Preserving Privacy of Security Services in the SecaaS Model
Publication Type:Journal Article
Source:Information & Security: An International Journal, Volume 53, Issue 1, p.47-64 (2022)
Keywords:access control, authentication, cloud environment, Cybersecurity, privacy, secure services
Outsourcing security services to the cloud allows companies to minimize IT infrastructure costs, use services faster, improve manageability, and reduce their own maintenance effort. However, the security policy, which identifies the rules and procedures, also contains information about security architecture, threats, and vulnerabilities. Therefore, the privacy of security policies applied in a cloud environment is needed. This article describes a structure of security policies for selected network services that will ensure privacy protection and protect against the analysis of network traffic by an unauthorized person. The developed solution is based on the UNIPRIV model. This architecture for authentication and access control services was implemented and verified, taking into account safety and performance.