A security reference architecture for cloud systems

Security is a fundamental concern in clouds and several cloud vendors provide Security Reference Architectures (SRAs) to describe the security level of their services. A SRA is an abstract architecture without implementation details showing a conceptual model of security for a cloud system. In general, Reference Architectures (RAs) are becoming useful tools to understand and build complex systems. We propose here a Security Reference Architecture (SRA), defined using UML models and patterns, incorporating a specific approach to build secure systems. We present a metamodel and possible patterns to conceptualize the approach. We also describe some uses for this SRA, including its value for Service Level Agreements (SLAs), service certification, monitoring, and security evaluation. We show this latter use in some detail.

[1]  Eduardo B. Fernández,et al.  Securing distributed systems using patterns: A survey , 2012, Comput. Secur..

[2]  Eduardo B. Fernández,et al.  A Multi-Dimensional Classification for Users of Security Patterns , 2008, J. Res. Pract. Inf. Technol..

[3]  Ruth Breu,et al.  SeAAS - A Reference Architecture for Security Services in SOA , 2009, J. Univers. Comput. Sci..

[4]  Eduardo B. Fernández,et al.  Modeling Misuse Patterns , 2009, 2009 International Conference on Availability, Reliability and Security.

[5]  Eduardo B. Fernandez,et al.  A Methodology to Develop Secure Systems Using Patterns , 2006 .

[6]  Eduardo B. Fernández,et al.  An analysis of security issues for cloud computing , 2013, Journal of Internet Services and Applications.

[7]  Eduardo B. Fernandez,et al.  Three Misuse Patterns for Cloud Computing , 2013 .

[8]  Takuya Suzuki,et al.  Security Architectures for Cloud Computing , 2010 .

[9]  Eduardo B. Fernández,et al.  Misuse patterns for cloud computing , 2011, AsianPLoP '11.

[10]  Eduardo B. Fernandez,et al.  Security patterns in practice : designing secure architectures using software patterns , 2013 .

[11]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[12]  Eduardo B. Fernández,et al.  A Survey of Patterns for Web Services Security and Reliability Standards , 2012, Future Internet.

[13]  Eduardo Fernandez-Buglioni,et al.  Security Patterns in Practice: Designing Secure Architectures Using Software Patterns , 2013 .

[14]  A. Volokyta,et al.  Secure virtualization in cloud computing , 2012, Proceedings of International Conference on Modern Problem of Radio Engineering, Telecommunications and Computer Science.

[15]  Eduardo B. Fernández,et al.  Eliciting Security Requirements through Misuse Activities , 2008, 2008 19th International Workshop on Database and Expert Systems Applications.

[16]  Eduardo B. Fernandez,et al.  Two patterns for cloud computing: secure virtual machine image repository and cloud policy management point , 2013 .

[17]  Gerrit Muller,et al.  Researching Reference Architectures and Their Relationship with Frameworks, Methods, Techniques, and Tools , 2010 .

[18]  Eduardo B. Fernández,et al.  Engineering Security into Distributed Systems: A Survey of Methodologies , 2012, J. Univers. Comput. Sci..

[19]  Eduardo B. Fernandez,et al.  Cloud service model patterns , 2012 .

[20]  Paris Avgeriou,et al.  Describing, Instantiating and Evaluating a Reference Architecture : A Case Study , 2003 .