{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,9]],"date-time":"2026-03-09T19:57:30Z","timestamp":1773086250890,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":28,"publisher":"ACM","license":[{"start":{"date-parts":[[2010,10,8]],"date-time":"2010-10-08T00:00:00Z","timestamp":1286496000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2010,10,8]]},"DOI":"10.1145\/1866835.1866850","type":"proceedings-article","created":{"date-parts":[[2010,10,12]],"date-time":"2010-10-12T15:38:31Z","timestamp":1286897911000},"page":"77-86","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":61,"title":["Towards incident handling in the cloud"],"prefix":"10.1145","author":[{"given":"Bernd","family":"Grobauer","sequence":"first","affiliation":[{"name":"Siemens CERT, Munich, Germany"}]},{"given":"Thomas","family":"Schreck","sequence":"additional","affiliation":[{"name":"Siemens CERT, Munich, Germany"}]}],"member":"320","published-online":{"date-parts":[[2010,10,8]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"]]W. H. Baker A. Hutton C. D. Hylender C. Novak C. Porter B. Sartin P. Tippett and J. A. Valentine. Verizon 2009 Data Breach Investigations Report 2009.  ]]W. H. Baker A. Hutton C. D. Hylender C. Novak C. Porter B. Sartin P. Tippett and J. A. Valentine. Verizon 2009 Data Breach Investigations Report 2009."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"crossref","unstructured":"]]D. Brezinski and T. Killalea. Guidelines for Evidence Collection and Archiving. RFC 3227 (Best Current Practice) Feb. 2002.   ]]D. Brezinski and T. Killalea. Guidelines for Evidence Collection and Archiving. RFC 3227 (Best Current Practice) Feb. 2002.","DOI":"10.17487\/rfc3227"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"crossref","unstructured":"]]N. Brownlee and E. Guttman. Expectations for Computer Security Incident Response. RFC 2350 (Best Current Practice) June 1998.   ]]N. Brownlee and E. Guttman. Expectations for Computer Security Incident Response. RFC 2350 (Best Current Practice) June 1998.","DOI":"10.17487\/rfc2350"},{"key":"e_1_3_2_1_4_1","volume-title":"22nd Annual FIRST Conference","author":"Bryan Casper R. M.","year":"2010"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1655008.1655022"},{"key":"e_1_3_2_1_7_1","unstructured":"]]Cloud Security Alliance. Trusted Cloud Initiative. http:\/\/www.cloudsecurityalliance.org\/trustedcloud.html.  ]]Cloud Security Alliance. Trusted Cloud Initiative. http:\/\/www.cloudsecurityalliance.org\/trustedcloud.html."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"crossref","unstructured":"]]D. Crocker. Mailbox Names for Common Services Roles and Functions. RFC 2142 (Proposed Standard) May 1997.   ]]D. Crocker. Mailbox Names for Common Services Roles and Functions. RFC 2142 (Proposed Standard) May 1997.","DOI":"10.17487\/rfc2142"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"crossref","unstructured":"]]R. Danyliw J. Meijer and Y. Demchenko. The Incident Object Description Exchange Format. RFC 5070 (Proposed Standard) Dec. 2007.  ]]R. Danyliw J. Meijer and Y. Demchenko. The Incident Object Description Exchange Format. RFC 5070 (Proposed Standard) Dec. 2007.","DOI":"10.17487\/rfc5070"},{"key":"e_1_3_2_1_10_1","volume-title":"The 7th International Conference on Informatics and Systems (INFOS). IEEE Computer Society","author":"Dawoud W.","year":"2010"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"crossref","unstructured":"]]H. Debar D. Curry and B. Feinstein. The Intrusion Detection Message Exchange Format (IDMEF). RFC 4765 (Experimental) Mar. 2007.  ]]H. Debar D. Curry and B. Feinstein. The Intrusion Detection Message Exchange Format (IDMEF). RFC 4765 (Experimental) Mar. 2007.","DOI":"10.17487\/rfc4765"},{"key":"e_1_3_2_1_12_1","unstructured":"]]ENISA. Cloud computing information assurance framework - ENISA. http:\/\/www.enisa.europa.eu\/act\/rm\/files\/deliverables\/cloud-computing-information-assurance-framework.  ]]ENISA. Cloud computing information assurance framework - ENISA. http:\/\/www.enisa.europa.eu\/act\/rm\/files\/deliverables\/cloud-computing-information-assurance-framework."},{"key":"e_1_3_2_1_13_1","unstructured":"]]T. Grance K. Kent and B. Kim. NIST SP800-61 computer security incident handling guide.  ]]T. Grance K. Kent and B. Kim. NIST SP800-61 computer security incident handling guide."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2010.115"},{"key":"e_1_3_2_1_15_1","unstructured":"]]Honeynet Project & Research Alliance. Honeywall CDROM Roo Aug. 2005. http:\/\/www.honeynet.org.  ]]Honeynet Project & Research Alliance. Honeywall CDROM Roo Aug. 2005. http:\/\/www.honeynet.org."},{"key":"e_1_3_2_1_16_1","unstructured":"]]International Organization for Standardization Geneva Switzerland. ISO\/IEC 27002:2005 Information technology - Security techniques - Code of practice for information security management 2005.  ]]International Organization for Standardization Geneva Switzerland. ISO\/IEC 27002:2005 Information technology - Security techniques - Code of practice for information security management 2005."},{"key":"e_1_3_2_1_17_1","unstructured":"]]IT Governance Institute Rolling Meadows Illinois USA. CobiT 4.1 2007.   ]]IT Governance Institute Rolling Meadows Illinois USA. CobiT 4.1 2007."},{"key":"e_1_3_2_1_18_1","unstructured":"]]A. Khajeh-Hosseini I. Sommerville and I. Sriram. Research challenges for enterprise cloud computing. CoRR abs\/1001.3257 2010.  ]]A. Khajeh-Hosseini I. Sommerville and I. Sriram. Research challenges for enterprise cloud computing. CoRR abs\/1001.3257 2010."},{"key":"e_1_3_2_1_19_1","unstructured":"]]P. Mell and T. Grance. Draft NIST working definition of cloud computing Aug. 2009.  ]]P. Mell and T. Grance. Draft NIST working definition of cloud computing Aug. 2009."},{"key":"e_1_3_2_1_20_1","unstructured":"]]Microsoft. Computer Online Forensic Evidence Extractor (COFEE). http:\/\/www.microsoft.com\/industry\/government\/solutions\/cofee\/default.aspx.  ]]Microsoft. Computer Online Forensic Evidence Extractor (COFEE). http:\/\/www.microsoft.com\/industry\/government\/solutions\/cofee\/default.aspx."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.10"},{"key":"e_1_3_2_1_22_1","unstructured":"]]PCI Security Standards Council. Payment Card Industry (PCI) Data Security Standard v1.2.1 July 2009.  ]]PCI Security Standards Council. Payment Card Industry (PCI) Data Security Standard v1.2.1 July 2009."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653687"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/DASC.2009.94"},{"key":"e_1_3_2_1_25_1","volume-title":"22nd Annual FIRST Conference","author":"Rounsavall R.","year":"2010"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-007-0070-0"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2006.06.010"},{"key":"e_1_3_2_1_28_1","unstructured":"]]The CEE Board. Common event expression 2008. http:\/\/cee.mitre.org\/docs\/Common_Event_Expression_White_Paper_June_2008.pdf.  ]]The CEE Board. Common event expression 2008. http:\/\/cee.mitre.org\/docs\/Common_Event_Expression_White_Paper_June_2008.pdf."},{"key":"e_1_3_2_1_29_1","unstructured":"]]The Open Group. Distributed audit service (XDAS) - preliminary specification Jan. 1997. http:\/\/www.opengroup.org\/bookstore\/catalog\/p441.htm.  ]]The Open Group. Distributed audit service (XDAS) - preliminary specification Jan. 1997. http:\/\/www.opengroup.org\/bookstore\/catalog\/p441.htm."}],"event":{"name":"CCS '10: 17th ACM Conference on Computer and Communications Security 2010","location":"Chicago Illinois USA","acronym":"CCS '10","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2010 ACM workshop on Cloud computing security workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1866835.1866850","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1866835.1866850","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T10:52:59Z","timestamp":1750243979000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1866835.1866850"}},"subtitle":["challenges and approaches"],"short-title":[],"issued":{"date-parts":[[2010,10,8]]},"references-count":28,"alternative-id":["10.1145\/1866835.1866850","10.1145\/1866835"],"URL":"https:\/\/doi.org\/10.1145\/1866835.1866850","relation":{},"subject":[],"published":{"date-parts":[[2010,10,8]]},"assertion":[{"value":"2010-10-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}