Addressing security compatibility for multi-tenant cloud services

This paper addresses the issue of compatibility checking between the security requirements of service clients and the security assurances provided by multi-tenant cloud services. To allow early detection of security mismatches, our proposed framework provides a security ontology to support flexible specification of security policies and to allow semantic matching and run-time reasoning about the compatibility between security requirements and assurances of the interacting systems in multi-tenant service-oriented systems. The paper also defines various compositional models of a client based on the requirements of specific use context and users' profile of the client for a service.

[1]  He Zheng-qiu,et al.  Semantic Security Policy for Web Service , 2009, 2009 IEEE International Symposium on Parallel and Distributed Processing with Applications.

[2]  Barbara Carminati,et al.  Security Conscious Web Service Composition with Semantic Web Support , 2007, 2007 IEEE 23rd International Conference on Data Engineering Workshop.

[3]  Timothy W. Finin,et al.  Authorization and privacy for semantic Web services , 2004, IEEE Intelligent Systems.

[4]  MengChu Zhou,et al.  A Petri Net-Based Method for Compatibility Analysis and Composition of Web Services in Business Process Execution Language , 2009, IEEE Transactions on Automation Science and Engineering.

[5]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[6]  Xiaofei Xu,et al.  A feature-oriented approach to platform-specific modelling of coarse-grained components , 2012, Int. J. Comput. Appl. Technol..

[7]  Hong Liu Context-aware agents in cooperative design environment , 2010, Int. J. Comput. Appl. Technol..

[8]  Youcef Baghdadi,et al.  A methodology for web services-based SOA realisation , 2012, Int. J. Bus. Inf. Syst..

[9]  Youcef Baghdadi,et al.  A survey on approaches to identify and develop web-enabled services with respect to service-orientation paradigm and SOA: towards a value-oriented approach , 2012, Int. J. Comput. Appl. Technol..

[10]  Zhan Li,et al.  A schema for ontology-based concept definition and identification , 2010, Int. J. Comput. Appl. Technol..

[11]  Jun Han,et al.  ICAF: A Context-Aware Framework for Access Control , 2012, ACISP.

[12]  Khaled M. Khan,et al.  A security characterisation framework for trustworthy component based software systems , 2003, Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003.

[13]  Xiao Jing,et al.  A Process Algebra Approach for the Compatibility Analysis of Web Services , 2008, 2008 Second International Conference on Future Generation Communication and Networking.

[14]  Gerhard Weikum,et al.  Social Wisdom for Search and Recommendation , 2008, IEEE Data Eng. Bull..

[15]  Timothy W. Finin,et al.  Security for DAML Web Services: Annotation and Matchmaking , 2003, SEMWEB.

[16]  Jun Han,et al.  Modeling security importance and preferences of software services , 2012, 2012 IEEE International Conference on Computer Science and Automation Engineering.

[17]  Myong H. Kang,et al.  Security Ontology for Annotating Resources , 2005, OTM Conferences.

[18]  Sebastian Speiser Semantic Annotations for WS-Policy , 2010, 2010 IEEE International Conference on Web Services.

[19]  Jan Trobitius,et al.  Anwendung der "Common Criteria for Information Technology Security Evaluation" (CC) / ISO 15408 auf ein SOA Registry-Repository , 2007, Informatiktage.

[20]  Sebastian Speiser Policy of Composition ? Composition of Policies , 2011, 2011 IEEE International Symposium on Policies for Distributed Systems and Networks.

[21]  Khaled M. Khan,et al.  Assessing security properties of software components: a software engineer's perspective , 2006, Australian Software Engineering Conference (ASWEC'06).

[22]  Jun Han,et al.  Security oriented service composition: A framework , 2012, 2012 International Conference on Innovations in Information Technology (IIT).

[23]  Youcef Baghdadi,et al.  An architecture and a method for web services design: towards the realisation of service-oriented computing , 2006, Int. J. Web Grid Serv..