• No se han encontrado resultados

Funciones básicas

In document INSTRUCCIONES DE SEGURIDAD (página 66-73)

Programación de la frecuencia desde el potenciómetro y funcionamiento desde la tecla Run

LED display

9. Funciones básicas

Allodi, L., and Massacci, F. Comparing vulnerability severity and exploits using case-control studies. ACM Transactions

on Information and System Security, 17(1), 2014.

Baset, S. A. Cloud SLAs: Present and future. ACM SIGOPS

Operating Systems Review, 46(2): 57–66, 2012.

Bennani, N., Damiani, E., and Cimato, S. Toward cloud-based key management for outsourced databases. 34th Annual

IEEE Computer Software and Applications Conference Workshop, IEEE, 2010.

Bernsmed, K., et al., Security SLAs for federated cloud ser- vices. 6th International Conference on Availability,

Reliability and Security (ARES), IEEE, 2011.

Brender, N., and Markov, I. Risk perception and risk manage- ment in cloud computing: Results from a case study of Swiss companies. International Journal of Information

Management, 33: 726–733, 2013.

Carlson, F. R. Security analysis of cloud computing. arXiv

Preprint, arXiv:1404.6849, 2014.

Carroll, M., Van Der Merwe, A., and Kotze, P. Secure cloud computing: Benefits, risks and controls. Information

Security South Africa (ISSA), IEEE, 2011.

Catteddu, D., and Hogben, G. Cloud computing—Benefits, risks

and recommendations for information security. European

Network and Information Security Agency (ENISA), 2009. Claycomb, W. R., and Nicoll, A. Insider threats to cloud

computing: Directions for new research challenges.

Proceedings of the 36th Annual Computer Software and Applications Conference (COMPSAC), IEEE, 2012.

Cramer, R., Damgård, I., and Nielsen, J. B. Multiparty com-

putation from threshold homomorphic encryption.

Springer, Berlin, 2001.

Damiani, E., Cimato, S., and Gianini, G. A risk model for cloud processes. The ISC International Journal of

Information Security, 6(2): 99–123, 2015.

Dimension Data. Comparing public cloud service level

agreements. White paper, 2013. Available at: http://

cloud.dimensiondata.com/sites/default/files/ comparing_ public_cloud_service_level_agreements_0_0.pdf (Retrieved July 24, 2015).

Djemame, K., Armstrong, D., and Macias, M. A risk assessment framework for cloud computing. IEEE

Transactions on Cloud Computing, PP(1): 1, 2013.

Eiram, C., and Martin, B. The CVSSv2 shortcomings, faults,

and failures formulation—An open letter to FIRST,

2015. Available at: https://www.riskbasedsecurity.com/ reports/CVSS-ShortcomingsFaultsandFailures.pdf (Retrieved July 25, 2015).

Freund, J., and Jones, J. Measuring and managing information

risk: A FAIR approach. Heinemann, Butterworth, 2014.

Gentry, C. Fully homomorphic encryption using ideal lat- tices. STOC, Vol. 9, 2009.

Grobauer, B., Walloschek, T., and Stöcker, E. Understanding cloud computing vulnerabilities. IEEE Security &

Privacy, 9(2): 50–57, 2011.

Hale, M. L., and Gamble, R. SecAgreement: Advancing security risk calculations in cloud services. 8th World

Congress on Services (SERVICES), IEEE, 2012.

Hogben, G., and Dekker, M. Procure secure. A guide to

monitoring of security service levels in cloud contracts.

Technical report, European Network and Information Security Agency (ENISA), 2012.

Houmb, S. H., Franqueira, V. N. L., and Engum, E. A. Quantifying security risk level from CVSS estimates of frequency and impact. Journal of Systems and Software, 83(9): 1622–1634, 2010.

Infosecurity. Spamhaus suffers largest DDoS attack in history—

Entire internet affected. 2013. Available at: http://www.

infosecurity-magazine.com/news/spamhaus- suffers- largest-ddos-attack-in-history/ (Retrieved July 15, 2015). ISO/IEC. ISO/IEC 27001:2005 Information technology—Security

techniques—Specification for an Information Security Management System. ISO/IEC, Switzerland, 2005.

ISO/IEC. ISO/IEC 27000:2009 Information technology—Security

techniques—Information security management systems— Overview and vocabulary. ISO/IEC, Switzerland, 2009.

ISO/IEC. ISO/IEC 27001:2013 Information technology—Security

techniques—Specification for an Information Security Management System. ISO/IEC, Switzerland, 2013.

ISO/FDIS. ISO/FDIS 31000:2009 Risk management—

Principles and guidelines on implementation. ISO/FDIS,

Switzerland, 2009.

Janeczko, J. Risk analysis framework for a cloud specific

environment. White paper, Atos, 2015. Available at:

https://atos.net/content/dam/global/we-do/atos-cloud- risk-analysis-white-paper.pdf (Retrieved July 14, 2015).

Jansen, W., and Grance, T. Guidelines on security and prac-

tice in public cloud computing. NIST Special Publication

800-144, NIST, 2011.

Joint Task Force Transformation Initiative. Managing infor-

mation security risk: Organization, mission, and infor- mation system view. NIST Special Publication 800-39,

Joint Task Force Transformation Initiative, 2011. Joint Task Force Transformation Initiative. Guide for con-

ducting risk assessments. Revision 1, NIST Special

Publication 800-30, Joint Task Force Transformation Initiative, 2012.

Kahneman, D., and Tversky, A. Prospect theory: An analy- sis of decision under risk. Econometrica, 47(2): 263–291, 1979.

Kaliski, B. S. Jr., and Pauley, W. Toward risk assessment as a service in cloud environments. Proceedings of the 2nd

USENIX Conference on Hot Topics in Cloud Computing,

USENIX Association, 2010.

Keller, R., and König, C. A reference model to support risk identification in cloud networks. 35th International

Conference on Information Systems (ICIS), New Zealand,

2014.

Knight, F. H. Risk, uncertainty and profit. Hart, Schaffner and Marx, New York, 1921.

Liquid Motors, Inc. v. Allyn Lynd and United States of America.

Dallas Division, U.S. District Court for the Northern District of Texas, 2009.

López-Alt, A., Tromer, E., and Vaikuntanathan, V. On-the- fly multiparty computation on the cloud via multikey fully homomorphic encryption. Proceedings of the

44th annual ACM symposium on Theory of computing,

ACM, 2012.

Mell, P. M., Scarfone, K. A., and Romanosky, S. A complete

guide to the common vulnerability scoring system version 2.0, FIRST, 2007.

Mell, P., and Grance, T. The NIST definition of cloud comput-

ing. NIST Special Publication 800-145, NIST, 2011.

Moen, R., and Norman C. Evolution of the PDCA cycle. 2006. Available at: http://pkpinc.com/files/NA01Moen NormanFullpaper.pdf (Retrieved July 23, 2015).

Moore, A. P., Capelli, D. M., Caron, T. C., Shaw, E., Spooner, D., and Trzeciak, R. F. A preliminary model of insider theft of intellectual property. Journal of Wireless Mobile

Networks, Ubiquitous Computing, and Dependable Applications, 2(1): 28–49, 2011.

National Vulnerability Database. NVD common vulner-

ability scoring system support v2. National Institute of

Standards and Technology. Available at: https://nvd. nist.gov/cvss.cfm (Retrieved July 25, 2015).

OWASP. Top 10 2013, 2015. Available at: https://www.owasp. org/index.php/Top_10_2013-Top_10 (Retrieved July 14, 2015).

Pannetrat, A., Hogben, G., Katopodis, S., Spanoudakis,  G., and Cazorla, C. S. D2.1: Security-aware SLA specifica-

tion language and cloud security dependency model.

Technical report, Certification Infrastructure for Multi- Layer Cloud Services (CUMULUS), 2013.

Petcu, D., and Craciun, C. Towards a security SLA-based cloud monitoring service. 4th International Conference on

Cloud Computing and Services Science (CLOSER), 2014.

Ristenpart, T., Tromer, E., Shacham, H., and Savage, S. Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. Proceedings of the 16th

ACM Conference on Computer and Communications Security, 2009.

Rong, C., Nguyen, S. T., and Gilje Jaatun, M. Beyond lightning: A survey on security challenges in cloud computing.

Computers & Electrical Engineering, 39(1): 47–54, 2013.

Rothke, B. How to get CVSS right. CSO Online, 2015. Available at: http://www.csoonline.com/article/2910312/ application-security/how-to-get-cvss-right.html (Retrieved July 25, 2015).

Ryan, M. D. Cloud computing security: The scientific chal- lenge, and a survey of solutions. Journal of Systems and

Software, 86(9): 2263–2268, 2013.

Saripalli, P., and Walters, B. QUIRC: A quantitative impact and risk assessment framework for cloud security.

3rd International Conference on Cloud Computing (CLOUD), IEEE, 2010.

Stoneburner, G., Goguen A. Y., and Feringa, A. Risk manage-

ment guide for information technology systems. NIST

Special Publication 800-30, NIST, 2002.

Stone, G., and Noel, P. Cloud risk decision framework. Microsoft. Available at: http://download.microsoft. com/documents/australia/enterprise/SMIC1545_PDF_ v7_pdf.pdf (Retrieved July 23, 2015).

The Open Group. Risk taxonomy. Technical Standard, UK, 2009.

Theoharidou, M., Papanikolaou, N., Pearson, S., and Gritzalis, D. Privacy risk, security, accountability in the cloud.

5th International Conference on Cloud Computing Technology and Science (CloudCom), IEEE, 2013.

Von Neumann, J., and Morgenstern, O. Theory of games and

economic behavior. Princeton University Press, 2007.

Yanpei, C., Paxson, V., and Katz, R. H. What’s new about

cloud computing security. Report No. UCB/EECS-2010-

5, University of California, Berkeley, CA, 2010.

REFERENCES

1. Forbes. Cloud computing adoption continues accelerat- ing in the enterprise. Available at: http://www.forbes. com/sites/louiscolumbus/2014/11/22/cloud-computing- adoption-continues-accelerating-in-the-enterprise/

2. Code42 CrashPlan. Available at: http://www.code42. com/crashplan/

3. Knight, F. H. Risk, uncertainty and profit. Courier Corporation, 2012.

4. Zhang, Y., Juels, A., Oprea, A., and Reiter, M. K. Homealone: Co-residency detection in the cloud via side-channel analysis. 2011 IEEE Symposium on

Security and Privacy (SP), IEEE, 2011.

5. Kim, T., Peinado M., and Mainar-Ruiz G. STEALTHMEM: System-level protection against cache-based side channel attacks in the cloud. USENIX

Security Symposium, 2012.

6. Raj, H., Nathuji, R., Singh, A., and England, P. Resource management for isolation enhanced cloud services.

Proceedings of the 2009 ACM Workshop on Cloud Computing Security, ACM, 2009.

7. Cito, J., Leitner, P., Fritz, T., and Gall, H. C. The mak- ing of cloud applications: an empirical study on software development for the cloud. arXiv Preprint arXiv:1409.6502, 2014.

8. Keahey, K., Figueiredo, R., Fortes, J., Freeman, T., and Tsugawa M. Science clouds: Early experiences in cloud computing for scientific applications. Cloud Computing

and Applications, pp. 825–830, 2008.

9. Barker, A., et al. Academic cloud computing research: Five  pitfalls and five opportunities. 6th USENIX

Workshop on Hot Topics in Cloud Computing, 2014.

10. Weins, K. Cloud computing trends: 2015 State of the Cloud Survey. Available at: http://www. rightscale.com/blog/cloud-industr y-insights/ cloud-computing-trends-2015-state-cloud-survey

11. Clarke, R. Computing clouds on the horizon? Benefits and risks from the user’s perspective. 23rd Bled eConfer-

13

In document INSTRUCCIONES DE SEGURIDAD (página 66-73)

Documento similar