Towards Secure Collaboration in Federated Cloud Environments

Bojan Suzic, Andreas Reiter

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandForschungBegutachtung

Abstract

Public administrations across Europe are actively following and adopting cloud paradigms. By establishing modern data centers and consolidating their infrastructures, many organizations already benefit from cloud computing. However, there is a growing need to further support the consolidation and sharing of resources across different public entities or corporations. The ever increasing volume of processed data and diversity of organizational interactions stress this need even further, calling for the integration on infrastructure, data and services level. This is currently hindered by strict requirements in the field of data security and privacy. In this paper, we present ongoing work enabling secure private cloud federations for public administrations, performed in the scope of the SUNFISH H2020 project. We focus on architectural components and processes that establish cross-organizational enforcement of data security policies in heterogeneous environments. Our proposal introduces proactive restriction of data flows in federated environments by integrating real-time based security policy enforcement and its post-execution conformance verification. The goal of this framework is to enable secure service integration and data exchange in cross-entity contexts by inspecting data flows and assuring their conformance with security policies, both on organizational and federation level.
Originalspracheenglisch
Titel2016 11th International Conference on Availability, Reliability and Security (ARES)
Herausgeber (Verlag)Institute of Electrical and Electronics Engineers
Seiten750-759
Seitenumfang10
ISBN (elektronisch)978-1-5090-0990-9
ISBN (Print)978-1-5090-0991-6
DOIs
PublikationsstatusVeröffentlicht - 2016
Veranstaltung11th International Conference on Availability, Reliability and Security (ARES 2016) - Salzburg, Österreich
Dauer: 31 Aug 20162 Sep 2016

Konferenz

Konferenz11th International Conference on Availability, Reliability and Security (ARES 2016)
LandÖsterreich
OrtSalzburg
Zeitraum31/08/162/09/16

Fingerprint

Public administration
Security of data
Data privacy
Electronic data interchange
Cloud computing
Consolidation
Industry

Schlagwörter

  • authorization
  • federated authorization
  • intracloud
  • intra-cloud
  • multicloud
  • multi-cloud
  • xacml
  • rbac
  • authentication
  • oauth
  • security enforcement
  • security policies
  • abac
  • data security
  • data transformation
  • encryption
  • format-preserving encryption
  • cloud federation
  • integration
  • service integration

ASJC Scopus subject areas

  • !!Computer Networks and Communications
  • Information systems

Fields of Expertise

  • Information, Communication & Computing

Dies zitieren

Suzic, B., & Reiter, A. (2016). Towards Secure Collaboration in Federated Cloud Environments. in 2016 11th International Conference on Availability, Reliability and Security (ARES) (S. 750-759). Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/ARES.2016.46

Towards Secure Collaboration in Federated Cloud Environments. / Suzic, Bojan; Reiter, Andreas.

2016 11th International Conference on Availability, Reliability and Security (ARES). Institute of Electrical and Electronics Engineers, 2016. S. 750-759.

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandForschungBegutachtung

Suzic, B & Reiter, A 2016, Towards Secure Collaboration in Federated Cloud Environments. in 2016 11th International Conference on Availability, Reliability and Security (ARES). Institute of Electrical and Electronics Engineers, S. 750-759, 11th International Conference on Availability, Reliability and Security (ARES 2016), Salzburg, Österreich, 31/08/16. https://doi.org/10.1109/ARES.2016.46
Suzic B, Reiter A. Towards Secure Collaboration in Federated Cloud Environments. in 2016 11th International Conference on Availability, Reliability and Security (ARES). Institute of Electrical and Electronics Engineers. 2016. S. 750-759 https://doi.org/10.1109/ARES.2016.46
Suzic, Bojan ; Reiter, Andreas. / Towards Secure Collaboration in Federated Cloud Environments. 2016 11th International Conference on Availability, Reliability and Security (ARES). Institute of Electrical and Electronics Engineers, 2016. S. 750-759
@inproceedings{5329d22201a041f59dcf1a4a2b562d74,
title = "Towards Secure Collaboration in Federated Cloud Environments",
abstract = "Public administrations across Europe are actively following and adopting cloud paradigms. By establishing modern data centers and consolidating their infrastructures, many organizations already benefit from cloud computing. However, there is a growing need to further support the consolidation and sharing of resources across different public entities or corporations. The ever increasing volume of processed data and diversity of organizational interactions stress this need even further, calling for the integration on infrastructure, data and services level. This is currently hindered by strict requirements in the field of data security and privacy. In this paper, we present ongoing work enabling secure private cloud federations for public administrations, performed in the scope of the SUNFISH H2020 project. We focus on architectural components and processes that establish cross-organizational enforcement of data security policies in heterogeneous environments. Our proposal introduces proactive restriction of data flows in federated environments by integrating real-time based security policy enforcement and its post-execution conformance verification. The goal of this framework is to enable secure service integration and data exchange in cross-entity contexts by inspecting data flows and assuring their conformance with security policies, both on organizational and federation level.",
keywords = "authorization, federated authorization, intracloud, intra-cloud, multicloud, multi-cloud, xacml, rbac, authentication, oauth, security enforcement, security policies, abac, data security, data transformation, encryption, format-preserving encryption, cloud federation, integration, service integration",
author = "Bojan Suzic and Andreas Reiter",
note = "This work has been supported partially by the SUNFISH project (N.644666) funded by the European Commission H2020 Program.",
year = "2016",
doi = "10.1109/ARES.2016.46",
language = "English",
isbn = "978-1-5090-0991-6",
pages = "750--759",
booktitle = "2016 11th International Conference on Availability, Reliability and Security (ARES)",
publisher = "Institute of Electrical and Electronics Engineers",
address = "United States",

}

TY - GEN

T1 - Towards Secure Collaboration in Federated Cloud Environments

AU - Suzic, Bojan

AU - Reiter, Andreas

N1 - This work has been supported partially by the SUNFISH project (N.644666) funded by the European Commission H2020 Program.

PY - 2016

Y1 - 2016

N2 - Public administrations across Europe are actively following and adopting cloud paradigms. By establishing modern data centers and consolidating their infrastructures, many organizations already benefit from cloud computing. However, there is a growing need to further support the consolidation and sharing of resources across different public entities or corporations. The ever increasing volume of processed data and diversity of organizational interactions stress this need even further, calling for the integration on infrastructure, data and services level. This is currently hindered by strict requirements in the field of data security and privacy. In this paper, we present ongoing work enabling secure private cloud federations for public administrations, performed in the scope of the SUNFISH H2020 project. We focus on architectural components and processes that establish cross-organizational enforcement of data security policies in heterogeneous environments. Our proposal introduces proactive restriction of data flows in federated environments by integrating real-time based security policy enforcement and its post-execution conformance verification. The goal of this framework is to enable secure service integration and data exchange in cross-entity contexts by inspecting data flows and assuring their conformance with security policies, both on organizational and federation level.

AB - Public administrations across Europe are actively following and adopting cloud paradigms. By establishing modern data centers and consolidating their infrastructures, many organizations already benefit from cloud computing. However, there is a growing need to further support the consolidation and sharing of resources across different public entities or corporations. The ever increasing volume of processed data and diversity of organizational interactions stress this need even further, calling for the integration on infrastructure, data and services level. This is currently hindered by strict requirements in the field of data security and privacy. In this paper, we present ongoing work enabling secure private cloud federations for public administrations, performed in the scope of the SUNFISH H2020 project. We focus on architectural components and processes that establish cross-organizational enforcement of data security policies in heterogeneous environments. Our proposal introduces proactive restriction of data flows in federated environments by integrating real-time based security policy enforcement and its post-execution conformance verification. The goal of this framework is to enable secure service integration and data exchange in cross-entity contexts by inspecting data flows and assuring their conformance with security policies, both on organizational and federation level.

KW - authorization

KW - federated authorization

KW - intracloud

KW - intra-cloud

KW - multicloud

KW - multi-cloud

KW - xacml

KW - rbac

KW - authentication

KW - oauth

KW - security enforcement

KW - security policies

KW - abac

KW - data security

KW - data transformation

KW - encryption

KW - format-preserving encryption

KW - cloud federation

KW - integration

KW - service integration

U2 - 10.1109/ARES.2016.46

DO - 10.1109/ARES.2016.46

M3 - Conference contribution

SN - 978-1-5090-0991-6

SP - 750

EP - 759

BT - 2016 11th International Conference on Availability, Reliability and Security (ARES)

PB - Institute of Electrical and Electronics Engineers

ER -