Optimizing Service Protection with Model ...
Document type :
Communication dans un congrès avec actes
Title :
Optimizing Service Protection with Model Driven Security@run.time
Author(s) :
Wendpanga, Francis [Auteur]
Service Oriented Computing [SOC]
Biennier, Frédérique [Auteur]
Service Oriented Computing [SOC]
Merle, Philippe [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Service Oriented Computing [SOC]
Biennier, Frédérique [Auteur]
Service Oriented Computing [SOC]
Merle, Philippe [Auteur]

Self-adaptation for distributed services and large software systems [SPIRALS]
Conference title :
9th International IEEE Symposium on Service-Oriented System Engineering - IEEE SOSE 2015
City :
Redwood City
Country :
Etats-Unis d'Amérique
Start date of the conference :
2015-03-30
English keyword(s) :
MDS@run.time
Model Driven Security (MDS)
Service Oriented Architecture
Model Driven Security (MDS)
Service Oriented Architecture
HAL domain(s) :
Informatique [cs]/Calcul parallèle, distribué et partagé [cs.DC]
Informatique [cs]
Informatique [cs]/Génie logiciel [cs.SE]
Informatique [cs]/Recherche d'information [cs.IR]
Informatique [cs]
Informatique [cs]/Génie logiciel [cs.SE]
Informatique [cs]/Recherche d'information [cs.IR]
English abstract : [en]
Enterprises are more and more involved in collabo-rative business. This leads to open and outsourcing all or part of their information system (IS) to create collaborative processes by composing business services picked in ...
Show more >Enterprises are more and more involved in collabo-rative business. This leads to open and outsourcing all or part of their information system (IS) to create collaborative processes by composing business services picked in each partner IS and to take advantage of Cloud computing. Business services outsourcing and their dynamic collaboration context can bring lost of control on IS and new security risks can occur. This leads to inconsistent protec-tion allowing competitors to access to unauthorized information. To address this issue, systematic security service invocations may be added, without paying attention to the business context leading to costly over protection. To address this issue, an adaptive security service model deployment is required to provide a business service consistent protection by taking into account the collaboration context (business service data criticity, partners involved in the collaboration, etc.), and the cloud deployment and execution environment. In this paper, we propose an adaptive security model based on MDS@run.time, the marriage of Model Driven Security (MDS) and Models@run.time approaches, allow-ing to select at runtime the appropriate security components to apply. The MDS approach is used to generate security policies, which are interpreted at runtime and load appropriate security mechanisms depending on the context (which takes advantage of the Models@run.time approach) ensuring business process end to end protection. A proof of concept prototype is built on top of the OW2 FraSCAti middleware, validating our proposition efficiency. Our experiments and simulations show that MDS@run.time improves the system efficiency when the over-protection risk rate increases.Show less >
Show more >Enterprises are more and more involved in collabo-rative business. This leads to open and outsourcing all or part of their information system (IS) to create collaborative processes by composing business services picked in each partner IS and to take advantage of Cloud computing. Business services outsourcing and their dynamic collaboration context can bring lost of control on IS and new security risks can occur. This leads to inconsistent protec-tion allowing competitors to access to unauthorized information. To address this issue, systematic security service invocations may be added, without paying attention to the business context leading to costly over protection. To address this issue, an adaptive security service model deployment is required to provide a business service consistent protection by taking into account the collaboration context (business service data criticity, partners involved in the collaboration, etc.), and the cloud deployment and execution environment. In this paper, we propose an adaptive security model based on MDS@run.time, the marriage of Model Driven Security (MDS) and Models@run.time approaches, allow-ing to select at runtime the appropriate security components to apply. The MDS approach is used to generate security policies, which are interpreted at runtime and load appropriate security mechanisms depending on the context (which takes advantage of the Models@run.time approach) ensuring business process end to end protection. A proof of concept prototype is built on top of the OW2 FraSCAti middleware, validating our proposition efficiency. Our experiments and simulations show that MDS@run.time improves the system efficiency when the over-protection risk rate increases.Show less >
Language :
Anglais
Peer reviewed article :
Oui
Audience :
Internationale
Popular science :
Non
Collections :
Source :
Files
- https://hal.archives-ouvertes.fr/hal-01109967/document
- Open access
- Access the document
- https://hal.archives-ouvertes.fr/hal-01109967/document
- Open access
- Access the document
- https://hal.archives-ouvertes.fr/hal-01109967/document
- Open access
- Access the document
- document
- Open access
- Access the document
- sose.pdf
- Open access
- Access the document
- document
- Open access
- Access the document
- sose.pdf
- Open access
- Access the document