Contribution to information security continuous audit in cloud-native environments
Kandidat
Meiran MG Galis
Mentor prof. dr. Milan Milosavljević
Institucija Univerzitet Singidunum, Beograd, Beograd, Srbija, 2023
Apstrakt
In the digitalized world and Cyberspace, as symbiotic community of men and machines, Cloud computing technologies and digital services based on them have important role in everyday life and business processes. From an information security standpoint, a whole range of security challenges arise, starting with security goals and security architecture through their operationalization and implementation. This is particularly reflective of the information security audit as part of the audit of information systems. In terms of information security cryptographic algorithms and cryptographic protocols are significantly standardized and support the approach of continuous external audit and improvement of the security of the subject information system. On the other hand, all of these solutions involve the use of cryptographic parameters created appropriately and under certain conditions. This audit segment requires specialist knowledge and the ability to assess the adequacy of the procedures applied. Contrary to cryptographic algorithms and protocols in this segment, there is no generally accepted standardization. This research is an attempt to develop a method that would be reliable in theoretical terms and proofs and also independent of trusted third parties. Such a method would significantly improve the possibilities of continuous revision in this segment and information security in the systematic sense.Suggested method is based on biometrical data, recorded electro-encephalography signals, randomness extraction from stochastic processes with non-maximal entropy and methods for transformation stochastic sequences for their uncertainty improvement. It is shown that it is possible to obtain truly random sequence sheared between participants in the protocol using communication over publically available authenticated communication channel. An unauthorized observer is able to collect all exchanged messages but in information sense cannot collect enough data to reconstruct established content between the two entities, and this can be theoretically proven. In the process, there is no trusted third party that entities must trust and have control over them and their communication, implying autonomy in setting end-to-end protection
Ključne reči cloud, security, information
Priložene datoteke
- Meiran Galis - Antiplagijat izveštaj ( 16,21 MB, broj pregleda: 147 )
- Meiran Galis - Odluka Senat ( 202,77 KB, broj pregleda: 132 )
- Meiran Galis - Doktorska disertacija ( 3,05 MB, broj pregleda: 199 )
- Meiran Galis - Izjava o autorstvu ( 455,51 KB, broj pregleda: 148 )
- Meiran Galis - Izveštaj ( 3,97 MB, broj pregleda: 162 )
- Meiran Galis - Karton mentora ( 1,82 MB, broj pregleda: 168 )
- Meiran Galis - Odluka o obrazovanju komisije ( 506,7 KB, broj pregleda: 156 )
Zahvaljujemo se što ste preuzeli publikaciju sa portala Singipedia.
Ukoliko želite da se prijavite za obaveštenja o sadržajima iz oblasti ove publikacije, možete nam ostaviti adresu svoje elektronske pošte.
Preuzimanje citata:
BibTeX format
RefWorks Tagged format
Unapred formatirani prikaz citata
BibTeX format
@phdthesis{Galis-2023-phd, author = {Meiran MG Galis}, title = {Contribution to information security continuous audit in cloud-native environments}, school = {Univerzitet Singidunum, Beograd, Beograd, Srbija}, year = 2023 }
RT Dissertation A1 Meiran MG Galis T1 Contribution to information security continuous audit in cloud-native environments AD Univerzitet Singidunum, Beograd, Beograd, Srbija YR 2023 SF doctoral dissertation; research
M. M. Galis. (2023). Contribution to information security continuous audit in cloud-native environments (Doctoral dissertation), Univerzitet Singidunum, Beograd