Mohamed Almorsy scite author profile

Multi-tenancy helps service providers to save costs, improve resource utilization, and reduce service customization and maintenance time by sharing of resources and services. On the other hand, supporting multi-tenancy adds more complexity to the shared application's required capabilities. Security is a key requirement that must be addressed when engineering new SaaS applications or when re-engineering existing applications to support multi-tenancy. Traditional security (re)engineering approaches do not fit with the multitenancy application model where tenants and their security requirements emerge after the system was first developed. Enabling, runtime, adaptable and tenant-oriented application security customization on single service instance is a key challenging security goal in multi-tenant application engineering. In this paper we introduce TOSSMA, a Tenant-Oriented SaaS Security Management Architecture. TOSSMA allows service providers to enable their tenants in defining, customizing and enforcing their security requirements without having to go back to application developers for maintenance or security customizations. TOSSMA supports security management for both new and existing systems. Service providers are not required to write security integration code to use a specific security platform or mechanism. In this paper, we describe details of our approach and architecture, our prototype implementation of TOSSMA, give a usage example of securing a multi-tenant SaaS, and discuss our evaluation experiments of TOSSMA.

show abstract

VAM-aaS: Online Cloud Services Security Vulnerability Analysis and Mitigation-as-a-Service

Almorsy

Grundy

Ibrahim

2012

View full text Add to dashboard Cite

Cloud computing introduces a new paradigm shift in service delivery models. However, the potential benefits reaped from the adoption of this model are threatened by public accessibility of the cloud-hosted services and sharing of resources. This increases the possibility of malicious service attacks. Existing cloud platforms do not provide a means to validate the security of offered cloud services. Moreover, the public accessibility of cloud services increases the potential for exploitation of newly discovered vulnerabilities that usually take a long time to discover and to mitigate. We introduce VAM-aaS, Vulnerability Analysis and Mitigation as-a-service, as a novel, integrated, and online cloudbased security vulnerability analysis and mitigation service. VAM-aaS performs online service analysis to pinpoint new vulnerabilities and weaknesses. It then uses this information to generate security control configuration scripts to block these discovered security holes at runtime. Our approach is based on a new vulnerability signature and mitigation-actions specification approach. We introduce our approach, describe key implementation details, and describe an evaluation of our prototype on a set of .NET benchmark applications.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Mohamed Almorsy

CloudSec: A security monitoring appliance for Virtual Machines in the IaaS cloud model

Automated software architecture security risk analysis using formalized signatures

Adaptable, model-driven security engineering for SaaS cloud-based applications

TOSSMA: A Tenant-Oriented SaaS Security Management Architecture

VAM-aaS: Online Cloud Services Security Vulnerability Analysis and Mitigation-as-a-Service

Contact Info

Product

Resources

About