Abstract
Security and privacy in cloud systems are critical. To address security and privacy concerns, many security patterns, privacy patterns, and non-pattern-based knowledge have been reported. However, knowing which pattern or combination of patterns to use in a specific scenario is challenging due to the sheer volume of options and the layered cloud stack. To deal with security and privacy in cloud services, this study proposes the cloud security and privacy metamodel (CSPM). CSPM uses a consistent approach to classify and handle existing security and privacy patterns. In addition, CSPM is used to develop a security and privacy awareness process to develop cloud systems. The effectiveness and practicality of CSPM is demonstrated via several case studies.
Highlights
Cloud service providers control remotely available services and data, which are often connected with other services
The sheer volume of security and privacy (S&P) patterns and non-pattern-based knowledge makes selecting the appropriate knowledge or combination of patterns and knowledge challenging. This issue is relevant to S&P patterns in general, it is more critical in cloud services
This study proposes an extension called the “Cloud Security and Privacy Metamodel (CSPM)” to address S&P in cloud services
Summary
Cloud service providers control remotely available services and data, which are often connected with other services. This study proposes an extension called the “Cloud Security and Privacy Metamodel (CSPM)” to address S&P in cloud services. Besides selecting and combining the appropriate patterns to address S&P issues, CSPM can be used for designing high-level architectures of cloud service systems effectively and efficiently. As an extension to our previous research, we conducted experiments and a case study to address the following questions: RQ1: Can CSPM resolve S&P problems and help application of the corresponding patterns? We proposed CSPM, which is a metamodel as the basis for describing S&P-related knowledge over multiple cloud layers. 3. We conducted a controlled experiment and a case study based on the proposed process to evaluate the effectiveness of the problem analysis and solution design supported by CSPM.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call