Cybersecurity Collaboratory2013-2018Cyberspace Threat Identification, Analysis and Proactive Response |
---|
Adapting the Model Driven Security strategy to generate contextual security policy for multi-cloud systems (W.F. Ouedraogo, Frédérique Biennier, Parisa Ghodous)
The development of web 2.0 increases the call for agile and simple Business Process (BP) support. Service Oriented Architecture (SOA) provides companies a new model to build their Information Technology (IT) applications to support their business processes and to combine them dynamically with the services of partner companies so that collaborative BP can be easily set up. On the other hand cloud computing offers new business models and deployment opportunities to support adaptive and scalable execution environment. However, while composing the collaborative business processes, each partner's own security requirements must be fulfilled. This involves taking into account both partners' own security policies and security requirements related to the collaborative process hosting platforms. To achieve this goal, paying attention on the dynamic and agility requirements related to the collaborative BP composition, we propose to study the definition of security policies coupling Model Driven Security and Pattern based engineering approach to generate and deploy convenient security policies and protection means depending on the (may be untrusted) runtime environment. To this end, we propose a set of security patterns which meet the business and platform related security needs to set the security policies. The selection and the implementation of these security policies will be achieved thank to context-based patterns. Simple to understand by non-specialists, these patterns will be used by the model transformation process to generate these policies in a Model@Runtime strategy so that security services will be selected and orchestrated at runtime to provide a constant quality of protection (independent of the deployment).
Wendpanga Francis OUEDRAOGO is a PhD student at LIRIS (Laboratory of Computer Graphics, Images and Information Systems), INSA of Lyon, France. He received a professional-oriented MSc degree on Information System Security Management from Poitiers University (France) in 2009 and a research-oriented MSc. Degree in the field of Computer Sciences, specialized in "Information system and web", from University Claude Bernard - LYON1 in 2010. His main research interests are related to Business Process, Risk Analysis, Security and Privacy in Cloud Computing (XaaS).