Publications in Scientific Journals:
J. Ullrich, J. Cropper, P. Frühwirt, E. Weippl:
"The and security of firewalls in cyber-physical cloud computing";
EURASIP Journal on Information Security,
Clouds are here to stay, and the same holds for cyber-physical systems-not to forget their combination. In light of
these changing paradigms, it is of utter importance to reconsider security as both introduce new challenges.
Overcoming the concept of zoned networks, clouds make former internal traffic traveling the Internet. Cyber-physical
systems include physical parts into computing and make them potential targets for cyber attacks-a dare as a high
number of physical parts have originally been developed to be stand-alone. Cyber-physical cloud computing
reinforces the need for a thoughtful security concept. Firewalls are among the basic building blocks in network
security and are offered by various cloud providers; however, the question on their quality of protection arises. In this
paper, we assess firewall offers of five major cloud providers with respect to cyber-physical system integration.
Therefore, we study their default configuration, configuration capabilities, documentation, and filtering behavior. We
developed an extendible firewall monitoring tool that enables customers to probe their providerīs filtering behavior-
an information of interest for risk management or further security consideration. Re-assessing filtering behavior, we
found that all offered firewalls have evolved over a time period of more than a year: Configuration possibilities have
been enhanced, more illegitimate packets are filtered now, and stateful behavior was discovered at a certain provider.
Created from the Publication Database of the Vienna University of Technology.