Document Type

Conference Proceeding

Publication Date

1-1-2023

Journal / Book Title

2023 IEEE 14th Annual Ubiquitous Computing Electronics and Mobile Communication Conference Uemcon 2023

Abstract

Cloud security has become an important issue for many organizations that utilize cloud services, e.g. Amazon Web Services (AWS), especially as they have to manage the massive volumes of data (i.e. big data) and the application of artificial intelligence (AI) technologies. Ensuring that the security posture of the given environment protects sensitive data and maintains compliance can be challenging, particularly as ubiquitous data access is typically desirable. This paper discusses the design of a Cloud Security Posture Management (CSPM) tool, to monitor assets with emphasis on Amazon Web Services (AWS) for exemplification. The CSPM tool aims to monitor AWS assets based on the NIST Cybersecurity Framework v1.1 (NIST CSF). It focuses on continuous threat and intelligence monitoring along with misconfiguration alerting as needed. Leveraging AI capabilities, the CSPM tool can help identify risks and provide remediation recommendations. AWS services, such as VPC traffic logs, GuardDuty, and CloudTrail, can be used so that the tool can be modified to fit organizational security requirements. This paper discusses the CSPM tool design, monitoring, and reporting features, in order to enhance security and compliance for cloud computing. Proper planning and implementation via the power of AI and Big Data can enable organizations to utilize this CSPM tool to increase their cloud security posture along with reducing risks appearing in the environment. This work directly impacts cloud data management and ubiquitous data access for digital connectivity, and consequently makes broader impacts on smart mobility, a vital facet of smart cities.

DOI

10.1109/UEMCON59035.2023.10316003

Journal ISSN / Book ISBN

85179757569 (Scopus)

Download
Link to Publisher
Link at MSU

Share

COinS