Runtime Model-Based Privacy Checks of Big Data Cloud Services

Schmieders, Eric; Metzger, Andreas; Pohl, Klaus

doi:10.1007/978-3-662-48616-0_5

Cited by 10 publications

(10 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To answer question Q1, we expressed all data flow scenarios described above using our DSL (M1.1). We were able to formulate data flow constraints using our DSL for all scenarios, except for one Geolocation scenario [27]. This scenario handles personally identifiable information which prohibits selected data flow from different location to be joined together.…”

Section: Evaluation Resultsmentioning

confidence: 99%

“…Our evaluation is based on data flow constraints gathered from case studies and related work. This includes the Geolocation scenarios derived from privacy violations in cloud services [27], the ContactSMSManager and DistanceTracker case studies from iFlow [28] which were used to evaluate DDSA [4] and the SecureLinks constraint from UMLsec [13].…”

Section: B Evaluation Designmentioning

confidence: 99%

See 1 more Smart Citation

Modeling Data Flow Constraints for Design-Time Confidentiality Analyses

Hahner

Seifermann

Heinrich

et al. 2021

2021 IEEE 18th International Conference on Software Architecture Companion (ICSA-C)

View full text Add to dashboard Cite

With the increase in connectedness and the growing volume of data, ensuring confidentiality becomes increasingly critical. Data-driven analyses try to cope with this complexity by automatically verifying confidentiality at design time. However, confidentiality constraints are manifold. Thus, analyses limit the software architect's possibilities of expression or require them to use the underlying verification formalism directly. We propose a domain-specific language to enable architects to formulate data flow constraints using the terminology and abstraction of the architectural domain. We present a mapping of data flow constraints and results which is compliant to the transformation of the architecture and evaluated based on real-world scenarios.

show abstract

Section: Evaluation Resultsmentioning

confidence: 99%

Section: B Evaluation Designmentioning

confidence: 99%

Modeling Data Flow Constraints for Design-Time Confidentiality Analyses

Hahner

Seifermann

Heinrich

et al. 2021

2021 IEEE 18th International Conference on Software Architecture Companion (ICSA-C)

View full text Add to dashboard Cite

show abstract

“…With the rise of cloud computing, the run-time detection of dynamically arising threats became important. For example, Massonet et al [18] and Schmieders et al [42] propose approaches to detect emerging violations of data location restrictions in cloud systems through appropriate monitoring and analysis techniques. These approaches are limited to one specific type of threat stemming from geolocation violations, and do not mitigate the identified threats.…”

Section: Related Workmentioning

confidence: 99%

RADAR: Data Protection in Cloud-Based Computer Systems at Run Time

et al. 2021

Self Cite

View full text Add to dashboard Cite

show abstract

“…It does support access control, however, the rules specification happens on the control flow, which is more complicated than on the dataflow. R-PRIS [22] is an approach, which investigates changes during runtime, that might lead to privacy issues. Therefore a runtime model is used, which is then checked against the privacy rules.…”

Section: Related Workmentioning

confidence: 99%

Dynamic security rules for legacy systems

Al-Ali

Hnětynka

Havlik

et al. 2019

Proceedings of the 13th European Conference on Software Architecture - Volume 2

View full text Add to dashboard Cite

Industry 4.0 tries to digitalize the production process further. The digitalization is achieved by connecting different entities (machines, worker) to data-exchange, which needs to be dynamic and to adapt to different changing situations and members in the process. However, just exchanging data might lead to confidentiality issues. The data-exchange needs to be protected to secure the confidentiality and trust in the system. Therefore, security rules need to adapt to these dynamic situations. One part of a possible solution might be dynamic access control rules. However in many cases, existing "legacy" systems are reused, which can in not handle dynamic access control rules. Due to this gap between the required and provided functionality, we propose an approach, which integrates dynamic access control based on the system-context into legacy systems. Our approach uses a security adaption controller, which dynamically adapts the access control rules to a new situation and integrates them into an existing legacy system. We discussed our approach with industrial practitioners and related our approach to their existing legacy system. In addition, we performed a scalability analysis to demonstrate the applicability of our approach in a realistic environment. CCS CONCEPTS• Security and privacy → Domain-specific security and privacy architectures; • Computer systems organization → Self-organizing autonomic computing.

show abstract

Runtime Model-Based Privacy Checks of Big Data Cloud Services

Cited by 10 publications

References 15 publications

Modeling Data Flow Constraints for Design-Time Confidentiality Analyses

Modeling Data Flow Constraints for Design-Time Confidentiality Analyses

RADAR: Data Protection in Cloud-Based Computer Systems at Run Time

Dynamic security rules for legacy systems

Contact Info

Product

Resources

About