MOBSTECO - Model-Based Security Testing of Clouds

In recent years Cloud computing became one of the most successful computing paradigms. It changed the way we consume IT by unlocking novel uses of software and hardware resulting in a growing rate of outsourcing IT by hardware and software infrastructures. However, as a recent study of the Ponemon Institute from 2011 shows, security is still a requirement neglected most of the time. This is also confirmed by a 2013 Cloud Security Alliance report, listing the top nine threats to Cloud computing, among them well-known threats like data breaches, account hijacking or insecure application interfaces. This variety of threats results from Cloud computing`s openness and diversity of usage. Thus, security is a core requirement to Cloud services. Besides, assuring the security of a Cloud computing environment is not a onetime task, it is a task to be performed during the complete lifespan of the Cloud. This is motivated by the fact that Clouds undergo daily changes in terms of newly deployed applications and offered services. Tracking such changes at a central point is crucial for assuring security. This tracking of changes is essential for the involved parties, i.e. service providers and service consumers, to accurately test either their cloud infrastructure in case of service providers or their process integration in case of service consumers. Model-based approaches are particularly promising as they are capable of involving different technologies and a high degree of evolution. However, so far, this potential has not been unlocked. Additionally, at the time, due to unspecified negative security requirements of Cloud applications, properly evaluating its security is a precarious task. The core goal of MOBSTECO is to develop a novel security testing method for cloud deployments, applicable to both, cloud customers and cloud service providers. Our approach will be model based to provide as much independence from frequently changing technologies and to support continuous testing. In using models, we also define a central point, where all information concerning the Cloud Under Test coalesces. In addition, MOBSTECO will be risk and knowledge based to address the problem of negative requirements testing. The approach will incorporate automated risk analysis based on a scalable vulnerability knowledge base to prioritize tests and model analysis to guarantee high-quality test models by tool supported reviewing and checking techniques. The high-level system and security models will be transformed into an executable test model that is directly executed and annotated with test results. For generating effective test data we plan to use a custom fuzzer, supporting the generation of different kinds of test data, depending on specific attacks executed within a negative test. MOBSTECO will deliver a generic and systematic risk-driven model-based security testing approach for cloud- based applications configurable via fuzzing and a vulnerability knowledge base employing logic programming.

In recent years Cloud computing became one of the most successful computing paradigms. It changed the way we consume IT by unlocking novel uses of software and hardware resulting in a growing rate of outsourcing IT by hardware and software infrastructures. However, as a recent study of the Ponemon Institute shows, security is still a requirement neglected most of the time. This is also confirmed by the Cloud Security Alliance report, listing the top nine threats to Cloud computing, among them well-known threats like data breaches, account hijacking or insecure application interfaces. This variety of threats results from Cloud computings openness and diversity of usage. Thus, security is a core requirement to Cloud services. Besides, assuring the security of a Cloud computing environment is not a onetime task, it is a task to be performed during the complete lifespan of the Cloud. This is motivated by the fact that Clouds undergo daily changes in terms of newly deployed applications and offered services. Tracking such changes at a central point is crucial for assuring security. This tracking of changes is essential for the involved parties, i.e. service providers and service consumers, to accurately test either their cloud infrastructure in case of service providers or their process integration in case of service consumers. Model- based approaches are particularly promising as they are capable of involving different technologies and a high degree of evolution. However, so far, this potential has not been unlocked. Additionally, at the time, due to unspecified negative security requirements of Cloud applications, properly evaluating its security is a precarious task. The core goal of MOBSTECO was to develop a novel security testing method for cloud deployments, applicable to both, cloud customers and cloud service providers. Our approach is model based to provide as much independence from frequently changing technologies and to support continuous testing. In using models, we also define a central point, where all information concerning the Cloud Under Test coalesces. In addition, MOBSTECO is risk and knowledge based to address the problem of negative requirements testing. The approach incorporates automated risk analysis based on a scalable vulnerability knowledge base to prioritize tests and model analysis to guarantee high-quality test models by tool supported reviewing and checking techniques. The high-level system and security models are transformed into an executable test model that is directly executed and annotated with test results. For generating effective test data we use a custom fuzzer, supporting the generation of different kinds of test data, depending on specific attacks executed within a negative test. MOBSTECO delivers a generic and systematic risk-driven model-based security testing approach for cloud-based applications configurable via fuzzing and a vulnerability knowledge base employing logic programming.