Modelling secure cloud computing systems from a security requirements perspective

Shaun Shei, Christos Kalloniatis, Haralambos Mouratidis, Aidan Delaney

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

Abstract

This paper presents a cloud modelling language for defining essential cloud properties, enabling the modelling and reasoning about security issues in cloud environments from a requirements engineering perspective. The relationship between cloud computing and security aspects are described through a meta-model, aligning concepts from cloud computing and security requirements engineering. The central concept of the proposed approach is built around cloud services, where the propagation of relationships from a social perspective, abstract software processes and the foundational infrastructure layer are captured. The proposed concepts are applied on a running example throughout the paper to demonstrate how developers are able to capture and model cloud concepts across multiple conceptual layers, facilitating the understanding of cloud security requirements and the design of security-embedded cloud systems to realise organisational needs.

Original languageEnglish
Title of host publicationTrust, Privacy and Security in Digital Business - 13th International Conference, TrustBus 2016, Proceedings
PublisherSpringer-Verlag
Pages48-62
Number of pages15
ISBN (Print)9783319443409
DOIs
Publication statusPublished - 6 Aug 2016
Event13th International Conference on Trust, Privacy and Security in Digital Business, TrustBus 2016 - Porto, Portugal
Duration: 7 Sep 20167 Sep 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9830 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference13th International Conference on Trust, Privacy and Security in Digital Business, TrustBus 2016
CountryPortugal
CityPorto
Period7/09/167/09/16

Fingerprint

Requirements engineering
Cloud computing
Cloud Computing
Requirements
Modeling
Requirements Engineering
Cloud Model
Software Process
Modeling Language
Metamodel
Infrastructure
Reasoning
Propagation
Concepts
Demonstrate
Modeling languages

Bibliographical note

This is a post-peer-review, pre-copyedit version of an article published in Lecture Notes in Computer Science. The final authenticated version is available online at: http://dx.doi.org/10.1007/978-3-319-44341-6_4

Keywords

  • Cloud computing
  • Cloud security
  • Cloud security requirements
  • Modelling language
  • Security requirements engineering

Cite this

Shei, S., Kalloniatis, C., Mouratidis, H., & Delaney, A. (2016). Modelling secure cloud computing systems from a security requirements perspective. In Trust, Privacy and Security in Digital Business - 13th International Conference, TrustBus 2016, Proceedings (pp. 48-62). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9830 LNCS). Springer-Verlag. https://doi.org/10.1007/978-3-319-44341-6_4
Shei, Shaun ; Kalloniatis, Christos ; Mouratidis, Haralambos ; Delaney, Aidan. / Modelling secure cloud computing systems from a security requirements perspective. Trust, Privacy and Security in Digital Business - 13th International Conference, TrustBus 2016, Proceedings. Springer-Verlag, 2016. pp. 48-62 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{e43c2bbdd2394df285b9a16c55a5a25f,
title = "Modelling secure cloud computing systems from a security requirements perspective",
abstract = "This paper presents a cloud modelling language for defining essential cloud properties, enabling the modelling and reasoning about security issues in cloud environments from a requirements engineering perspective. The relationship between cloud computing and security aspects are described through a meta-model, aligning concepts from cloud computing and security requirements engineering. The central concept of the proposed approach is built around cloud services, where the propagation of relationships from a social perspective, abstract software processes and the foundational infrastructure layer are captured. The proposed concepts are applied on a running example throughout the paper to demonstrate how developers are able to capture and model cloud concepts across multiple conceptual layers, facilitating the understanding of cloud security requirements and the design of security-embedded cloud systems to realise organisational needs.",
keywords = "Cloud computing, Cloud security, Cloud security requirements, Modelling language, Security requirements engineering",
author = "Shaun Shei and Christos Kalloniatis and Haralambos Mouratidis and Aidan Delaney",
note = "This is a post-peer-review, pre-copyedit version of an article published in Lecture Notes in Computer Science. The final authenticated version is available online at: http://dx.doi.org/10.1007/978-3-319-44341-6_4",
year = "2016",
month = "8",
day = "6",
doi = "10.1007/978-3-319-44341-6_4",
language = "English",
isbn = "9783319443409",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer-Verlag",
pages = "48--62",
booktitle = "Trust, Privacy and Security in Digital Business - 13th International Conference, TrustBus 2016, Proceedings",

}

Shei, S, Kalloniatis, C, Mouratidis, H & Delaney, A 2016, Modelling secure cloud computing systems from a security requirements perspective. in Trust, Privacy and Security in Digital Business - 13th International Conference, TrustBus 2016, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9830 LNCS, Springer-Verlag, pp. 48-62, 13th International Conference on Trust, Privacy and Security in Digital Business, TrustBus 2016, Porto, Portugal, 7/09/16. https://doi.org/10.1007/978-3-319-44341-6_4

Modelling secure cloud computing systems from a security requirements perspective. / Shei, Shaun; Kalloniatis, Christos; Mouratidis, Haralambos; Delaney, Aidan.

Trust, Privacy and Security in Digital Business - 13th International Conference, TrustBus 2016, Proceedings. Springer-Verlag, 2016. p. 48-62 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9830 LNCS).

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

TY - GEN

T1 - Modelling secure cloud computing systems from a security requirements perspective

AU - Shei, Shaun

AU - Kalloniatis, Christos

AU - Mouratidis, Haralambos

AU - Delaney, Aidan

N1 - This is a post-peer-review, pre-copyedit version of an article published in Lecture Notes in Computer Science. The final authenticated version is available online at: http://dx.doi.org/10.1007/978-3-319-44341-6_4

PY - 2016/8/6

Y1 - 2016/8/6

N2 - This paper presents a cloud modelling language for defining essential cloud properties, enabling the modelling and reasoning about security issues in cloud environments from a requirements engineering perspective. The relationship between cloud computing and security aspects are described through a meta-model, aligning concepts from cloud computing and security requirements engineering. The central concept of the proposed approach is built around cloud services, where the propagation of relationships from a social perspective, abstract software processes and the foundational infrastructure layer are captured. The proposed concepts are applied on a running example throughout the paper to demonstrate how developers are able to capture and model cloud concepts across multiple conceptual layers, facilitating the understanding of cloud security requirements and the design of security-embedded cloud systems to realise organisational needs.

AB - This paper presents a cloud modelling language for defining essential cloud properties, enabling the modelling and reasoning about security issues in cloud environments from a requirements engineering perspective. The relationship between cloud computing and security aspects are described through a meta-model, aligning concepts from cloud computing and security requirements engineering. The central concept of the proposed approach is built around cloud services, where the propagation of relationships from a social perspective, abstract software processes and the foundational infrastructure layer are captured. The proposed concepts are applied on a running example throughout the paper to demonstrate how developers are able to capture and model cloud concepts across multiple conceptual layers, facilitating the understanding of cloud security requirements and the design of security-embedded cloud systems to realise organisational needs.

KW - Cloud computing

KW - Cloud security

KW - Cloud security requirements

KW - Modelling language

KW - Security requirements engineering

UR - http://www.scopus.com/inward/record.url?scp=84981165442&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-44341-6_4

DO - 10.1007/978-3-319-44341-6_4

M3 - Conference contribution with ISSN or ISBN

AN - SCOPUS:84981165442

SN - 9783319443409

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 48

EP - 62

BT - Trust, Privacy and Security in Digital Business - 13th International Conference, TrustBus 2016, Proceedings

PB - Springer-Verlag

ER -

Shei S, Kalloniatis C, Mouratidis H, Delaney A. Modelling secure cloud computing systems from a security requirements perspective. In Trust, Privacy and Security in Digital Business - 13th International Conference, TrustBus 2016, Proceedings. Springer-Verlag. 2016. p. 48-62. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-44341-6_4