A Context-Based Security Framework for Cloud Services
Pages 130 - 137
Abstract
This paper discusses the use of Aspect-Oriented Programming (AOP) as an efficient way to handle cloud computing frontend security concerns. Without AOP, the necessary security code would be mixed with the business logic that the cloud service provider implements. This makes the maintenance of both code and business logic tedious and prone to errors. The proposed aspect-oriented approach in this paper is built upon a Web services frontend to the cloud service. Three types of context are taken into account when tuning the aspects (security services). The contexts contain various details on the environment of the Cloud and the Web services, which permit activating the necessary aspects in response to these details. A set of experiments validating this approach, are also reported in this paper.
References
[1]
M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin and I. Stoica, "A view of cloud computing," Commun ACM, vol. 53, pp. 50–58, 2010.
[2]
R. Buyya, C.S. Yeo, S. Venugopal, J. Broberg and I. Brandic, "Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility," Future Generation Comput.Syst., vol. 25, pp. 599–616, 2009.
[3]
The NIST Definition of Cloud Computing. http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf; Visited May 2014.
[4]
L.M. Vaquero, L. Rodero-Merino, J. Caceres and M. Lindner, "A break in the clouds: towards a cloud definition," ACM SIGCOMM Computer Communication Review, vol. 39, pp. 50–55, 2008.
[5]
B. Furht, "Cloud computing fundamentals," in Handbook of cloud computing, Springer, 2010.
[6]
M. Papazoglou, P. Traverso, S. Dustdar and F. Leymann, "Service-oriented computing: State of the art and research directions," Ieee Computer, vol. 40, pp. 64–71, 2007.
[7]
Singhal, "Web Services Security: Techniques and Challenges," in Data and Applications Security XXII, Springer, 2008, pp. 158–158.
[8]
G. Kouadri Mostéfaoui, Z. Maamar, N.C. Narendra and S. Sattanathan, "Decoupling security concerns in web services using aspects," in Information Technology: New Generations, 2006. ITNG 2006. Third International Conference on, pp. 20–27, 2006.
[9]
E. Goettelmann, W. Fdhila and C. Godart, "Partitioning and cloud deployment of composite web services under security constraints," in Cloud Engineering (IC2E), 2013 IEEE International Conference on, pp. 193–200, 2013.
[10]
S. Kleinschmager, Aspect-Oriented Programming Evaluated: A Study on the Impact that Aspect-Oriented Programming Can Have on Software Development Productivity, Diplomica Verlag, 2013.
[11]
Schmidt, M. Beigl and H. Gellersen, "There is more to context than location," Comput.Graph., vol. 23, pp. 893–901, 1999.
[12]
Z. Maamar, D. Benslimane and N.C. Narendra, "What can context do for web services?" Commun ACM, vol. 49, pp. 98–103, 2006.
[13]
G. Kouadri Mostefaoui, Towards a Conceptual and Software Framework for Integrating Context-Based Security in Pervasive Environments, PhD thesis, University of Fribourg, 2004.
[14]
N. Narendra and Z. Maamar, "Towards Context-based Tracking of Web Services Security", in Proceedings of The 7th International Conference on Information Integration and Web Based Applications & Services (iiWAS'2005), Kuala Lumpur, Malaysia, September 19-21, 2005.
[15]
A. Gupta, "Comparative Analysis Between Spring AOP and AspectJ", available at: http://java.dzone.com/articles/comparative-analaysis-between, Visited August 2014.
[16]
E. Zahoor, O. Perrin and C. Godart, "Disc-set: Handling temporal and security aspects in the web services composition," in Web Services (ECOWS), 2010 IEEE 8th European Conference on, pp. 51–58, 2010.
[17]
Web Services Security. Version 1.1, February 2006, https://www.oasis-open.org/committees/download.php/16790/wss-v1.1-specos-SOAPMessageSecurity.pdf, Visited May 2014.
[18]
Djordjevic, S.K. Nair and T. Dimitrakos, "Virtualised Trusted Computing Platform for Adaptive Security Enforcement of Web Services Interactions," in Web Services, 2007. ICWS 2007. IEEE International Conference on, pp. 615–622, 2007.
[19]
S. Lakshminarayanan, "Interoperable security standards for web services," IT Professional, vol. 12, pp. 42–47, 2010.
[20]
S. Durbeck, C. Fritsch, G. Pernul and R. Schillinger, "A Semantic Security Architecture for Web Services The Access-eGov Solution," in Availability, Reliability, and Security, 2010. ARES'10 International Conference on, pp. 222–227, 2010.
[21]
M. Rouached, "Security Analysis for Web Services Compositions," International Journal of Scientific and Engineering Research, IJSER, vol. 3, 2012.
[22]
Mourad, S. Ayoubi, H. Yahyaoui and H. Otrok, "A novel aspect–oriented BPEL framework for the dynamic enforcement of web services security," International Journal of Web and Grid Services, vol. 8, pp. 361–385, 2012.
[23]
S. Ayoubi, A. Mourad, H. Otrok and A. Shahin, "New XACML–AspectBPEL approach for composite web services security," International Journal of Web and Grid Services, vol. 9, pp. 127–145, 2013.
[24]
E.B. Fernandez, O. Ajaj, I. Buckley, N. Delessy-Gassant, K. Hashizume and M.M. Larrondo-Petrie, "A survey of patterns for Web services Security and reliability standards," Future Internet, vol. 4, pp. 430–450, 2012.
[25]
M. Ben Brahim, T. Chaari, M. Ben Jemaa and M. Jmaiel, "Semantic matching of web services security policies," in Risk and Security of Internet and Systems (CRiSIS), 2012 7th International Conference on, pp. 1–8, 2012.
[26]
H. Zeng, D. Ma, Z. Li and Y. Zhao, "A Policy-Based Architecture for Web Services Security Processing," in e-Business Engineering (ICEBE), 2012 IEEE Ninth International Conference on, pp. 163–169, 2012.
[27]
Wei Li, "An adaptive security model for communication on cloud," in Computer Science and Network Technology (ICCSNT), 2011 International Conference on, pp. 1964–1967, 2011.
[28]
Shucheng Yu, Cong Wang, Kui Ren and Wenjing Lou, "Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing," in INFOCOM, 2010 Proceedings IEEE, pp. 1–9, 2010.
[29]
Seon-Ho Park, Jung-Ho Eom and Tai-Myoung Chung, "A Study on Access Control Model for Context-Aware Workflow," in INC, IMS and IDC, 2009. NCM '09. Fifth International Joint Conference on, pp. 1526–1531, 2009.
[30]
S. Jha, N. Li, M. Tripunitara, Q. Wang and W.H. Winsborough, "Towards formal verification of role-based access control policies," Dependable and Secure Computing, IEEE Transactions on, vol. 5, pp. 242–255, 2008.
[31]
Zhang Wendong and Zhang Kaiji, "A Role-Based Workflow Access Control Model," in Education Technology and Computer Science, 2009. ETCS '09. First International Workshop on, pp. 1136–1139, 2009.
Index Terms
- A Context-Based Security Framework for Cloud Services
Recommendations
SC-WS: A Context-based, Aspect-oriented Approach for Handling Security Concerns in Web Services
This paper discusses Aspect-Oriented Programming (AOP) as an efficient way to handle security concerns in Web services. Without AOP, the necessary security code would be mixed with the business logic that a Web service implements. This renders the ...
Runtime Reusable Weaving Model for Cloud Services Using Aspect-Oriented Programming: The Security-Related Aspect
Cloud computing technology has opened an avenue to meet the critical need to securely share distributed resources and web services, and especially those that belong to clients who have sensitive data and applications. However, implementing crosscutting ...
Security in cloud computing
The cloud computing exhibits, remarkable potential to provide cost effective, easy to manage, elastic, and powerful resources on the fly, over the Internet. The cloud computing, upsurges the capabilities of the hardware resources by optimal and shared ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
In-Cooperation
- EAI: The European Alliance for Innovation
- SIGAPP: ACM Special Interest Group on Applied Computing
Publisher
ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering)
Brussels, Belgium
Publication History
Published: 07 October 2014
Check for updates
Author Tags
Qualifiers
- Tutorial
- Research
- Refereed limited
Conference
ICCASA '14
ICCASA '14: 3rd International Conference on Context-Aware Systems and Applications
October 7 - 9, 2014
Dubai, United Arab Emirates
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 102Total Downloads
- Downloads (Last 12 months)1
- Downloads (Last 6 weeks)0
Reflects downloads up to 18 Dec 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in