Using Risk Patterns to Identify Violations of Data Protection Policies in Cloud Systems

“…A risk pattern is a sub-structure of a cloud system configuration, which threatens the protection of sensitive data and therefore has to be avoided [26]. A risk pattern can typically be divided into three parts (see Fig.…”

“…From a graph-theoretic point of view, a risk pattern defines a path from an attacker to the sensitive data (the path through which the attacker may be able to access the data), plus an additional path between the same two vertices encoding that the data belong to a data subject who does not trust the attacker. This means that instead of a general graph pattern matching problem as suggested in [26], only subgraphs of very limited structure (cycle graphs) must be searched for in the cloud model, which may require significantly less computation.…”

“…To identify and mitigate data protection risks in complex and dynamic cloud systems, we have introduced the concept of risk patterns in our earlier work [26]. That approach was based on two types of artefacts:…”

“…Our previous work [26,17] evaluated the risk pattern approach using two example risk patterns. The evaluation showed that, if the relevant data protection vulnerabilities are captured in the form of risk patterns, then these risk patterns can indeed be used to detect and mitigate the data protection risks during deployment and at run time.…”

Modeling Data Protection Vulnerabilities of Cloud Systems Using Risk Patterns

“…A risk pattern is a sub-structure of a cloud system configuration, which threatens the protection of sensitive data and therefore has to be avoided [26]. A risk pattern can typically be divided into three parts (see Fig.…”

“…From a graph-theoretic point of view, a risk pattern defines a path from an attacker to the sensitive data (the path through which the attacker may be able to access the data), plus an additional path between the same two vertices encoding that the data belong to a data subject who does not trust the attacker. This means that instead of a general graph pattern matching problem as suggested in [26], only subgraphs of very limited structure (cycle graphs) must be searched for in the cloud model, which may require significantly less computation.…”

“…To identify and mitigate data protection risks in complex and dynamic cloud systems, we have introduced the concept of risk patterns in our earlier work [26]. That approach was based on two types of artefacts:…”

“…Our previous work [26,17] evaluated the risk pattern approach using two example risk patterns. The evaluation showed that, if the relevant data protection vulnerabilities are captured in the form of risk patterns, then these risk patterns can indeed be used to detect and mitigate the data protection risks during deployment and at run time.…”

Modeling Data Protection Vulnerabilities of Cloud Systems Using Risk Patterns

“…To make sound adaptation decisions at run time, one needs a model of the system, its requirements and environment. The model must be available at run time to enable online reasoning, hence it is called model@runtime [4]. Data protection concerns relate to all layers of the cloud stack, including secure hardware capabilities, co-location of different tenants on the same server, encryption of communication between application components, and data anonymization.…”

Secure Data Processing in the Cloud

Secure Apps in the Fog: Anything to Declare?