Context-aware Security@run.time Deployment

Wendpanga Francis Ouedraogo, Frederique Biennier, Catarina Ferreira Da Silva, Parisa Ghodous

2015

Abstract

Taking advantage of the agility and interoperability provided by Service Oriented Architecture (SOA), Web 2.0 and XaaS (Anything as a Service) technologies, more and more collaborative Business Processes (BP) are set ”on demand” by selecting, composing and orchestrating different business services depending on the current need. This involves re-thinking the way information, services and applications are organized, deployed, shared and secured among multi-cloud environment. Fitting this de-perimeterized and evolving execution context requires organising the service protection in a dynamic way in order to provide an up to date and consistent protection. To fit this goal, we propose to integrate the different protection requirements defined according to the business environment in a single security policy. Then we plug a context-aware security deployment architecture on the cloud service middleware to analyse both the security policy and the execution context to select, compose and orchestrate the convenient protection means. A proof of concept built on Frascati middleware is used to evaluate the impact of this ”on-line” security mediation.

References

  1. Ban, L. B., Cocchiara, R., Lovejoy, K., Telford, R., and Ernest, M. (2010). The evolving role of it managers and cios.
  2. Bartoletti, M., Degano, P., and Ferrari, G. (2005). Enforcing secure service composition. In Computer Security Foundations, 2005. CSFW-18 2005. 18th IEEE Workshop, pages 211-223.
  3. Bartoletti, M., Degano, P., and Ferrari, G. (2006). Security issues in service composition. In Gorrieri, R. and Wehrheim, H., editors, Formal Methods for Open Object-Based Distributed Systems, volume 4037 of Lecture Notes in Computer Science, pages 1-16. Springer Berlin Heidelberg.
  4. Heiser, J. and Nicolett, M. (2008). ssessing the security risks of Cloud Computing. Technical report, Gartner.
  5. Lang, U. and Schreiner, R. (2009). Model Driven Security Management: Making Security Management Manageable in Complex Distributed Systems. In Workshop on Modeling Security (MODSEC08) - International Conference on Model Driven Engineering Languages and Systems (MODELS).
  6. Lucio, L., Zhang, Q., Nguyen, P. H., Amrani, M., Klein, J., Vangheluwe, H., and Traon, Y. L. (2014). Chapter 3 - Advances in Model-Driven Security. In Memon, A., editor, Advances in Computers, volume 93, pages 103 - 152. Elsevier.
  7. Merle, P., Rouvoy, R., and Seinturier, L. (2011). A Reflective Platform for Highly Adaptive Multi-Cloud Systems. In International Workshop on Adaptive and Reflective Middleware (ARM'11) - 12th ACM/IFIP/USENIX International Middleware Conference, pages 14-21. ACM.
  8. Ouedraogo, W. F., Biennier, F., and Ghodous, P. (2013). Model driven security in multi-context. In International Journal of Electronic Business Management, volume 11 No. 3, pages 178-190.
  9. Rodríguez, A., Fernández-Medina, E., and Piattini, M. (2007). A BPMN Extension for the Modeling of Security Requirements in Business Processes. IEICE - Trans. Inf. Syst., E90-D(4):745-752.
  10. Wolter, C., Menzel, M., Schaad, A., Miseldine, P., and Meinel, C. (2009). Model-driven business process security requirement specification. Journal of Systems Architecture (JSA), pages 211-223.
Download


Paper Citation


in Harvard Style

Ouedraogo W., Biennier F., Ferreira Da Silva C. and Ghodous P. (2015). Context-aware Security@run.time Deployment . In Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-104-5, pages 276-283. DOI: 10.5220/0005442502760283


in Bibtex Style

@conference{closer15,
author={Wendpanga Francis Ouedraogo and Frederique Biennier and Catarina Ferreira Da Silva and Parisa Ghodous},
title={Context-aware Security@run.time Deployment},
booktitle={Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2015},
pages={276-283},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005442502760283},
isbn={978-989-758-104-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - Context-aware Security@run.time Deployment
SN - 978-989-758-104-5
AU - Ouedraogo W.
AU - Biennier F.
AU - Ferreira Da Silva C.
AU - Ghodous P.
PY - 2015
SP - 276
EP - 283
DO - 10.5220/0005442502760283