The service-based paradigm is enabling new models of software provisioning based on cloud architectures. An increasing number of organizations are either providing their software as a service or acting as enablers by providing platforms on which service providers can offer their services. However the security of service implementations and of the underlying cloud architectures are often opaque to the service consumers. Accordingly, users are often reluctant to fully exploit this model, especially in the case of previously unknown providers. To close this gap, the concept of machine-readable security certificates (called asserts) has been recently introduced, which paves the way to automated processing about security properties of services. Similarly to current security certification schemes, the assessment of the security properties of a service is delegated to an independent third party (certification authority), who issues a corresponding assert, bound to the service. In this talk, we present this new approach, outlining the trust model behind, and presenting an architecture that supports the discovery of single services based on certified security properties (in additional to the usual functional properties.
Short-Bio: Dr. Michele Bezzi is Research Manager at SAP Research Center Sophia Antipolis in the Trust and security Research Area. He has been responsible for SAP research in privacy and trust within the FP7 European projects Primelife and TAS3, and he is currently the project coordinator of EU project Assert4SOA on security certification and principal investigator in Effects+ coordination action. He received his Master Degree in Physics from the University of Florence in 1994 and his Ph.D. in Physics from the University of Bologna in 1998. He has 10+ years experience in industrial research. He has published in various research areas: neural networks, evolutionary models, complex systems, pervasive computing, security and privacy