Open Source Systems Security Certification - Softcover

Über die Autorin bzw. den Autor

Marco Anisetti is Full Professor in the Department of Computer Science at the Università degli Studi di Milano. His research interests are in the area of Computational Intelligence and its application to the design and evaluation of complex systems and services. Specifically, he has been investigating innovative solutions for security assurance and software/service certification for modern Edge and AI-assisted systems. In this area, he defined new schemes for continuous and incremental Cloud/Web service security certification based on the distributed assurance evaluation architecture that had percolated in his Moon Cloud spin-off. He is the winner of the 2010 GIRPR award for the best Ph.D. thesis and the 2009 Chester Sall Award from the IEEE Consumer Electronics Society. He is an editorial board member of IEEE Transactions on Cloud Computing, IEEE Transactions on Services Computing, and Future Generation Computer Systems (FGCS) at Elsevier. He has been a program committee member for several international conferences and workshops in the area of distributed systems, service-based architectures, and security. He contributed to a number of EU projects including FP7 ASSET4SOA and FP7 CUMULUS focused on certification of services and H2020 CONCORDIA investigating security assurance for modern systems. Claudio Agostino Ardagna is a Full Professor in the Department of Computer Science at the Università degli Studi di Milano, Italy, the Director of the CINI National Lab on Data Science, and co-founder of Moon Cloud srl. His research interests are in the areas of distributed systems security and assurance, cloud-edge and AI/ML certification, and data science. He is the winner of the ERCIM (European Research Consortium for Informatics and Mathematics) WG STM 2009 Award for the Best Ph.D. Thesis on Security and Trust Management. He has been an invited professor at the Université Jean Moulin Lyon 3 and a visiting researcher at Beijing University of Posts and Telecommunications, Khalifa University, and George Mason University. He is a member of the Steering Committee for IEEE Transactions on Cloud Computing, member of the editorial board of the IEEE Transactions on Cloud Computing and IEEE Transactions on Services Computing, and secretary of the IEEE Technical Committee on Services Computing. He has been Program Chair of several international conferences and workshops in the area of distributed systems and security and privacy. He co-authored with Professors Ernesto Damiani and Nabil El Ioini the book Open Source Systems Security Certification, published by Springer. Ernesto Damiani serves as the acting Dean of Computing and Mathematical Sciences and Director of the Center for Cyber Physical Systems (C2PS) at Khalifa University in the UAE. He is a full professor in the Department of Computer Science at the Università degli Studi di Milano, Italy, where he leads the SESAR research lab. His research interests include secure service-oriented architectures (SOA), certifiable robust Artificial intelligence and Data Analytics models, and cyber-physical systems security. Dr. Damiani has served as the Editor-in-Chief of the IEEE Transactions on Service-oriented Computing and as an Associate Editor of the IEEE Transactions on Fuzzy Systems. He is a senior member of the IEEE and served as Vice-Chair of the IEEE Technical Committee on Industrial Informatics. In 2008, Dr. Damiani was nominated as an ACM Distinguished Scientist and received the Chester Sall Award from the IEEE Industrial Electronics Society. Later, he received a doctorate honoris causa from Institut National des Sciences Appliquées (INSA) of Lyon, France, for his contributions to Big Data analysis platforms and architectures. In 2022, Ernesto was awarded the rank of Officer of the Order of the Star of Italy for his contributions to international scientific collaboration in AI. Nabil El Ioini is an Associate Professor within t

Von der hinteren Coverseite

Open Source Systems Security Certification provides an introduction to the notion of the Security Certification, including test-based and model-based approaches to the certification of software products. Several Security Certification standards are presented, including the international standard for the certification of IT products Common Criteria (ISO/IEC 15408) (CC 2006), a certification officially adopted by the governments of 18 nations.

This book discusses Security Certification as a way to foster adoption and deployment of Open Source Software (OSS) in security-sensible markets, such as telecommunications, government and the military. Scientific and technical issues of OSS security certification are highlighted through case studies.

This volume is designed for professionals and companies trying to implement an Open Source Systems (OSS) aware IT governance strategy, and SMEs looking for ways to use OSS in order to enter new security-conscious markets traditionally held by proprietary products. This book is also suitable for researchers and advanced-level students interested in OSS development, deployment and adoption issues.