Securing Integration of Cloud Services in Cross-Domain Distributed Environments

Bojan Suzic

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

Traditional cloud integration scenarios, as adopted by many organizations, assume business processes to be executed in a cross-domain context, connecting on-premise and cloud applications. The emerging model of cloud-based integration platforms extends these scenarios by transferring business process execution entirely to the cloud. Although this approach provides numerous benefits and opens a new range of opportunities, its adoption requires reconsideration of currently applied practices and their adjustment to a new perspective.

In this work, we analyze the existing approaches to cross-domain service composition based on cloud integration platforms. We particularly focus on the security of these approaches, considering currently dominant OAuth 2.0 web authorization protocol and emerging UMA protocol. For this purpose, we present a new tool that enables UMA support in Apache Camel integration framework. We then analyze and discuss the integration flows relying on both protocols. Finally, based on RMIAS framework, we provide a security assessment of both approaches, presenting an overview of issues and challenges for future work.
Original languageEnglish
Title of host publicationProceedings of the 31st Annual ACM Symposium on Applied Computing
Place of PublicationNew York, NY, USA
PublisherAssociation of Computing Machinery
Pages398-405
Number of pages8
ISBN (Print)978-1-4503-3739-7
DOIs
Publication statusPublished - 2016

Fingerprint

Industry
Chemical analysis

Keywords

  • cloud computing
  • data security
  • integration platforms
  • service composition
  • web protocols
  • web authorization
  • xacml
  • oauth
  • service integration
  • cloud integration
  • distributed systems
  • network protocols

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems
  • Computer Science (miscellaneous)

Fields of Expertise

  • Information, Communication & Computing

Treatment code (Nähere Zuordnung)

  • Application
  • Theoretical
  • Experimental

Cite this

Suzic, B. (2016). Securing Integration of Cloud Services in Cross-Domain Distributed Environments. In Proceedings of the 31st Annual ACM Symposium on Applied Computing (pp. 398-405). New York, NY, USA: Association of Computing Machinery. https://doi.org/10.1145/2851613.2851622

Securing Integration of Cloud Services in Cross-Domain Distributed Environments. / Suzic, Bojan.

Proceedings of the 31st Annual ACM Symposium on Applied Computing. New York, NY, USA : Association of Computing Machinery, 2016. p. 398-405.

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Suzic, B 2016, Securing Integration of Cloud Services in Cross-Domain Distributed Environments. in Proceedings of the 31st Annual ACM Symposium on Applied Computing. Association of Computing Machinery, New York, NY, USA, pp. 398-405. https://doi.org/10.1145/2851613.2851622
Suzic B. Securing Integration of Cloud Services in Cross-Domain Distributed Environments. In Proceedings of the 31st Annual ACM Symposium on Applied Computing. New York, NY, USA: Association of Computing Machinery. 2016. p. 398-405 https://doi.org/10.1145/2851613.2851622
Suzic, Bojan. / Securing Integration of Cloud Services in Cross-Domain Distributed Environments. Proceedings of the 31st Annual ACM Symposium on Applied Computing. New York, NY, USA : Association of Computing Machinery, 2016. pp. 398-405
@inproceedings{709803a806554a08a05afb706f36a332,
title = "Securing Integration of Cloud Services in Cross-Domain Distributed Environments",
abstract = "Traditional cloud integration scenarios, as adopted by many organizations, assume business processes to be executed in a cross-domain context, connecting on-premise and cloud applications. The emerging model of cloud-based integration platforms extends these scenarios by transferring business process execution entirely to the cloud. Although this approach provides numerous benefits and opens a new range of opportunities, its adoption requires reconsideration of currently applied practices and their adjustment to a new perspective.In this work, we analyze the existing approaches to cross-domain service composition based on cloud integration platforms. We particularly focus on the security of these approaches, considering currently dominant OAuth 2.0 web authorization protocol and emerging UMA protocol. For this purpose, we present a new tool that enables UMA support in Apache Camel integration framework. We then analyze and discuss the integration flows relying on both protocols. Finally, based on RMIAS framework, we provide a security assessment of both approaches, presenting an overview of issues and challenges for future work.",
keywords = "cloud computing, data security, integration platforms, service composition, web protocols, web authorization, xacml, oauth, service integration, cloud integration, distributed systems, network protocols",
author = "Bojan Suzic",
note = "This work has been supported partially by the SUNFISH project (N.644666) funded by the European Commission H2020 Program.",
year = "2016",
doi = "10.1145/2851613.2851622",
language = "English",
isbn = "978-1-4503-3739-7",
pages = "398--405",
booktitle = "Proceedings of the 31st Annual ACM Symposium on Applied Computing",
publisher = "Association of Computing Machinery",
address = "United States",

}

TY - GEN

T1 - Securing Integration of Cloud Services in Cross-Domain Distributed Environments

AU - Suzic, Bojan

N1 - This work has been supported partially by the SUNFISH project (N.644666) funded by the European Commission H2020 Program.

PY - 2016

Y1 - 2016

N2 - Traditional cloud integration scenarios, as adopted by many organizations, assume business processes to be executed in a cross-domain context, connecting on-premise and cloud applications. The emerging model of cloud-based integration platforms extends these scenarios by transferring business process execution entirely to the cloud. Although this approach provides numerous benefits and opens a new range of opportunities, its adoption requires reconsideration of currently applied practices and their adjustment to a new perspective.In this work, we analyze the existing approaches to cross-domain service composition based on cloud integration platforms. We particularly focus on the security of these approaches, considering currently dominant OAuth 2.0 web authorization protocol and emerging UMA protocol. For this purpose, we present a new tool that enables UMA support in Apache Camel integration framework. We then analyze and discuss the integration flows relying on both protocols. Finally, based on RMIAS framework, we provide a security assessment of both approaches, presenting an overview of issues and challenges for future work.

AB - Traditional cloud integration scenarios, as adopted by many organizations, assume business processes to be executed in a cross-domain context, connecting on-premise and cloud applications. The emerging model of cloud-based integration platforms extends these scenarios by transferring business process execution entirely to the cloud. Although this approach provides numerous benefits and opens a new range of opportunities, its adoption requires reconsideration of currently applied practices and their adjustment to a new perspective.In this work, we analyze the existing approaches to cross-domain service composition based on cloud integration platforms. We particularly focus on the security of these approaches, considering currently dominant OAuth 2.0 web authorization protocol and emerging UMA protocol. For this purpose, we present a new tool that enables UMA support in Apache Camel integration framework. We then analyze and discuss the integration flows relying on both protocols. Finally, based on RMIAS framework, we provide a security assessment of both approaches, presenting an overview of issues and challenges for future work.

KW - cloud computing

KW - data security

KW - integration platforms

KW - service composition

KW - web protocols

KW - web authorization

KW - xacml

KW - oauth

KW - service integration

KW - cloud integration

KW - distributed systems

KW - network protocols

U2 - 10.1145/2851613.2851622

DO - 10.1145/2851613.2851622

M3 - Conference contribution

SN - 978-1-4503-3739-7

SP - 398

EP - 405

BT - Proceedings of the 31st Annual ACM Symposium on Applied Computing

PB - Association of Computing Machinery

CY - New York, NY, USA

ER -