Context-aware Security@run.time DeploymenT

Authors

Abstract

Taking advantage of the agility and interoperability provided by Service Oriented Architecture (SOA), Web 2.0 and XaaS (Anything as a Service) technologies, more and more collaborative Business Processes (BP) are set ”on demand” by selecting, composing and orchestrating different business services depending on the current need. This involves re-thinking the way information, services and applications are organized, deployed, shared and secured among multi-cloud environment. Fitting this de-perimeterized and evolving execution context requires organising the service protection in a dynamic way in order to provide an up to date and consistent protection. To fit this goal, we propose to integrate the different protection requirements defined according to the business environment in a single security policy. Then we plug a context-aware security deployment architecture on the cloud service middleware to analyse both the security policy and the execution context to select, compose and orchestrate the convenient protection means. A proof of concept built on Frascati middleware is used to evaluate the impact of this ”on-line” security mediation.

Conference

CLOSER 2015 - Proceedings of the 5th International Conference on Cloud Computing and Services Science 2015