Home      Log In      Contacts      FAQs      INSTICC Portal
 
Special Session
Special Session on
Incident Management in Cloud Computing
 - CloudIM 2016

23 - 25 April, 2016 - Rome, Italy

Within the 6th International Conference on Cloud Computing and Services Science - CLOSER 2016

CO-CHAIRS

Martin Gilje Jaatun
University of Stavanger
Norway
 
Brief Bio
Martin Gilje Jaatun received his Sivilingeniør degree in Telematics from the Norwegian Institute of Technology in 1992, and the Dr.Philos degree from the University of Stavanger in 2015. Dr. Jaatun is a senior scientist at SINTEF ICT, where he has been employed since 2004. His research interests include computer and communications security, software security, information security in critical infrastructures; and he has been involved in cloud security research since 2009. He is co-founder and board member of the Cloud Computing Association, which organizes the annual IEEE CloudCom conference (http://www.cloudcom.org).
Karin Bernsmed
SINTEF ICT
Norway
 
Brief Bio
Karin Bernsmed received her MSc degree from Linköping University in 2003 and her PhD in Telematics from the Norwegian University of Science and Technology (NTNU) in 2007. She worked as a research scientist at Telenor R&I until 2010, after which she joined SINTEF ICT where she is currently heading the information security group. Her research interests include network security and privacy, security in cloud computing, and stochastic modeling and analysis.

SCOPE

Keywords: Incident Detection in the Cloud; Incident Handling in the Cloud; Incident Communication; Monitoring of Services; Cloud Security

Outsourcing computing and storage to the cloud does not eliminate the need for handling of information security incidents. It is not possible to create a computer system that is 100% secure, which implies that if there is someone who sees the value of breaking into your systems, they will eventually succeed – and you must therefore assume that information security incidents will take place in your system.
The handling of incidents in the cloud is difficult because of long provider chains; more than one provider may be involved in in the production of a service, and there is often a large distance (physical and logical) to the provider, and it is consequently difficult to involve the provider when something happens. This also means that you do not necessarily have access to forensics; cloud solutions are often based on multi-tenancy, which means that data from multiple clients could potentially exist on a given infrastructure, and it will not be acceptable to disclose (e.g.) a raw dump from a hard drive in this case. There are also unclear legal restrictions on data originating from one jurisdiction (e.g., Norway) but stored in another (e.g., USA).
With many providers involved in a given service offering, inter-provider collaboration in handling of incidents in the cloud can be a major challenge, but this is a prerequisite for ensuring the accountability of the cloud service providers.

Suggested topics include (but are not limited to):
• Incident detection in the Cloud
• Incident handling in the Cloud
• Communication of incidents along cloud provider chains
• Cloud Forensics
• Logging for cloud incident investigations
• Incident handling for IoT/Cloud convergence

IMPORTANT DATES

Paper Submission: February 10, 2016 (expired)
Authors Notification: February 24, 2016 (expired)
Camera Ready and Registration: March 3, 2016 (expired)

SPECIAL SESSION PROGRAM COMMITTEE

Yuri Demchenko, University of Amsterdam, Netherlands
Christian Frøystad, SINTEF ICT, Norway
Bernd Grobauer, Siemens AG, Germany
David Groep, Nikhef, Netherlands
Geir M. Køien, University of Agder, Norway
Jan Meijer, Uninett, Norway
Nouh Sabri, Cairo University, Egypt
Anderson SANTANA DE OLIVEIRA, SAP Research, France
Thomas Schreck, Siemens CERT, Germany

PAPER SUBMISSION

Prospective authors are invited to submit papers in any of the topics listed above.
Instructions for preparing the manuscript (in Word and Latex formats) are available at: Paper Templates
Please also check the Guidelines.
Papers must be submitted electronically via the web-based submission system using the appropriated button on this page.

PUBLICATIONS

After thorough reviewing by the special session program committee, all accepted papers will be published in a special section of the conference proceedings book - under an ISBN reference and on digital support - and submitted for indexation by Thomson Reuters Conference Proceedings Citation Index (CPCI/ISI), DBLP, EI (Elsevier Engineering Village Index) and Scopus.
SCITEPRESS is a member of CrossRef (http://www.crossref.org/) and every paper is given a DOI (Digital Object Identifier).
All papers presented at the conference venue will be available at the SCITEPRESS Digital Library

SECRETARIAT CONTACTS

CLOSER Special Sessions - CloudIM 2016
e-mail: closer.secretariat@insticc.org
footer