he Cloud Computing paradigm provides a new model for the more flexible utilization of computing and storage services. However, such enhanced flexibility, which implies outsourcing the data and business applications to a third party, may introduce critical security issues. Therefore, there is a clear necessity of new security paradigms able to face all the problems introduced by the cloud approach. Although, in the last years, several solutions have been proposed, the implementation of secure cloud applications and services is still a complex and far from consolidated task. Starting from these considerations, this work fosters the development of a methodology that considers security concerns as an integral part of cloud-based applications design and implementation. Accordingly, we present a set of stereotypes that defines a vocabulary for annotating Unified Modeling Language based models with information relevant for integrating the specification of security requirements into cloud architectures. This approach can be used to significantly improve productivity and overall success in the development of secure distributed cloud applications and systems.

Modeling Security Requirements for Cloud-based System Development

FICCO, Massimo;
2016

Abstract

he Cloud Computing paradigm provides a new model for the more flexible utilization of computing and storage services. However, such enhanced flexibility, which implies outsourcing the data and business applications to a third party, may introduce critical security issues. Therefore, there is a clear necessity of new security paradigms able to face all the problems introduced by the cloud approach. Although, in the last years, several solutions have been proposed, the implementation of secure cloud applications and services is still a complex and far from consolidated task. Starting from these considerations, this work fosters the development of a methodology that considers security concerns as an integral part of cloud-based applications design and implementation. Accordingly, we present a set of stereotypes that defines a vocabulary for annotating Unified Modeling Language based models with information relevant for integrating the specification of security requirements into cloud architectures. This approach can be used to significantly improve productivity and overall success in the development of secure distributed cloud applications and systems.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11591/182843
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 28
  • ???jsp.display-item.citation.isi??? 20
social impact