Evidence-Based Security Configurations for Cloud Datastores
| Title | Evidence-Based Security Configurations for Cloud Datastores |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Pallas, Frank, Bermbach, David, Müller, Steffen, Tai, Stefan |
| Conference Name | Proceedings of the Symposium on Applied Computing |
| Date Published | April 2017 |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4486-9 |
| Keywords | cloud storage, composability, data in transit security, Human Behavior, Metrics, performance benchmarking, pubcrawl, relational database security, resilience, Resiliency, security configurations, Trade-Offs |
| Abstract | Cloud systems offer a diversity of security mechanisms with potentially complex configuration options. So far, security engineering has focused on achievable security levels, but not on the costs associated with a specific security mechanism and its configuration. Through a series of experiments with a variety of cloud datastores conducted over the last years, we gained substantial knowledge on how one desired quality like security can have a significant impact on other system qualities like performance. In this paper, we report on select findings related to security-performance trade-offs for three prominent cloud datastores, focusing on data in transit encryption, and propose a simple, structured approach for making trade-off decisions based on factual evidence gained through experimentation. Our approach allows to rationally reason about security trade-offs. |
| URL | https://dl.acm.org/doi/10.1145/3019612.3019654 |
| DOI | 10.1145/3019612.3019654 |
| Citation Key | pallas_evidence-based_2017 |