Cloud-based architectures, services and resources are growing up in complexity day by day. Composition and Orchestration deal with the problem of creating complex services promoting reuse and optimal allocation of resources but many security issues arise complicating the work of designers. Even if any composing elements in a composition meets security requirements, the composite service may not. In order to reduce design and developing complexity, Big Vendors and scientific literature promote Composition by Patterns. In this work we present a Model Driven Engineering methodology that addresses validation and verification of security requirements by using formal methods and model transformation algorithms. We show how our model driven approach enables the specification of requirements at design phase and how it allows for verification of security requirements. © 2018 Elsevier Ltd
Model driven design and evaluation of security level in orchestrated cloud services / Amato, Flora; Mazzocca, Nicola; Moscato, Francesco. - In: JOURNAL OF NETWORK AND COMPUTER APPLICATIONS. - ISSN 1084-8045. - 106:(2018), pp. 78-89. [10.1016/j.jnca.2017.12.006]
Model driven design and evaluation of security level in orchestrated cloud services
Amato Flora
Writing – Original Draft Preparation
;Nicola MazzoccaWriting – Original Draft Preparation
;Francesco MoscatoWriting – Original Draft Preparation
2018
Abstract
Cloud-based architectures, services and resources are growing up in complexity day by day. Composition and Orchestration deal with the problem of creating complex services promoting reuse and optimal allocation of resources but many security issues arise complicating the work of designers. Even if any composing elements in a composition meets security requirements, the composite service may not. In order to reduce design and developing complexity, Big Vendors and scientific literature promote Composition by Patterns. In this work we present a Model Driven Engineering methodology that addresses validation and verification of security requirements by using formal methods and model transformation algorithms. We show how our model driven approach enables the specification of requirements at design phase and how it allows for verification of security requirements. © 2018 Elsevier Ltd| File | Dimensione | Formato | |
|---|---|---|---|
|
R2.pdf
solo utenti autorizzati
Tipologia:
Documento in Post-print
Licenza:
Accesso privato/ristretto
Dimensione
3.13 MB
Formato
Adobe PDF
|
3.13 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
