research-article

Towards Secure Inter-Cloud Architectures

Authors:

Oscar Encina C,

Eduardo B. Fernandez,

Raúl Monge AAuthors Info & Claims

VikingPLoP 2014: Proceedings of the 8th Nordic Conference on Pattern Languages of Programs (VikingPLoP)

Article No.: 2, Pages 1 - 10

https://doi.org/10.1145/2676680.2676688

Published: 10 April 2014 Publication History

Abstract

The research community and some commercial organizations are beginning to develop architectures, technologies, and standards to support the integration of multiple cloud systems (Inter-Clouds). In Inter-Cloud systems, security is one of the most important challenges, because of the need for dynamic sharing, federation, and collaboration across multiple clouds. Security in this type of systems relies heavily on the establishment of trust among the involved components. It can be harder to achieve security if a comprehensive and detailed architecture is not developed; the lack of a common architecture slows down the process of Inter-Cloud adoption and has a negative impact on the process of making these systems more secure. We propose to use patterns in order to achieve Secure Inter-Cloud Architectures. Patterns are tools of great value because they provide a better understanding of the functional aspects and can be complemented with security patterns to achieve a Secure Inter-cloud Architecture. In this work, a federated Inter-Cloud pattern is presented as a first step in to the process of developing a Secure Inter-cloud Reference Architecture. Threat analysis and security patterns will be added to this pattern for that purpose.

References

[1]

NIST Cloud Computing Security Working Group. NIST cloud computing security reference architecture., NIST SP 500--299 (draft), 2013 (http://www.nist.gov/itl/csd/cloud-061113.cfm)

[2]

Object constraint language (ocl). http://www.omg.org/spec/OCL/, 2013.

[3]

David Bernstein and Deepak Vij. Intercloud security considerations. In 2010 IEEE Second International Conference o Cloud Computing Technology and Science (CloudCom 2010), n, pages 537--544. 2010.

Digital Library

[4]

David Bernstein, Deepak Vij, and Stephen Diamond. An intercloud cloud computing economy-technology, governance, and market blueprints. In SRII Global Conference (SRII), 2011 Annual, Pages 293--299. IEEE, 2011.

Digital Library

[5]

Frank Buschmann. Pattern oriented software architecture: a system of patters. Ashish Raut, 1999.

Digital Library

[6]

Rajkumar Buyya, Rajiv Ranjan, and Rodrigo N Calheiros. Intercloud: Utility-oriented federation of cloud computing environments for scaling of application services. In algorithms and architectures for parallel processing, pages 13--31. Springer, 2010.

Digital Library

[7]

Rajkumar Buyya, Chee Shin Yeo, Srikumar Venugopal, James Broberg, and Ivona Brandic. Cloud computing and emerging it platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future generation computer systems, 25(6):599--616, 2009.

Digital Library

[8]

Emanuele Carlini, Massimo Coppola, Patrizio Dazzi, Laura Ricci, and Giacomo Righetti. Cloud federations in contrail. In Euro-Par 2011: Parallel Processing Workshops, pages 159--168. Springer, 2012.

Digital Library

[9]

E. B. Fernandez, R. Monge, and K. Hashizume. Building a security reference architecture. Submitted for publication, 2014.

[10]

E. B. Fernandez, M. M. Larrondo-Petrie, T. Sorgente, and M. VanHilst. A methodology to develop secure systems using patterns. In H. Mouratidis and P. Giorgini, editors, Integrating security and software engineering: Advances and future vision, pages 107--126. Idea Press, 2006.

[11]

E. B. Fernandez. Security Patterns in Practice: Designing Secure Architectures Using Software Patterns. John Wiley & Sons, 2013.

Digital Library

[12]

Nikolay Grozev and Rajkumar Buyya. Inter-cloud architectures and application brokering: taxonomy and survey. Software: Practice and Experience, 2012.

[13]

Mohammad Mehedi Hassan, Biao Song, and Eui-Nam Huh. Horizontal dynamic cloud collaboration platform: research opportunities and challenges. In proc. of the 2nd annual international conference on cloud computing and virtualization (CCV), Malaysia, 2010.

[14]

E. B. Fernandez K. Hashizume and M. M. Larrondo-Petrie. A reference architecture for cloud computing. Submitted for publication, 2014.

[15]

Gabor Kecskemeti, Michael Maurer, Ivona Brandic, Attila Kertesz, Zsolt Nemeth, and Schahram Dustdar. Facilitating self-adaptable inter-cloud management. In 20th euromicro international conference on parallel, distributed and network-based processing (PDP 2012), pages 575--582. IEEE, 2012.

Digital Library

[16]

Peter Mell and Timothy Grance. The nist definition of cloud computing (draft). NIST special publication, 800(145):7, 2011.

[17]

Patrick Morrison and Eduardo B Fernandez. Securing the broker pattern. In EuroPloP, pages 513--530, 2006.

[18]

Canh Ngo, Y. Demchenko, and C. de Laat. Toward a dynamic trust establishment approach for multi-provider intercloud environment. In IEEE 4th international conference on cloud computing technology and science (CloudCom 2012), pages 532--538, 2012.

Digital Library

[19]

Markus Schumacher, E. B. Fernandez, Duane Hybertson, Frank Buschmann, and Peter Sommerlad. Security Patterns: Integrating Security and systems engineering, volume 7. John Wiley & Sons, 2006.

Digital Library

[20]

Mukesh Singhal, Santosh Chandrasekhar, Tingjian Ge, Ravi Sandhu, Ram Krishnan, Gail-Joon Ahn, and Elisa Bertino. Collaboration in multicloud computing environments: Framework and security issues. Computer, 46(2):76--84, 2013.

Digital Library

[21]

John Vlissides, R Helm, R Johnson, and E Gamma. Design patterns: Elements of reusable object-oriented software. Reading: AddisonWesley, 49:120, 1995.

Digital Library

Cited By

(2017)A new inter-cloud service-level guarantee protocol applied to space missionsInternational Journal of Grid and Utility Computing10.1504/IJGUC.2017.0859098:2(152-167)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.1504/IJGUC.2017.085909
Amoud MRoudiès O(2016)A Systematic Review of Security in Cloud ComputingProceedings of the Second International Afro-European Conference for Industrial Advancement AECIA 201510.1007/978-3-319-29504-6_8(69-81)Online publication date: 29-Jan-2016
https://doi.org/10.1007/978-3-319-29504-6_8
Encina CFernandez EMonge AEloranta Vvan Heesch U(2014)Threat analysis and misuse patterns of federated inter-cloud systemsProceedings of the 19th European Conference on Pattern Languages of Programs10.1145/2721956.2721986(1-8)Online publication date: 9-Jul-2014
https://dl.acm.org/doi/10.1145/2721956.2721986

Recommendations

Interconnected Cloud Computing Environments: Challenges, Taxonomy, and Survey

A brief review of the Internet history reveals the fact that the Internet evolved after the formation of primarily independent networks. Similarly, interconnected clouds, also called Inter-cloud, can be viewed as a natural evolution of cloud computing. ...
Threat analysis and misuse patterns of federated inter-cloud systems
EuroPLoP '14: Proceedings of the 19th European Conference on Pattern Languages of Programs

We have previously proposed a new type of pattern, the misuse pattern. The misuse pattern describes how a misuse is performed from the point of view of the attacker, what system units it uses and how, provides ways of stopping the attack by enumerating ...
Towards Media Inter-cloud Standardization --- Evaluating Impact of Cloud Storage Heterogeneity

Digital media has been increasing very rapidly, resulting in cloud computing's popularity gain. Cloud computing provides ease of management of large amount of data and resources. With a lot of devices communicating over the Internet and with the rapidly ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

VikingPLoP 2014: Proceedings of the 8th Nordic Conference on Pattern Languages of Programs (VikingPLoP)

April 2014

85 pages

ISBN:9781450326605

DOI:10.1145/2676680

Program Chairs:
Jari Rauhamäki
Tampere University of Technology, Finland
,
Veli-Pekka Eloranta
Tampere University of Technology, Finland

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

Hillside Europe: Hillside Europe
Tampere University of Technology

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 April 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

VikingPLoP 2014

VikingPLoP 2014: 8th Nordic Conference on Pattern Languages of Programs

April 10 - 13, 2014

Vihula, Estonia

Acceptance Rates

VikingPLoP 2014 Paper Acceptance Rate 8 of 11 submissions, 73%;

Overall Acceptance Rate 8 of 11 submissions, 73%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
230
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

(2017)A new inter-cloud service-level guarantee protocol applied to space missionsInternational Journal of Grid and Utility Computing10.1504/IJGUC.2017.0859098:2(152-167)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.1504/IJGUC.2017.085909
Amoud MRoudiès O(2016)A Systematic Review of Security in Cloud ComputingProceedings of the Second International Afro-European Conference for Industrial Advancement AECIA 201510.1007/978-3-319-29504-6_8(69-81)Online publication date: 29-Jan-2016
https://doi.org/10.1007/978-3-319-29504-6_8
Encina CFernandez EMonge AEloranta Vvan Heesch U(2014)Threat analysis and misuse patterns of federated inter-cloud systemsProceedings of the 19th European Conference on Pattern Languages of Programs10.1145/2721956.2721986(1-8)Online publication date: 9-Jul-2014
https://dl.acm.org/doi/10.1145/2721956.2721986

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten