A Journey Into Security Certification: From the Cloud to Artificial Intelligence
暫譯: 安全認證之旅:從雲端到人工智慧
Anisetti, Marco, Ardagna, Claudio Agostino, Damiani, Ernesto
相關主題
商品描述
This book, authored by some of the pioneers in the security certification domain, provides a foundational knowledge base for designing and deploying effective security certification schemes for cloud-edge distributed systems. It gives readers unique and essential insight into the history of security certification and its evolution from static to dynamic models. The book helps readers to understand the importance of security certification across distributed system evolution from cloud-based to artificial intelligence-machine learning systems. It covers in full the certification of cloud-based composite services, discussing the role of multi-factor certification. It also emphasizes processes for continuously certifying services across system and context changes, as well as the certification of the deployment environment and development process and their impact on the overall cloud service certification. The book considers and challenges existing security certification schemes for cloud services, discussing issues and gaps when applied to modern systems in the cloud-edge continuum and built on artificial intelligence. Readers will become familiar with the challenges in certifying cloud-edge distributed systems and machine learning-based systems.
This book also provides actionable insight to readers who manage modern security systems. Security controls have grown in size and complexity, requiring reliable and sustainable certification schemes to support varying quality standards and produce compliant products. It covers the logic behind security standards and the evaluation criteria of main certification standards, further discussing the evolution and corresponding certification of distributed systems towards cloud, cloud-edge, and artificial intelligence. The book teaches readers how to build faster, scalable, and more reliable cloud-edge distributed systems and beyond.
商品描述(中文翻譯)
這本書由安全認證領域的一些先驅所撰寫,提供了設計和部署有效的安全認證方案所需的基礎知識,特別針對雲端邊緣分散式系統。它為讀者提供了獨特且重要的見解,介紹了安全認證的歷史及其從靜態模型演變為動態模型的過程。這本書幫助讀者理解安全認證在分散式系統演變中的重要性,從雲端基礎設施到人工智慧-機器學習系統。書中全面涵蓋了雲端基礎的複合服務的認證,並討論了多因素認證的角色。它還強調了在系統和環境變化中持續認證服務的過程,以及部署環境和開發過程的認證及其對整體雲服務認證的影響。這本書考慮並挑戰現有的雲服務安全認證方案,討論了在雲端邊緣連續體及基於人工智慧的現代系統中應用時所面臨的問題和缺口。讀者將熟悉認證雲端邊緣分散式系統和基於機器學習系統的挑戰。
這本書還為管理現代安全系統的讀者提供了可行的見解。安全控制的規模和複雜性不斷增長,這需要可靠且可持續的認證方案來支持不同的質量標準並生產合規的產品。書中涵蓋了安全標準背後的邏輯以及主要認證標準的評估標準,進一步討論了分散式系統向雲端、雲端邊緣和人工智慧的演變及相應的認證。這本書教導讀者如何構建更快、可擴展且更可靠的雲端邊緣分散式系統及其他系統。
作者簡介
Marco Anisetti is Full Professor in the Department of Computer Science at the Università degli Studi di Milano. His research interests are in the area of Computational Intelligence and its application to the design and evaluation of complex systems and services. Specifically, he has been investigating innovative solutions for security assurance and software/service certification for modern Edge and AI-assisted systems. In this area, he defined new schemes for continuous and incremental Cloud/Web service security certification based on the distributed assurance evaluation architecture that had percolated in his Moon Cloud spin-off. He is the winner of the 2010 GIRPR award for the best Ph.D. thesis and the 2009 Chester Sall Award from the IEEE Consumer Electronics Society. He is an editorial board member of IEEE Transactions on Cloud Computing, IEEE Transactions on Services Computing, and Future Generation Computer Systems (FGCS) at Elsevier. He has been a program committee member for several international conferences and workshops in the area of distributed systems, service-based architectures, and security. He contributed to a number of EU projects including FP7 ASSET4SOA and FP7 CUMULUS focused on certification of services and H2020 CONCORDIA investigating security assurance for modern systems.
Claudio Agostino Ardagna is a Full Professor in the Department of Computer Science at the Università degli Studi di Milano, Italy, the Director of the CINI National Lab on Data Science, and co-founder of Moon Cloud srl. His research interests are in the areas of distributed systems security and assurance, cloud-edge and AI/ML certification, and data science. He is the winner of the ERCIM (European Research Consortium for Informatics and Mathematics) WG STM 2009 Award for the Best Ph.D. Thesis on Security and Trust Management. He has been an invited professor at the Université Jean Moulin Lyon 3 and a visiting researcher at Beijing University of Posts and Telecommunications, Khalifa University, and George Mason University. He is a member of the Steering Committee for IEEE Transactions on Cloud Computing, member of the editorial board of the IEEE Transactions on Cloud Computing and IEEE Transactions on Services Computing, and secretary of the IEEE Technical Committee on Services Computing. He has been Program Chair of several international conferences and workshops in the area of distributed systems and security and privacy. He co-authored with Professors Ernesto Damiani and Nabil El Ioini the book Open Source Systems Security Certification, published by Springer.
Ernesto Damiani serves as the acting Dean of Computing and Mathematical Sciences and Director of the Center for Cyber Physical Systems (C2PS) at Khalifa University in the UAE. He is a full professor in the Department of Computer Science at the Università degli Studi di Milano, Italy, where he leads the SESAR research lab. His research interests include secure service-oriented architectures (SOA), certifiable robust Artificial intelligence and Data Analytics models, and cyber-physical systems security. Dr. Damiani has served as the Editor-in-Chief of the IEEE Transactions on Service-oriented Computing and as an Associate Editor of the IEEE Transactions on Fuzzy Systems. He is a senior member of the IEEE and served as Vice-Chair of the IEEE Technical Committee on Industrial Informatics. In 2008, Dr. Damiani was nominated as an ACM Distinguished Scientist and received the Chester Sall Award from the IEEE Industrial Electronics Society. Later, he received a doctorate honoris causa from Institut National des Sciences Appliquées (INSA) of Lyon, France, for his contributions to Big Data analysis platforms and architectures. In 2022, Ernesto was awarded the rank of Officer of the Order of the Star of Italy for his contributions to international scientific collaboration in AI.
Nabil El Ioini is an Associate Professor within the School of Computer Science at the University of Nottingham, Malaysia. His research interests lie the area of cloud computing, cyber-security, and blockchain technology. Dr. El Ioini's research endeavors center around designing innovative architectural patterns tailored to meet the evolving demands of Edge computing and distributed applications. With a keen focus on scalability, orchestration, security, and privacy, he and his team successfully developed cloud-edge solutions leveraging mainstream technologies such as containers and blockchain. His scholarly contributions have been widely recognized, with his work featured in numerous conferences and journals.
作者簡介(中文翻譯)
馬可·阿尼塞提(Marco Anisetti)是米蘭大學計算機科學系的全職教授。他的研究興趣集中在計算智能及其在複雜系統和服務設計與評估中的應用。具體而言,他一直在研究現代邊緣計算和人工智慧輔助系統的安全保證和軟體/服務認證的創新解決方案。在這個領域,他定義了基於分散式保證評估架構的持續和增量雲/網路服務安全認證的新方案,該架構源自他的Moon Cloud創業公司。他是2010年GIRPR最佳博士論文獎的得主,以及2009年IEEE消費電子學會的切斯特·薩爾獎(Chester Sall Award)得主。他是《IEEE雲計算學報》(IEEE Transactions on Cloud Computing)、《IEEE服務計算學報》(IEEE Transactions on Services Computing)和《未來世代計算系統》(Future Generation Computer Systems, FGCS)等期刊的編輯委員會成員。他曾擔任多個國際會議和研討會的程序委員會成員,專注於分散式系統、基於服務的架構和安全性。他參與了多個歐盟項目,包括FP7 ASSET4SOA和FP7 CUMULUS,這些項目專注於服務的認證,以及H2020 CONCORDIA,研究現代系統的安全保證。
克勞迪奧·阿戈斯蒂諾·阿達尼(Claudio Agostino Ardagna)是米蘭大學計算機科學系的全職教授,CINI國家數據科學實驗室的主任,以及Moon Cloud srl的共同創辦人。他的研究興趣包括分散式系統的安全性和保證、雲邊緣和人工智慧/機器學習的認證,以及數據科學。他是2009年歐洲研究資訊與數學聯盟(ERCIM)WG STM最佳博士論文獎的得主,該獎項專注於安全和信任管理。他曾擔任法國里昂第三大學的受邀教授,以及北京郵電大學、哈利法大學和喬治梅森大學的訪問研究員。他是《IEEE雲計算學報》的指導委員會成員、《IEEE服務計算學報》的編輯委員會成員,以及IEEE服務計算技術委員會的秘書。他曾擔任多個國際會議和研討會的程序主席,專注於分散式系統和安全與隱私。他與恩內斯托·達米亞尼(Ernesto Damiani)教授和納比爾·艾爾·伊奧尼(Nabil El Ioini)共同撰寫了由Springer出版的《開源系統安全認證》(Open Source Systems Security Certification)一書。
恩內斯托·達米亞尼(Ernesto Damiani)擔任阿聯酋哈利法大學計算與數學科學學院的代理院長及網絡物理系統中心(C2PS)主任。他是米蘭大學計算機科學系的全職教授,並領導SESAR研究實驗室。他的研究興趣包括安全的面向服務架構(SOA)、可認證的穩健人工智慧和數據分析模型,以及網絡物理系統的安全性。達米亞尼博士曾擔任《IEEE面向服務計算學報》的主編,以及《IEEE模糊系統學報》的副編輯。他是IEEE的資深會員,並曾擔任IEEE工業資訊技術委員會的副主席。2008年,達米亞尼博士被提名為ACM傑出科學家,並獲得IEEE工業電子學會的切斯特·薩爾獎。隨後,他因對大數據分析平台和架構的貢獻,獲得法國里昂國立應用科學學院(INSA)授予的榮譽博士學位。2022年,恩內斯托因其在人工智慧國際科學合作方面的貢獻,被授予意大利星級勳章的軍官級別。
納比爾·艾爾·伊奧尼(Nabil El Ioini)是馬來西亞諾丁漢大學計算機科學學院的副教授。他的研究興趣包括雲計算、網絡安全和區塊鏈技術。艾爾·伊奧尼博士的研究工作集中在設計創新的架構模式,以滿足邊緣計算和分散式應用的演變需求。他和他的團隊專注於可擴展性、編排、安全性和隱私,成功開發了利用主流技術(如容器和區塊鏈)的雲邊緣解決方案。他的學術貢獻得到了廣泛的認可,其研究成果在多個會議和期刊中發表。
