A security requirements modelling language to secure cloud computing environments

Shaun Shei, Haralambos Mouratidis, Aidan Delaney

    Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBNpeer-review

    Abstract

    This paper presents a cloud-enhanced modelling language for capturing and describing cloud computing environments, enabling developers to model and reason about security issues in cloud systems from a security requirements engineering perspective. Our work builds upon concepts from the Secure Tropos methodology, where in this paper we introduce novel cloud computing concepts, relationships and properties in order to carry out analysis and produce cloud security requirements. We illustrate our concepts through a case study of a cloud-based career office system from the University of the Aegean. Finally we discuss how our cloud modelling language enriches cloud models with security concepts, guiding developers of cloud systems in understanding cloud vulnerabilities and mitigation strategies through semi-automated security analysis.

    Original languageEnglish
    Title of host publicationEnterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings
    PublisherSpringer-Verlag
    Pages337-345
    Number of pages9
    ISBN (Print)9783319594651
    DOIs
    Publication statusPublished - 17 May 2017
    Event18th International Conference on Business Process Modeling, Development and Support, BPMDS 2017 and 22nd International Conference on Evaluation and Modeling Methods for Systems Analysis and Development, EMMSAD 2017 held at Conference on Advanced Information Systems Engineering, CAiSE 2017 - Essen, Germany
    Duration: 12 Jun 201713 Jun 2017

    Publication series

    NameLecture Notes in Business Information Processing
    Volume287
    ISSN (Print)1865-1348

    Conference

    Conference18th International Conference on Business Process Modeling, Development and Support, BPMDS 2017 and 22nd International Conference on Evaluation and Modeling Methods for Systems Analysis and Development, EMMSAD 2017 held at Conference on Advanced Information Systems Engineering, CAiSE 2017
    Country/TerritoryGermany
    CityEssen
    Period12/06/1713/06/17

    Bibliographical note

    The final authenticated version is
    available online at https://doi.org/10.1007/978-3-319-59466-8_21

    Keywords

    • Cloud
    • Cloud security requirements
    • Meta-model
    • modelling language
    • Security requirements engineering

    Fingerprint

    Dive into the research topics of 'A security requirements modelling language to secure cloud computing environments'. Together they form a unique fingerprint.

    Cite this