Partitioning and Cloud Deployment of Composite Web Services under Security Constraints

Goettelmann, Elio; Fdhila, Walid; Godart, Claude

doi:10.1109/ic2e.2013.22

Cited by 29 publications

(21 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This will mainly consist in experimenting our approach on real use cases. Another point is the lack of automation of our methodology, which is currently addressed by extending the prototype developed in [11]: in addition to fragmenting processes and deploying them on clouds, it will conduct automated risk assessments and transform the structure to enhance security.…”

Section: Discussionmentioning

confidence: 99%

“…As each activity of the process may not have the same security or functional requirements, it can be interesting to have a more heterogeneous deployment configuration in order to decrease costs or increase the Quality of Service. A contribution to such problems can be found in our previous work [11]. d) Security control implementation: (Fig.5.6).…”

Section: B Methodologymentioning

confidence: 97%

“…In previous works [11], we already considered security aspects before deploying processes on multiple cloud environments, but without methodological considerations. A first study in this sense was presented in [12].…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Integrating Security Risk Management into Business Process Management for the Cloud

Goettelmann

Mayer²,

Godart

2014

2014 IEEE 16th Conference on Business Informatics

View full text Add to dashboard Cite

Security issues are still preventing wider adoption of cloud computing, especially for businesses which are handling sensitive information. Indeed, by outsourcing its information system (IS), a company can lose control over its infrastructure, its software or even its data. Therefore, new methods and tools need to be defined to respond to this challenge. In this paper we propose to integrate Security Risk Management approaches into Business Process Management to effectively treat security issues at the early phases of the Information System construction. We focus on cloud brokers, emerging actors of the cloud delivery model, who enhance and aggregate existing cloud services to match them with their cloud consumers' requirements. Our main goal is to provide them with tools and techniques to increase the global security level of an IS through different risk treatment strategies.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: B Methodologymentioning

confidence: 97%

See 1 more Smart Citation

Integrating Security Risk Management into Business Process Management for the Cloud

Goettelmann

Mayer²,

Godart

2014

2014 IEEE 16th Conference on Business Informatics

View full text Add to dashboard Cite

show abstract

“…[10] describes a method of partitioning workflow over clouds. It incorporates the security constraints of [1], and adds others (e.g.…”

Section: Related Workmentioning

confidence: 99%

Multi-level Security for Deploying Distributed Applications on Clouds, Devices and Things

Watson

Little

2014

2014 IEEE 6th International Conference on Cloud Computing Technology and Science

View full text Add to dashboard Cite

The deployment of the components of distributed systems is now often very dynamic -server-side components are virtualised so they can be dynamically deployed on a range of platforms including public and private clouds, while users expect to be able to install clients on devices from phones to tablets. This can introduce security problems that place data at risk. This paper describes a new method for modeling the security of a distributed application and generating the set of possible deployment options that meet the overall security requirements. The model encompasses the entities that influence the security of a distributed system: data, services networks and platforms (e.g. clouds, devices and "things"). The paper describes the method and how it can be used to answer a range of security questions, using a set of case studies including federated clouds, network roaming and "Bring Your Own Devices" (BYOD). AbstractThe deployment of the components of distributed systems is now often very dynamic -server-side components are virtualised so they can be dynamically deployed on a range of platforms including public and private clouds, while users expect to be able to install clients on devices from phones to tablets. This can introduce security problems that place data at risk. This paper describes a new method for modeling the security of a distributed application and generating the set of possible deployment options that meet the overall security requirements. The model encompasses the entities that influence the security of a distributed system: data, services networks and platforms (e.g. clouds, devices and "things"). The paper describes the method and how it can be used to answer a range of security questions, using a set of case studies including federated clouds, network roaming and "Bring Your Own Devices" (BYOD). Abstract-The deployment of the components of distributed systems is now often very dynamic -server-side components are virtualised so they can be dynamically deployed on a range of platforms including public and private clouds, while users expect to be able to install clients on devices from phones to tablets. This can introduce security problems that place data at risk. This paper describes a new method for modeling the security of a distributed application and generating the set of possible deployment options that meet the overall security requirements. The model encompasses the entities that influence the security of a distributed system: data, services networks and platforms (e.g. clouds, devices and "things"). The paper describes the method and how it can be used to answer a range of security questions, using a set of case studies including federated clouds, network roaming and "Bring Your Own Devices" (BYOD). About the authors Suggested keywords

show abstract

“…Answering this question depends on how to manage issues related to confidentiality and trust relationships [30]. Software designers can deploy software components on different clouds by: (1) partitioning software activities over different clouds according to the required level of security for each activity [12], (2) applying software product lines technology [11] or feature modeling [10], (3) considering constraints related to data placement [17,28], or (4) considering cost and performance issues [4,13]. However, it is a challenging task to manage the tradeoff between conflicting operational characteristics -such as performance and security -while assigning part of the software to a private cloud and another part to a public cloud.…”

Section: Introductionmentioning

confidence: 99%

Towards Efficient Software Deployment in the Cloud Using Requirements Decomposition

Alkhalid

Lung

Ajila

2013

2013 IEEE 5th International Conference on Cloud Computing Technology and Science

View full text Add to dashboard Cite

The major advancement in distributed and High Performance Computing (HPC) systems is the development and evolution of clouds, applications that operate these clouds, and services provided by them. Cloud computing applications are expected to facilitate running complex systems on data centers containing storage and computing units in the range of tens to hundreds of thousands of devices. Meeting the needs of cloud computing systems makes the software deployment process a challenging task. The challenge comes from difficulty in managing the tradeoffs over various dimensions, such as interaction, performance, and security while making deployment decisions. Making deployment decisions exceeds human capability in light of huge increase in computation/storage units in the clouds and software systems running on these clouds. Therefore, autonomic approaches to assist software designers in making the software deployment decisions are important. In this paper, we propose an approach based on clustering techniques for deploying software components on the cloud using requirements decomposition. The paper also demonstrates a validation study of the proposed approach with a case study.

show abstract

Partitioning and Cloud Deployment of Composite Web Services under Security Constraints

Cited by 29 publications

References 17 publications

Integrating Security Risk Management into Business Process Management for the Cloud

Integrating Security Risk Management into Business Process Management for the Cloud

Multi-level Security for Deploying Distributed Applications on Clouds, Devices and Things

Towards Efficient Software Deployment in the Cloud Using Requirements Decomposition

Contact Info

Product

Resources

About