A security requirements modelling language to secure cloud computing environments

Shaun Shei, Haralambos Mouratidis, Aidan Delaney

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

Abstract

This paper presents a cloud-enhanced modelling language for capturing and describing cloud computing environments, enabling developers to model and reason about security issues in cloud systems from a security requirements engineering perspective. Our work builds upon concepts from the Secure Tropos methodology, where in this paper we introduce novel cloud computing concepts, relationships and properties in order to carry out analysis and produce cloud security requirements. We illustrate our concepts through a case study of a cloud-based career office system from the University of the Aegean. Finally we discuss how our cloud modelling language enriches cloud models with security concepts, guiding developers of cloud systems in understanding cloud vulnerabilities and mitigation strategies through semi-automated security analysis.

Original languageEnglish
Title of host publicationEnterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings
PublisherSpringer-Verlag
Pages337-345
Number of pages9
ISBN (Print)9783319594651
DOIs
Publication statusPublished - 17 May 2017
Event18th International Conference on Business Process Modeling, Development and Support, BPMDS 2017 and 22nd International Conference on Evaluation and Modeling Methods for Systems Analysis and Development, EMMSAD 2017 held at Conference on Advanced Information Systems Engineering, CAiSE 2017 - Essen, Germany
Duration: 12 Jun 201713 Jun 2017

Publication series

NameLecture Notes in Business Information Processing
Volume287
ISSN (Print)1865-1348

Conference

Conference18th International Conference on Business Process Modeling, Development and Support, BPMDS 2017 and 22nd International Conference on Evaluation and Modeling Methods for Systems Analysis and Development, EMMSAD 2017 held at Conference on Advanced Information Systems Engineering, CAiSE 2017
CountryGermany
CityEssen
Period12/06/1713/06/17

Bibliographical note

The final authenticated version is
available online at https://doi.org/10.1007/978-3-319-59466-8_21

Keywords

  • Cloud
  • Cloud security requirements
  • Meta-model
  • modelling language
  • Security requirements engineering

Fingerprint Dive into the research topics of 'A security requirements modelling language to secure cloud computing environments'. Together they form a unique fingerprint.

  • Cite this

    Shei, S., Mouratidis, H., & Delaney, A. (2017). A security requirements modelling language to secure cloud computing environments. In Enterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings (pp. 337-345). (Lecture Notes in Business Information Processing; Vol. 287). Springer-Verlag. https://doi.org/10.1007/978-3-319-59466-8_21