Modeling and Security in Cloud Ecosystems

Fernández, Eduardo B.; Yoshioka, Nobukazu; Washizaki, Hironori; Syed, Madiha

doi:10.3390/fi8020013

Cited by 23 publications

(12 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Dsouza et al proposed a policy‐driven security management approach for fog resources including policy analysis and its integration with the fog paradigm. However, the approach fails to consider rights inheritance or propagation of rights in the ecosystem . Stojmenovic and Wen presented a survey of fog applications and the associated security challenges.…”

Section: Related Workmentioning

confidence: 99%

“…However, the approach fails to consider rights inheritance or propagation of rights in the ecosystem. 47,48 Stojmenovic and Wen 48 presented a survey of fog applications and the associated security challenges. In particular, the authors analyzed man-in-the-middle attacks in the context of fog computing, where fog devices can be compromised or replaced by fake ones.…”

Section: Scada-based Solutionsmentioning

confidence: 99%

See 1 more Smart Citation

A secure fog‐based platform for SCADA‐based IoT critical infrastructure

et al. 2019

View full text Add to dashboard Cite

Summary The rapid proliferation of Internet of things (IoT) devices, such as smart meters and water valves, into industrial critical infrastructures and control systems has put stringent performance and scalability requirements on modern Supervisory Control and Data Acquisition (SCADA) systems. While cloud computing has enabled modern SCADA systems to cope with the increasing amount of data generated by sensors, actuators, and control devices, there has been a growing interest recently to deploy edge data centers in fog architectures to secure low‐latency and enhanced security for mission‐critical data. However, fog security and privacy for SCADA‐based IoT critical infrastructures remains an under‐researched area. To address this challenge, this contribution proposes a novel security “toolbox” to reinforce the integrity, security, and privacy of SCADA‐based IoT critical infrastructure at the fog layer. The toolbox incorporates a key feature: a cryptographic‐based access approach to the cloud services using identity‐based cryptography and signature schemes at the fog layer. We present the implementation details of a prototype for our proposed secure fog‐based platform and provide performance evaluation results to demonstrate the appropriateness of the proposed platform in a real‐world scenario. These results can pave the way toward the development of a more secure and trusted SCADA‐based IoT critical infrastructure, which is essential to counter cyber threats against next‐generation critical infrastructure and industrial control systems. The results from the experiments demonstrate a superior performance of the secure fog‐based platform, which is around 2.8 seconds when adding five virtual machines (VMs), 3.2 seconds when adding 10 VMs, and 112 seconds when adding 1000 VMs, compared to the multilevel user access control platform.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Scada-based Solutionsmentioning

confidence: 99%

A secure fog‐based platform for SCADA‐based IoT critical infrastructure

et al. 2019

View full text Add to dashboard Cite

show abstract

“…Security and privacy can also be evaluated using the architectural models that are represented in the form of pattern diagrams including software patterns (Fernandez et al, 2015;Fernandez et al, 2016). Pattern models are especially useful for handling the security of complex systems like SECOs.…”

Section: Rq2: How Are Non-functional Requirements Considered In the Cmentioning

confidence: 99%

A Systematic Mapping Study on Requirements Engineering in Software Ecosystems

Vegendla

Duc

Gao

et al. 2018

Journal of Information Technology Research

View full text Add to dashboard Cite

Software ecosystems (SECOs) and open innovation processes have been claimed as a way forward for the software industry. A proper understanding of requirements is as important for these IT-systems as for more traditional ones. This paper presents a mapping study on the issues of requirements engineering and quality aspects in SECOs and analyzes emerging ideas. Our findings indicate that among the various phases or subtasks of requirements engineering, most of the SECO specific research has been accomplished on elicitation, analysis, and modeling. On the other hand, requirements selection, prioritization, verification, and traceability has attracted few published studies. Among the various quality attributes, most of the SECOs research has been performed on security, performance and testability. On the other hand, reliability, safety, maintainability, transparency, usability attracted few published studies. The paper provides a review of the academic literature about SECO-related requirements engineering activities, modeling approaches, and quality attributes, positions the source publications in a taxonomy of issues and identifies gaps where there has been little research.

show abstract

“…Basically, "a pattern is a solution to a recurring problem in a specific context" [13]. Patterns are used in the following domains: software requirements (e.g., [14]), software design (e.g., [15,16]), information security engineering (e.g., [17,18]), requirements engineering (e.g., [19][20][21]), test patterns (e.g., [22]), context analysis (e.g., [23]) and more.…”

Section: Pattern-based Context Analysismentioning

confidence: 99%

“…Fernandez et al [13] provided a unified way of representing all the components of a cloud ecosystem as well as security aspects. Our pattern supports the specification of the indirect and direct environments of a cloud system as well as its stakeholders in addition to the cloud system itself.…”

Section: Related Workmentioning

confidence: 99%

Context Analysis of Cloud Computing Systems Using a Pattern-Based Approach

2018

View full text Add to dashboard Cite

Cloud computing services bring new capabilities for hosting and offering complex collaborative business operations. However, these advances might bring undesirable side-effects, e.g., introducing new vulnerabilities and threats caused by collaboration and data exchange over the Internet. Hence, users have become more concerned about security and privacy aspects. For secure provisioning of a cloud computing service, security and privacy issues must be addressed by using a risk assessment method. To perform a risk assessment, it is necessary to obtain all relevant information about the context of the considered cloud computing service. The context analysis of a cloud computing service and its underlying system is a difficult task because of the variety of different types of information that have to be considered. This context information includes (i) legal, regulatory and/or contractual requirements that are relevant for a cloud computing service (indirect stakeholders); (ii) relations to other involved cloud computing services; (iii) high-level cloud system components that support the involved cloud computing services; (iv) data that is processed by the cloud computing services; and (v) stakeholders that interact directly with the cloud computing services and/or the underlying cloud system components. We present a pattern for the contextual analysis of cloud computing services and demonstrate the instantiation of our proposed pattern with real-life application examples. Our pattern contains elements that represent the above-mentioned types of contextual information. The elements of our pattern conform to the General Data Protection Regulation. Besides the context analysis, our pattern supports the identification of high-level assets. Additionally, our proposed pattern supports the documentation of the scope and boundaries of a cloud computing service conforming to the requirements of the ISO 27005 standard (information security risk management). The results of our context analysis contribute to the transparency of the achieved security and privacy level of a cloud computing service. This transparency can increase the trust of users in a cloud computing service. We present results of the RestAssured project related to the context analysis regarding cloud computing services and their underlying cloud computing systems. The context analysis is the prerequisite to threat and control identification that are performed later in the risk management process. The focus of this paper is the use of a pattern at the time of design systematic context analysis and scope definition for risk management methods.

show abstract

Modeling and Security in Cloud Ecosystems

Cited by 23 publications

References 32 publications

A secure fog‐based platform for SCADA‐based IoT critical infrastructure

A secure fog‐based platform for SCADA‐based IoT critical infrastructure

A Systematic Mapping Study on Requirements Engineering in Software Ecosystems

Context Analysis of Cloud Computing Systems Using a Pattern-Based Approach

Contact Info

Product

Resources

About