A Journey Into Security Certification: From the Cloud to Artificial Intelligence
Anisetti, Marco, Ardagna, Claudio Agostino, Damiani, Ernesto
相關主題
商品描述
This book, authored by some of the pioneers in the security certification domain, provides a foundational knowledge base for designing and deploying effective security certification schemes for cloud-edge distributed systems. It gives readers unique and essential insight into the history of security certification and its evolution from static to dynamic models. The book helps readers to understand the importance of security certification across distributed system evolution from cloud-based to artificial intelligence-machine learning systems. It covers in full the certification of cloud-based composite services, discussing the role of multi-factor certification. It also emphasizes processes for continuously certifying services across system and context changes, as well as the certification of the deployment environment and development process and their impact on the overall cloud service certification. The book considers and challenges existing security certification schemes for cloud services, discussing issues and gaps when applied to modern systems in the cloud-edge continuum and built on artificial intelligence. Readers will become familiar with the challenges in certifying cloud-edge distributed systems and machine learning-based systems.
This book also provides actionable insight to readers who manage modern security systems. Security controls have grown in size and complexity, requiring reliable and sustainable certification schemes to support varying quality standards and produce compliant products. It covers the logic behind security standards and the evaluation criteria of main certification standards, further discussing the evolution and corresponding certification of distributed systems towards cloud, cloud-edge, and artificial intelligence. The book teaches readers how to build faster, scalable, and more reliable cloud-edge distributed systems and beyond.
商品描述(中文翻譯)
這本書由安全認證領域的一些先驅所撰寫,提供了設計和部署有效的安全認證方案所需的基礎知識,特別針對雲端邊緣分散式系統。它為讀者提供了獨特且重要的見解,介紹了安全認證的歷史及其從靜態模型演變為動態模型的過程。這本書幫助讀者理解安全認證在分散式系統演變過程中的重要性,從雲端基礎設施到人工智慧-機器學習系統。書中全面涵蓋了雲端基礎的複合服務的認證,並討論了多因素認證的角色。它還強調了在系統和環境變化中持續認證服務的過程,以及部署環境和開發過程的認證及其對整體雲端服務認證的影響。這本書考量並挑戰現有的雲端服務安全認證方案,討論了在雲端邊緣連續體及基於人工智慧的現代系統中應用時所面臨的問題和缺口。讀者將熟悉認證雲端邊緣分散式系統和基於機器學習系統的挑戰。
這本書還為管理現代安全系統的讀者提供了可行的見解。安全控制的規模和複雜性不斷增長,這需要可靠且可持續的認證方案來支持不同的質量標準並生產合規的產品。書中涵蓋了安全標準背後的邏輯及主要認證標準的評估標準,進一步討論了分散式系統向雲端、雲端邊緣和人工智慧的演變及相應的認證。這本書教導讀者如何構建更快、可擴展且更可靠的雲端邊緣分散式系統及其他系統。
作者簡介
Marco Anisetti is Full Professor in the Department of Computer Science at the Università degli Studi di Milano. His research interests are in the area of Computational Intelligence and its application to the design and evaluation of complex systems and services. Specifically, he has been investigating innovative solutions for security assurance and software/service certification for modern Edge and AI-assisted systems. In this area, he defined new schemes for continuous and incremental Cloud/Web service security certification based on the distributed assurance evaluation architecture that had percolated in his Moon Cloud spin-off. He is the winner of the 2010 GIRPR award for the best Ph.D. thesis and the 2009 Chester Sall Award from the IEEE Consumer Electronics Society. He is an editorial board member of IEEE Transactions on Cloud Computing, IEEE Transactions on Services Computing, and Future Generation Computer Systems (FGCS) at Elsevier. He has been a program committee member for several international conferences and workshops in the area of distributed systems, service-based architectures, and security. He contributed to a number of EU projects including FP7 ASSET4SOA and FP7 CUMULUS focused on certification of services and H2020 CONCORDIA investigating security assurance for modern systems.
Claudio Agostino Ardagna is a Full Professor in the Department of Computer Science at the Università degli Studi di Milano, Italy, the Director of the CINI National Lab on Data Science, and co-founder of Moon Cloud srl. His research interests are in the areas of distributed systems security and assurance, cloud-edge and AI/ML certification, and data science. He is the winner of the ERCIM (European Research Consortium for Informatics and Mathematics) WG STM 2009 Award for the Best Ph.D. Thesis on Security and Trust Management. He has been an invited professor at the Université Jean Moulin Lyon 3 and a visiting researcher at Beijing University of Posts and Telecommunications, Khalifa University, and George Mason University. He is a member of the Steering Committee for IEEE Transactions on Cloud Computing, member of the editorial board of the IEEE Transactions on Cloud Computing and IEEE Transactions on Services Computing, and secretary of the IEEE Technical Committee on Services Computing. He has been Program Chair of several international conferences and workshops in the area of distributed systems and security and privacy. He co-authored with Professors Ernesto Damiani and Nabil El Ioini the book Open Source Systems Security Certification, published by Springer.
Ernesto Damiani serves as the acting Dean of Computing and Mathematical Sciences and Director of the Center for Cyber Physical Systems (C2PS) at Khalifa University in the UAE. He is a full professor in the Department of Computer Science at the Università degli Studi di Milano, Italy, where he leads the SESAR research lab. His research interests include secure service-oriented architectures (SOA), certifiable robust Artificial intelligence and Data Analytics models, and cyber-physical systems security. Dr. Damiani has served as the Editor-in-Chief of the IEEE Transactions on Service-oriented Computing and as an Associate Editor of the IEEE Transactions on Fuzzy Systems. He is a senior member of the IEEE and served as Vice-Chair of the IEEE Technical Committee on Industrial Informatics. In 2008, Dr. Damiani was nominated as an ACM Distinguished Scientist and received the Chester Sall Award from the IEEE Industrial Electronics Society. Later, he received a doctorate honoris causa from Institut National des Sciences Appliquées (INSA) of Lyon, France, for his contributions to Big Data analysis platforms and architectures. In 2022, Ernesto was awarded the rank of Officer of the Order of the Star of Italy for his contributions to international scientific collaboration in AI.
Nabil El Ioini is an Associate Professor within the School of Computer Science at the University of Nottingham, Malaysia. His research interests lie the area of cloud computing, cyber-security, and blockchain technology. Dr. El Ioini's research endeavors center around designing innovative architectural patterns tailored to meet the evolving demands of Edge computing and distributed applications. With a keen focus on scalability, orchestration, security, and privacy, he and his team successfully developed cloud-edge solutions leveraging mainstream technologies such as containers and blockchain. His scholarly contributions have been widely recognized, with his work featured in numerous conferences and journals.
作者簡介(中文翻譯)
Marco Anisetti 是米蘭大學計算機科學系的全職教授。他的研究興趣集中在計算智能及其在複雜系統和服務設計與評估中的應用。具體而言,他一直在研究現代邊緣計算和 AI 輔助系統的安全保障和軟體/服務認證的創新解決方案。在這個領域,他定義了基於分散式保障評估架構的持續和增量雲/網路服務安全認證的新方案,該架構源自他的 Moon Cloud 創業公司。他是 2010 年 GIRPR 獎最佳博士論文的得主,以及 2009 年 IEEE 消費電子學會的 Chester Sall 獎得主。他是《IEEE Transactions on Cloud Computing》、《IEEE Transactions on Services Computing》和《Future Generation Computer Systems (FGCS)》的編輯委員會成員。他曾擔任多個國際會議和研討會的程序委員會成員,專注於分散式系統、基於服務的架構和安全性。他參與了多個歐盟項目,包括 FP7 ASSET4SOA 和 FP7 CUMULUS,這些項目專注於服務的認證,以及 H2020 CONCORDIA,研究現代系統的安全保障。
Claudio Agostino Ardagna 是米蘭大學計算機科學系的全職教授,CINI 國家數據科學實驗室的主任,以及 Moon Cloud srl 的共同創辦人。他的研究興趣包括分散式系統的安全與保障、雲邊緣和 AI/ML 認證,以及數據科學。他是 ERCIM(歐洲資訊與數學研究聯盟)WG STM 2009 獎最佳博士論文的得主。他曾擔任法國里昂第三大學的受邀教授,以及北京郵電大學、哈利法大學和喬治梅森大學的訪問研究員。他是《IEEE Transactions on Cloud Computing》的指導委員會成員、《IEEE Transactions on Cloud Computing》和《IEEE Transactions on Services Computing》的編輯委員會成員,以及 IEEE 服務計算技術委員會的秘書。他曾擔任多個國際會議和研討會的程序主席,專注於分散式系統和安全與隱私。他與 Ernesto Damiani 和 Nabil El Ioini 教授共同撰寫了由 Springer 出版的書籍《Open Source Systems Security Certification》。
Ernesto Damiani 擔任阿聯酋哈利法大學計算與數學科學學院的代理院長及網路物理系統中心(C2PS)的主任。他是米蘭大學計算機科學系的全職教授,並領導 SESAR 研究實驗室。他的研究興趣包括安全的面向服務的架構(SOA)、可認證的穩健人工智慧和數據分析模型,以及網路物理系統的安全性。Damiani 博士曾擔任《IEEE Transactions on Service-oriented Computing》的主編,以及《IEEE Transactions on Fuzzy Systems》的副編輯。他是 IEEE 的資深會員,並曾擔任 IEEE 工業資訊技術委員會的副主席。2008 年,Damiani 博士被提名為 ACM 傑出科學家,並獲得 IEEE 工業電子學會的 Chester Sall 獎。隨後,他因對大數據分析平台和架構的貢獻,獲得法國里昂國立應用科學學院(INSA)授予的榮譽博士學位。2022 年,Ernesto 因其對國際社會的貢獻被授予意大利星勳章的官員級別。
