Abstract
This paper presents a cloud-enhanced modelling language for capturing and describing cloud computing environments, enabling developers to model and reason about security issues in cloud systems from a security requirements engineering perspective. Our work builds upon concepts from the Secure Tropos methodology, where in this paper we introduce novel cloud computing concepts, relationships and properties in order to carry out analysis and produce cloud security requirements. We illustrate our concepts through a case study of a cloud-based career office system from the University of the Aegean. Finally we discuss how our cloud modelling language enriches cloud models with security concepts, guiding developers of cloud systems in understanding cloud vulnerabilities and mitigation strategies through semi-automated security analysis.
Original language | English |
---|---|
Title of host publication | Enterprise, Business-Process and Information Systems Modeling - 18th International Conference, BPMDS 2017, 22nd International Conference, EMMSAD 2017 Held at CAiSE 2017, Proceedings |
Publisher | Springer-Verlag |
Pages | 337-345 |
Number of pages | 9 |
ISBN (Print) | 9783319594651 |
DOIs | |
Publication status | Published - 17 May 2017 |
Event | 18th International Conference on Business Process Modeling, Development and Support, BPMDS 2017 and 22nd International Conference on Evaluation and Modeling Methods for Systems Analysis and Development, EMMSAD 2017 held at Conference on Advanced Information Systems Engineering, CAiSE 2017 - Essen, Germany Duration: 12 Jun 2017 → 13 Jun 2017 |
Publication series
Name | Lecture Notes in Business Information Processing |
---|---|
Volume | 287 |
ISSN (Print) | 1865-1348 |
Conference
Conference | 18th International Conference on Business Process Modeling, Development and Support, BPMDS 2017 and 22nd International Conference on Evaluation and Modeling Methods for Systems Analysis and Development, EMMSAD 2017 held at Conference on Advanced Information Systems Engineering, CAiSE 2017 |
---|---|
Country/Territory | Germany |
City | Essen |
Period | 12/06/17 → 13/06/17 |
Bibliographical note
The final authenticated version isavailable online at https://doi.org/10.1007/978-3-319-59466-8_21
Keywords
- Cloud
- Cloud security requirements
- Meta-model
- modelling language
- Security requirements engineering