SOCaaS design is based on multi-governance and defence in depth models that fits within the multi-tenancy cloud services. A SOCaaS provider is a trusted entity that collects event and system logs from cloud systems to ensure proactive incident management and compliance with regulations. The proposed approach provides better managed services for customers wanting to outsource their information security operations to attain reliable, transparent, and efficient security and privacy. To complement the proposed SOCaaS framework, a secure service level agreement (SecSLA) framework is proposed to proactively detect violations and monitor compliance with contractual SecSLA parameters via the supporting SOCaaS system.