Abstract
With the evolving expansion of threat landscape (i.e., internal and external) and the growing shortage of cybersecurity resources (i.e., tools and skills), Security as a Service (SecaaS) is gaining a momentum to fill this pressing gap. In this paper, we propose a taxonomy of existing research work in SecaaS. The taxonomy explores the current state-of-the-art in SecaaS to reason about SecaaS work with respect to three main dimensions: service operation, security solution, and threat. This taxonomy enables the SecaaS consumers and researchers to better differentiate among existing approaches and assess if they meet their security needs.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Cloud Security Alliance: The Treacherous 12 - Cloud Computing Top Threats in 2016 (2016)
Cloud Security Alliance: Defining Categories of Security as a service (2016)
Carvalho, C.A.B., Castro, M.F., Castro, R.M.: Secure cloud storage service for detection of security violations. In: Proceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing. IEEE Press (2017)
Thomas, K., Grier, C., Ma, J., Paxson, V., Song, D.: Design and evaluation of a real-time URL spam filtering service. In: Proceedings of 2011 IEEE Symposium on Security and Privacy (SP), pp. 447–462. IEEE (2011)
Alharkan, T., Martin, P.: IDSaaS: intrusion detection system as a service in public clouds. In: Proceedings of the 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID), pp. 686–687 (2012)
Varadharajan, V., Tupakula, U.: Security as a service model for cloud environment. IEEE Trans. Netw. Serv. Manag. 11(1), 60–75 (2014)
Hawed, M., Talhi, C., Boucheneb, H.: Security as a service for public cloud tenants (SaaS). Procedia Comput. Sci. 130, 1025–1030 (2018)
Meng, Y., Li, W., Xiang, Y.: Towards designing privacy-preserving signature-based IDS as a service: a study and practice. In: Proceedings of 5th International Conference on Intelligent Networking and Collaborative Systems (INCoS), pp. 181–188. IEEE (2013)
Wu, R., Zhang, X., Ahn, G.J., Sharifi, H., Xie, H.: ACaaS: access control as a service for IaaS cloud. In: Proceedings of 2013 International Conference on Social Computing (SocialCom), pp. 423–428. IEEE (2013)
Lang, U.: OpenPMF SCaaS: authorization as a service for cloud & SOA applications. In: Proceedings of IEEE Second International Conference on Cloud Computing Technology and Science (CloudCom), pp. 634–643. IEEE (2010)
Guenane, F., Nogueira, M., Serhrouchni, A.: DDoS mitigation cloud-based service. In: Proceedings of 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 1363–1368. IEEE (2015)
Pappas, V., Kemerlis, V.P., Zavou, A., Polychronakis, M., Keromytis, A.D.: CloudFence: data flow tracking as a cloud service. In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds.) RAID 2013. LNCS, vol. 8145, pp. 411–431. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-41284-4_21
Wood, T., Cecchet, E., Ramakrishnan, K.K., Shenoy, P.J., van der Merwe, J.E., Venkataramani, A.: Disaster recovery as a cloud service: economic benefits & deployment challenges. In: Proceedings of HotCloud, vol. 10, pp. 8–15 (2010)
Ghazi, Y., Masood, R., Rauf, A., Shibli, M. A., Hassan, Q.: DB-SecaaS: a cloud-based protection system for document-oriented NoSQL databases. EURASIP J. Inf. Secur. (1), 16 (2016)
Zhou, H., et al.: Agentless and uniform introspection for various security services in IaaS cloud. In: Proceedings of 2017 4th International Conference on Information Science and Control Engineering (ICISCE), pp. 140–144. IEEE (2017)
Kaliski Jr, B.S., Pauley, W.: Toward risk assessment as a service in cloud environments. In: Proceedings of HotCloud (2010)
Mahalakshmi, J., Kuppusamy, K.: Security-as-a-service for files in cloud computing—a novel application model. In: Proceedings of 2016 10th International Conference on Intelligent Systems and Control (ISCO), pp. 1–5. IEEE (2016)
Rak, M., Suri, N., Luna, J., Petcu, D., Casola, V., Villano, U.: Security as a service using an SLA-based approach via SPECS. In: Proceedings of IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom), vol. 2, pp. 1–6. IEEE (2013)
Sun, Y., Nanda, S., Jaeger, T.: Security-as-a-service for microservices-based cloud applications. In: 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom), pp. 50–57. IEEE (2015)
Tupakula, U., Varadharajan, V., Karmakar, K.: SDN-based dynamic policy specification and enforcement for provisioning SECaaS in cloud. In: Bouguettaya, A., et al. (eds.) WISE 2017. LNCS, vol. 10570, pp. 550–561. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68786-5_44
Zhang, Y., Chen, J.L.: Access control as a service for public cloud storage. In: Proceedings of 32nd International Conference on Distributed Computing Systems Workshops (ICDCSW), pp. 526–536. IEEE (2012)
Roundy, K.A., et al.: Smoke detector: cross-product intrusion detection with weak indicators. In: Proceedings of the 33rd Annual Computer Security Applications Conference, pp. 200–211. ACM (2017)
Shu, X., Yao, D.: Data leak detection as a service. In: Keromytis, A.D., Di Pietro, R. (eds.) SecureComm 2012. LNICST, vol. 106, pp. 222–240. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36883-7_14
Zawoad, S., Hasan, R., Haque, M.M., Warner, G.: CURLA: cloud-based spam URL analyzer for very large datasets. In: Proceedings of 2014 IEEE 7th International Conference on Cloud Computing (CLOUD), pp. 729–736. IEEE (2014)
Gonzales, D., Kaplan, J.M., Saltzman, E., Winkelman, Z., Woods, D.: Cloud-trust—a security assessment model for infrastructure as a service (IaaS) clouds. Proc. IEEE Trans. Cloud Comput. 5(3), 523–536 (2015)
Poon, H.T., Miri, A.: Scanning for viruses on encrypted cloud storage. In: Proceedings of 2016 International IEEE Conferences on Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress, pp. 954–959. IEEE (2016)
Elsayed, M., Zulkernine, M.: IFCaaS: information flow control as a service for cloud security. In: Proceedings of the 2016 11th International Conference on Availability, Reliability and Security, (ARES), Salzburg, Austria, pp. 211–216. IEEE (2016)
Elsayed, M., Zulkernine, M.: Towards security monitoring for cloud analytic applications. In: Proceedings of the 4th IEEE International Conference on Big Data Security on Cloud, BigDataSecurity 2018, Omaha, NE, USA. IEEE (2018). (Best student paper award)
Wang, W., Yongchareon, S.: A survey on security as a service. In: Proceedings of International Conference of Web Information Systems Engineering (WISE) (2017)
Acknowledgment
This research is partially supported by the Natural Sciences & Engineering Research Council of Canada (NSERC). Marwa Elsayed thanks the Schlumberger Foundation for supporting her Ph.D. study in Canada.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Elsayed, M., Zulkernine, M. (2018). A Taxonomy of Security as a Service. In: Panetto, H., Debruyne, C., Proper, H., Ardagna, C., Roman, D., Meersman, R. (eds) On the Move to Meaningful Internet Systems. OTM 2018 Conferences. OTM 2018. Lecture Notes in Computer Science(), vol 11230. Springer, Cham. https://doi.org/10.1007/978-3-030-02671-4_19
Download citation
DOI: https://doi.org/10.1007/978-3-030-02671-4_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02670-7
Online ISBN: 978-3-030-02671-4
eBook Packages: Computer ScienceComputer Science (R0)