Skip to main content
Springer Nature Link
Log in

Enabling Custom Security Controls as Plugins in Service Oriented Environments

  • Chapter
  • First Online:
Transactions on Computational Collective Intelligence XXXIII

Part of the book series: Lecture Notes in Computer Science ((TCCI,volume 11610))

  • 273 Accesses

Abstract

Service oriented environments such as cloud computing infrastructures aim at facilitating the requirements of users and enterprises by providing services following an on-demand orientation. While the advantages of such environments are clear and lead to wide adoption, the key concern of the non-adopters refers to privacy and security. Even though providers put in place several measures to minimize security and privacy vulnerabilities, the users are still in many cases reluctant to move their data and applications to clouds. In this paper an approach is presented that proposes the use of security controls as plugins that can be ingested in service-oriented environments. The latter allows users to tailor the corresponding security and privacy levels by utilizing security measures that have been selected and implemented by themselves, thus alleviating their security and privacy concerns. The challenges and an architecture with the corresponding key building blocks that address these challenges are presented. Furthermore, results in the context of trustworthy requirements, i.e. dependability, are presented to evaluate the proposed approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

eBook
USD 12.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Cloud Security Alliance: State of Cloud Adoption (2016)

    Google Scholar 

  2. Zardari, S., Bahsoon, R.: Cloud adoption: a goal-oriented requirements engineering approach. In: Proceedings of the 2nd International Workshop on Software Engineering for Cloud Computing, pp. 29–35. ACM (2011)

    Google Scholar 

  3. Cloud adoption a goal oriented requirements engineering approach.pdf

    Google Scholar 

  4. Cloud Security Alliance: The Treacherous Twelve (2017)

    Google Scholar 

  5. Hewlett Packard Enterprise: 5 ways cloud security is like data center security and 5 ways it’s not. https://www.hpe.com/us/en/insights/articles/5-ways-cloud-security-is-just-like-data-center-security-and-5-ways-its-different-1701.html

  6. Kuada, E.: Trust modelling for opportunistic cloud services. Int. J. Grid Util. Comput. 9(4), 289–306 (2018)

    Article  Google Scholar 

  7. Open Cloud Manifesto: https://gevaperry.typepad.com/Open%20Cloud%20Manifesto%20v1.0.9.pdf. Accessed 23 July 2018

  8. Berger, S., et al.: TVDc: managing security in the trusted virtual datacenter. ACM Oper. Syst. Rev. 42, 40–47 (2008)

    Article  Google Scholar 

  9. Amazon Virtual Private Cloud: http://aws.amazon.com/vpc/. Accessed 23 July 2018

  10. Corbató, F.J., Vyssotsky, V.A.: Introduction and overview of the multics system. IEEE Ann. Hist. Comput. 2, 12–13 (1992)

    Google Scholar 

  11. Saltzer, J.H.: Protection and the control of information sharing in multics. ACM Commun. 17, 388–402 (1978)

    Article  Google Scholar 

  12. Lettmann, T., Baumann, M., Eberling, M., Kemmerich, T.: Modeling agents and agent systems. In: Nguyen, N.T. (ed.) Transactions on Computational Collective Intelligence V. LNCS, vol. 6910, pp. 157–181. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24016-4_9

    Chapter  Google Scholar 

  13. Sentronex Infographic: http://www.sentronex.com/wp-content/uploads/2014/03/Data-Secruity-Risk-Prevention-for-Financial-Services-in-20141.pdf. Accessed 23 July 2018

  14. Wang, X.A., Xhafa, F., Cai, W., Ma, J., Wei, F.: Efficient privacy preserving predicate encryption with fine-grained searchable capability for Cloud storage. Comput. Electr. Eng. 56, 871–883 (2016)

    Article  Google Scholar 

  15. Li, W., Ping, L.: Trust model to enhance security and interoperability of cloud environment. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) CloudCom 2009. LNCS, vol. 5931, pp. 69–79. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10665-1_7

    Chapter  Google Scholar 

  16. Jaeger, T., Schiffman, J.: Outlook: cloudy with a chance of security challenges and improvements. IEEE Secur. Priv. 8(1), 77–80 (2010)

    Article  Google Scholar 

  17. Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: 16th ACM Conference on Computer and Communications Security (2009)

    Google Scholar 

  18. Song, D.X., Wagner, D., Tian, X.: Timing analysis of keystrokes and timing attacks on SSH. In: 10th Conference on USENIX Security Symposium (2001)

    Google Scholar 

  19. Ranjith, P., Chandran, P., Kaleeswaran, S.: On covert channels between virtual machines. J. Comput. Virol. 8, 85–97 (2012)

    Article  Google Scholar 

  20. Bezemer, C-P., Zaidman, A.: Multi-tenant SaaS applications: maintenance dream or nightmare?. In: Joint ERCIM Workshop on Software Evolution (EVOL) and International Workshop on Principles of Software Evolution (IWPSE), Antwerp, Belgium. ACM, New York, USA (2010)

    Google Scholar 

  21. Jansen, W.: Cloud hooks: security and privacy issues in cloud computing. In: 44th International Conference on System Sciences, Koloa, Kauai, HI. IEEE Computer Society, Washington, DC, USA, pp. 1–10 (2010)

    Google Scholar 

  22. European Network and Information Security Agency: Cloud Computing Benefits, risks and recommendations for information security (2012)

    Google Scholar 

  23. Kandukuri, B., Paturi, V., Rakshit, A.: Cloud security issues. In: IEEE International Conference on Services Computing (2009)

    Google Scholar 

  24. Casola, V., De Benedictis, A., Modic, J., Rak, M., Villano, U.: Per-service security SLAs for cloud security management: model and implementation. Int. J. Grid Util. Comput. 9(2), 128–138 (2018)

    Article  Google Scholar 

  25. Roth, D., Small, K.: The role of semantic information in learning question classifiers. In: Proceedings of the Conference First International Joint Conference on Natural Language Processing (2004)

    Google Scholar 

  26. Varun, C., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. 41, 15 (2009)

    Google Scholar 

  27. Wang, X.A., Ma, J., Yang, X., Wei, Y.: Security analysis of two identity based proxy re-encryption schemes in multi-user networks. In: Nguyen, N.T., Kowalczyk, R., Xhafa, F. (eds.) Transactions on Computational Collective Intelligence XIX. LNCS, vol. 9380, pp. 69–88. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-49017-4_5

    Chapter  Google Scholar 

  28. Paredes-Oliva, I., Dimitropoulos, X., Molina, M., Barlet-Ros, P., Brauckhoff, D.: Automating root-cause analysis of network anomalies using frequent itemset mining. In: ACM SIGCOMM 2010 Conference, New Delhi, India (2010)

    Google Scholar 

  29. Egele, M., Szydlowski, M., Kirda, E., Kruegel, C.: Using static program analysis to aid intrusion detection. In: Büschkes, R., Laskov, P. (eds.) DIMVA 2006. LNCS, vol. 4064. Springer, Heidelberg (2006). https://doi.org/10.1007/11790754_2

    Chapter  Google Scholar 

  30. Wang, X.A., Xhafa, F., Ma, J., Barolli, L., Ge, Y.: PRE+: dual of proxy re-encryption for secure cloud data sharing service. Int. J. Web Grid Serv. 14(1), 44–69 (2018)

    Article  Google Scholar 

  31. Ficco, M., Di Martino, B., Pietrantuono, R., Russo, S.: Optimized task allocation on private cloud for hybrid simulation of large-scale critical systems. Futur. Gener. Comput. Syst. 74, 104–118 (2017)

    Article  Google Scholar 

  32. Coello, C.: Recent trends in evolutionary multiobjective optimization. In: Abraham, A., Jain, L., Goldberg, R. (eds.) Evolutionary Multiobjective Optimization. Advanced Information and Knowledge Processing, pp. 7–32. Springer, London (2005). https://doi.org/10.1007/1-84628-137-7_2

    Chapter  MATH  Google Scholar 

  33. Marler, T., Jasbir, A.: Survey of multi-objective optimization methods for engineering. Struct. Multidiscip. Optim. 26, 369–395 (2004)

    Article  MathSciNet  MATH  Google Scholar 

  34. Talbi, A., Matthieu, B., Nebro, E.: Metaheuristics for Multiobjective Combinatorial Optimization Problems: Review and recent issues (2006)

    Google Scholar 

  35. Bleuler, S., Laumanns, M., Thiele, L., Zitzler, E.: PISA—a platform and programming language independent interface for search algorithms. In: Fonseca, Carlos M., Fleming, Peter J., Zitzler, E., Thiele, L., Deb, K. (eds.) EMO 2003. LNCS, vol. 2632, pp. 494–508. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36970-8_35

    Chapter  Google Scholar 

  36. Kronfeld, M., Planatscher, H., Zell, A.: The EvA2 optimization framework. In: Blum, C., Battiti, R. (eds.) LION 2010. LNCS, vol. 6073, pp. 247–250. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13800-3_27

    Chapter  Google Scholar 

  37. Lukasiewycz, M.: Opt4J: a modular framework for meta-heuristic optimization. In: Proceedings of the 13th Annual Conference on Genetic and Evolutionary Computation (2011)

    Google Scholar 

  38. Durillo, J., Nebro, A., Alba, E.: The jMetal framework for multi-objective optimization: design and architecture. In: IEEE Congress on Evolutionary Computation (2010)

    Google Scholar 

  39. A Java-based Evolutionary Computation Research System: http://cs.gmu.edu/~eclab/projects/ecj. Accessed 23 July 2018

  40. Xue, T., Ying, S., Wu, Q., Jia, X., Hu, X., Zhai, X., Zhang, T.: Verifying integrity of exception handling in service-oriented software. Int. J. Grid Util. Comput. 8(1), 7–21 (2017)

    Article  Google Scholar 

  41. Di Martino, B.: Applications portability and services interoperability among multiple clouds. IEEE Cloud Comput. 1(1), 74–77 (2014)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Piraeus, Karaoli & Dimitriou 80, 18532, Piraeus, Greece

    Dimosthenis Kyriazis

Authors
  1. Dimosthenis Kyriazis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dimosthenis Kyriazis .

Editor information

Editors and Affiliations

  1. Wroclaw University of Technology, Wroclaw, Poland

    Ngoc Thanh Nguyen

  2. Swinburne University of Technology, Hawthorn, VIC, Australia

    Ryszard Kowalczyk

  3. Technical University of Catalonia, Barcelona, Spain

    Fatos Xhafa

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer-Verlag GmbH Germany, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Kyriazis, D. (2019). Enabling Custom Security Controls as Plugins in Service Oriented Environments. In: Nguyen, N., Kowalczyk, R., Xhafa, F. (eds) Transactions on Computational Collective Intelligence XXXIII. Lecture Notes in Computer Science(), vol 11610. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-59540-4_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-59540-4_2

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-59539-8

  • Online ISBN: 978-3-662-59540-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics