Securing Integration of Cloud Services in Cross-Domain Distributed Environments

Bojan Suzic

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Traditional cloud integration scenarios, as adopted by many organizations, assume business processes to be executed in a cross-domain context, connecting on-premise and cloud applications. The emerging model of cloud-based integration platforms extends these scenarios by transferring business process execution entirely to the cloud. Although this approach provides numerous benefits and opens a new range of opportunities, its adoption requires reconsideration of currently applied practices and their adjustment to a new perspective.

In this work, we analyze the existing approaches to cross-domain service composition based on cloud integration platforms. We particularly focus on the security of these approaches, considering currently dominant OAuth 2.0 web authorization protocol and emerging UMA protocol. For this purpose, we present a new tool that enables UMA support in Apache Camel integration framework. We then analyze and discuss the integration flows relying on both protocols. Finally, based on RMIAS framework, we provide a security assessment of both approaches, presenting an overview of issues and challenges for future work.
Original languageEnglish
Title of host publicationProceedings of the 31st Annual ACM Symposium on Applied Computing
Place of PublicationNew York, NY, USA
PublisherAssociation of Computing Machinery
Pages398-405
Number of pages8
ISBN (Print)978-1-4503-3739-7
DOIs
Publication statusPublished - 2016

Keywords

  • cloud computing
  • data security
  • integration platforms
  • service composition
  • web protocols
  • web authorization
  • xacml
  • oauth
  • service integration
  • cloud integration
  • distributed systems
  • network protocols

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems
  • Computer Science (miscellaneous)

Fields of Expertise

  • Information, Communication & Computing

Treatment code (Nähere Zuordnung)

  • Application
  • Theoretical
  • Experimental

Fingerprint Dive into the research topics of 'Securing Integration of Cloud Services in Cross-Domain Distributed Environments'. Together they form a unique fingerprint.

Cite this