{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T00:54:34Z","timestamp":1740099274607,"version":"3.37.3"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030047702"},{"type":"electronic","value":"9783030047719"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-04771-9_43","type":"book-chapter","created":{"date-parts":[[2018,12,5]],"date-time":"2018-12-05T17:02:53Z","timestamp":1544029373000},"page":"573-588","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Integrity Protection Against Insiders in Microservice-Based Infrastructures: From Threats to a Security Framework"],"prefix":"10.1007","author":[{"given":"Mohsen","family":"Ahmadvand","sequence":"first","affiliation":[]},{"given":"Alexander","family":"Pretschner","sequence":"additional","affiliation":[]},{"given":"Keith","family":"Ball","sequence":"additional","affiliation":[]},{"given":"Daniel","family":"Eyring","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,12,6]]},"reference":[{"doi-asserted-by":"crossref","unstructured":"Ahmadvand, M., Ibrahim, A.: Requirements reconciliation for scalable and secure microservice (de)composition. In: 2016 IEEE 3rd Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE). IEEE (2016)","key":"43_CR1","DOI":"10.1109\/REW.2016.026"},{"doi-asserted-by":"crossref","unstructured":"Ahmadvand, M., Pretschner, A., Kelbert, F.: A taxonomy of software integrity protection techniques. In: Advances in Computers. Elsevier (2018)","key":"43_CR2","DOI":"10.1016\/bs.adcom.2017.12.007"},{"doi-asserted-by":"crossref","unstructured":"Ahmadvand, M., Scemama, A., Ochoa, M., Pretschner, A.: Enhancing operation security using secret sharing. In: Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016), pp. 446\u2013451. INSTICC\/SciTePress (2016)","key":"43_CR3","DOI":"10.5220\/0005992104460451"},{"unstructured":"Arnautov, S., et al.: SCONE: secure linux containers with intel SGX. In: 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI), vol. 16, pp. 689\u2013703. USENIX Association, Savannah, GA (2016)","key":"43_CR4"},{"doi-asserted-by":"crossref","unstructured":"Banescu, S., Pretschner, A., Battr\u00e9, D., Cazzulani, S., Shield, R., Thompson, G.: Software-based protection against changeware. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, pp. 231\u2013242. ACM (2015)","key":"43_CR5","DOI":"10.1145\/2699026.2699099"},{"issue":"3","key":"43_CR6","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1145\/2799647","volume":"33","author":"A Baumann","year":"2015","unstructured":"Baumann, A., Peinado, M., Hunt, G.: Shielding applications from an untrusted cloud with Haven. ACM Trans. Comput. Syst. (TOCS) 33(3), 8 (2015)","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"key":"43_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"177","DOI":"10.1007\/978-3-319-59665-5_13","volume-title":"Distributed Applications and Interoperable Systems","author":"S Brenner","year":"2017","unstructured":"Brenner, S., Hundt, T., Mazzeo, G., Kapitza, R.: Secure cloud micro services using Intel SGX. In: Chen, L.Y., Reiser, H.P. (eds.) DAIS 2017. LNCS, vol. 10320, pp. 177\u2013191. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-59665-5_13"},{"key":"43_CR8","doi-asserted-by":"publisher","first-page":"277","DOI":"10.1016\/j.cose.2017.10.006","volume":"74","author":"F Callegati","year":"2018","unstructured":"Callegati, F., Giallorenzo, S., Melis, A., Prandini, M.: Cloud-of-things meets mobility-as-a-service: an insider threat perspective. Comput. Secur. 74, 277\u2013295 (2018)","journal-title":"Comput. Secur."},{"issue":"8","key":"43_CR9","doi-asserted-by":"publisher","first-page":"735","DOI":"10.1109\/TSE.2002.1027797","volume":"28","author":"CS Collberg","year":"2002","unstructured":"Collberg, C.S., Thomborson, C.: Watermarking, tamper-proofing, and obfuscation-tools for software protection. IEEE Trans. Softw. Eng. 28(8), 735\u2013746 (2002)","journal-title":"IEEE Trans. Softw. Eng."},{"unstructured":"Costan, V., Devadas, S.: Intel SGX explained. IACR Cryptology ePrint Archive 2016:86 (2016)","key":"43_CR10"},{"unstructured":"Dewan, P., Durham, D., Khosravi, H., Long, M., Nagabhushan, G.: A hypervisor-based system for protecting software runtime memory and persistent storage, pp. 828\u2013835. Society for Computer Simulation International (2008)","key":"43_CR11"},{"key":"43_CR12","doi-asserted-by":"publisher","first-page":"195","DOI":"10.1007\/978-3-319-67425-4_12","volume-title":"Present and Ulterior Software Engineering","author":"N Dragoni","year":"2017","unstructured":"Dragoni, N., et al.: Microservices: yesterday, today, and tomorrow. Present and Ulterior Software Engineering, pp. 195\u2013216. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-67425-4_12"},{"issue":"5","key":"43_CR13","doi-asserted-by":"publisher","first-page":"193","DOI":"10.1145\/1165389.945464","volume":"37","author":"Tal Garfinkel","year":"2003","unstructured":"Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. In: ACM SIGOPS Operating Systems Review, vol. 37, pp. 193\u2013206. ACM (2003)","journal-title":"ACM SIGOPS Operating Systems Review"},{"doi-asserted-by":"crossref","unstructured":"Jakobsson, M., Johansson, K.-A.: Practical and secure software-based attestation. In: 2011 Workshop on Lightweight Security & Privacy: Devices, Protocols and Applications (LightSec), pp. 1\u20139. IEEE (2011)","key":"43_CR14","DOI":"10.1109\/LightSec.2011.8"},{"unstructured":"Jin, H., Lotspiech, J.: Forensic analysis for tamper resistant software. In: 14th International Symposium on Software Reliability Engineering, ISSRE 2003, pages 133\u2013142. IEEE (2003)","key":"43_CR15"},{"key":"43_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1007\/978-3-319-74433-9_3","volume-title":"Current Trends in Web Engineering","author":"M Kalske","year":"2018","unstructured":"Kalske, M., M\u00e4kitalo, N., Mikkonen, T.: Challenges when moving from monolith to microservice architecture. In: Garrig\u00f3s, I., Wimmer, M. (eds.) ICWE 2017. LNCS, vol. 10544, pp. 32\u201347. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-74433-9_3"},{"key":"43_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/978-3-642-41476-3_8","volume-title":"Critical Information Infrastructure Security","author":"M Kandias","year":"2013","unstructured":"Kandias, M., Virvilis, N., Gritzalis, D.: The insider threat in cloud computing. In: Bologna, S., H\u00e4mmerli, B., Gritzalis, D., Wolthusen, S. (eds.) CRITIS 2011. LNCS, vol. 6983, pp. 93\u2013103. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-41476-3_8"},{"doi-asserted-by":"crossref","unstructured":"Liang, X., Shetty, S., Zhang, L., Kamhoua, C., Kwiat, K.: Man in the cloud (MITC) defender: SGX-based user credential protection for synchronization applications in cloud computing platform. In: 2017 IEEE 10th International Conference on Cloud Computing (CLOUD), pp. 302\u2013309, June 2017","key":"43_CR18","DOI":"10.1109\/CLOUD.2017.46"},{"unstructured":"Lind, J., et al.: Glamdring: automatic application partitioning for Intel SGX. In: 2017 USENIX Annual Technical Conference (USENIX ATC 17), Santa Clara, CA, pp. 285\u2013298. USENIX Association (2017)","key":"43_CR19"},{"key":"43_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-642-14215-4_2","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"L Martignoni","year":"2010","unstructured":"Martignoni, L., Paleari, R., Bruschi, D.: Conqueror: tamper-proof code execution on legacy systems. In: Kreibich, C., Jahnke, M. (eds.) DIMVA 2010. LNCS, vol. 6201, pp. 21\u201340. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-14215-4_2"},{"doi-asserted-by":"crossref","unstructured":"Neisse, R., Holling, D., Alexander, P.: Implementing trust in cloud infrastructures. In: Proceedings of the 2011 11th IEEE\/ACM International Symposium on Cluster, Cloud and Grid Computing, pp. 524\u2013533. IEEE Computer Society (2011)","key":"43_CR21","DOI":"10.1109\/CCGrid.2011.35"},{"key":"43_CR22","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-0-387-77322-3_5","volume-title":"Insider Attack and Cyber Security","author":"MB Salem","year":"2008","unstructured":"Salem, M.B., Hershkop, S., Stolfo, S.J.: A survey of insider attack detection research. In: Stolfo, S.J., Bellovin, S.M., Keromytis, A.D., Hershkop, S., Smith, S.W., Sinclair, S. (eds.) Insider Attack and Cyber Security, vol. 39, pp. 69\u201390. Springer, US, Boston (2008). https:\/\/doi.org\/10.1007\/978-0-387-77322-3_5"},{"unstructured":"Santos, N., Gummadi, K.P., Rodrigues, R.: Towards trusted cloud computing. In: Proceedings of the 2009 Conference on Hot Topics in Cloud Computing, Hot-Cloud 2009, Berkeley, CA, USA. USENIX Association (2009)","key":"43_CR23"},{"issue":"2","key":"43_CR24","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1145\/317087.317089","volume":"2","author":"B Schneier","year":"1999","unstructured":"Schneier, B., Kelsey, J.: Secure audit logs to support computer forensics. ACM Trans. Inf. Syst. Secur. 2(2), 159\u2013176 (1999)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"43_CR25","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1095809.1095812","volume":"39","author":"A Seshadri","year":"2005","unstructured":"Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. ACM SIGOPS Oper. Syst. Rev. 39, 1\u201316 (2005)","journal-title":"ACM SIGOPS Oper. Syst. Rev."},{"doi-asserted-by":"crossref","unstructured":"De Sutter, B., et al.: A reference architecture for software protection, pp. 291\u2013294, April 2016","key":"43_CR26","DOI":"10.1109\/WICSA.2016.43"},{"doi-asserted-by":"crossref","unstructured":"Zawoad, S., Dutta, A.K., Hasan, R.: SecLaaS: secure logging-as-a-service for cloud forensics. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS 2013, pp. 219\u2013230. ACM, New York (2013)","key":"43_CR27","DOI":"10.1145\/2484313.2484342"}],"container-title":["Lecture Notes in Computer Science","Software Technologies: Applications and Foundations"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-04771-9_43","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,11,6]],"date-time":"2019-11-06T15:53:19Z","timestamp":1573055599000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-04771-9_43"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030047702","9783030047719"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-04771-9_43","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"STAF","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Federation of International Conferences on Software Technologies: Applications and Foundations","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Toulouse","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 June 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 June 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"staf2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.staf2018.fr\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}