Towards Secure Collaboration in Federated Cloud Environments

Bojan Suzic, Andreas Reiter

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

Public administrations across Europe are actively following and adopting cloud paradigms. By establishing modern data centers and consolidating their infrastructures, many organizations already benefit from cloud computing. However, there is a growing need to further support the consolidation and sharing of resources across different public entities or corporations. The ever increasing volume of processed data and diversity of organizational interactions stress this need even further, calling for the integration on infrastructure, data and services level. This is currently hindered by strict requirements in the field of data security and privacy. In this paper, we present ongoing work enabling secure private cloud federations for public administrations, performed in the scope of the SUNFISH H2020 project. We focus on architectural components and processes that establish cross-organizational enforcement of data security policies in heterogeneous environments. Our proposal introduces proactive restriction of data flows in federated environments by integrating real-time based security policy enforcement and its post-execution conformance verification. The goal of this framework is to enable secure service integration and data exchange in cross-entity contexts by inspecting data flows and assuring their conformance with security policies, both on organizational and federation level.
Original languageEnglish
Title of host publication2016 11th International Conference on Availability, Reliability and Security (ARES)
PublisherInstitute of Electrical and Electronics Engineers
Pages750-759
Number of pages10
ISBN (Electronic)978-1-5090-0990-9
ISBN (Print)978-1-5090-0991-6
DOIs
Publication statusPublished - 2016
Event11th International Conference on Availability, Reliability and Security (ARES 2016) - Salzburg, Austria
Duration: 31 Aug 20162 Sep 2016

Conference

Conference11th International Conference on Availability, Reliability and Security (ARES 2016)
CountryAustria
CitySalzburg
Period31/08/162/09/16

Fingerprint

Public administration
Security of data
Data privacy
Electronic data interchange
Cloud computing
Consolidation
Industry

Keywords

    ASJC Scopus subject areas

    • Computer Networks and Communications
    • Information Systems

    Fields of Expertise

    • Information, Communication & Computing

    Cite this

    Suzic, B., & Reiter, A. (2016). Towards Secure Collaboration in Federated Cloud Environments. In 2016 11th International Conference on Availability, Reliability and Security (ARES) (pp. 750-759). Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/ARES.2016.46

    Towards Secure Collaboration in Federated Cloud Environments. / Suzic, Bojan; Reiter, Andreas.

    2016 11th International Conference on Availability, Reliability and Security (ARES). Institute of Electrical and Electronics Engineers, 2016. p. 750-759.

    Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

    Suzic, B & Reiter, A 2016, Towards Secure Collaboration in Federated Cloud Environments. in 2016 11th International Conference on Availability, Reliability and Security (ARES). Institute of Electrical and Electronics Engineers, pp. 750-759, 11th International Conference on Availability, Reliability and Security (ARES 2016), Salzburg, Austria, 31/08/16. https://doi.org/10.1109/ARES.2016.46
    Suzic B, Reiter A. Towards Secure Collaboration in Federated Cloud Environments. In 2016 11th International Conference on Availability, Reliability and Security (ARES). Institute of Electrical and Electronics Engineers. 2016. p. 750-759 https://doi.org/10.1109/ARES.2016.46
    Suzic, Bojan ; Reiter, Andreas. / Towards Secure Collaboration in Federated Cloud Environments. 2016 11th International Conference on Availability, Reliability and Security (ARES). Institute of Electrical and Electronics Engineers, 2016. pp. 750-759
    @inproceedings{5329d22201a041f59dcf1a4a2b562d74,
    title = "Towards Secure Collaboration in Federated Cloud Environments",
    abstract = "Public administrations across Europe are actively following and adopting cloud paradigms. By establishing modern data centers and consolidating their infrastructures, many organizations already benefit from cloud computing. However, there is a growing need to further support the consolidation and sharing of resources across different public entities or corporations. The ever increasing volume of processed data and diversity of organizational interactions stress this need even further, calling for the integration on infrastructure, data and services level. This is currently hindered by strict requirements in the field of data security and privacy. In this paper, we present ongoing work enabling secure private cloud federations for public administrations, performed in the scope of the SUNFISH H2020 project. We focus on architectural components and processes that establish cross-organizational enforcement of data security policies in heterogeneous environments. Our proposal introduces proactive restriction of data flows in federated environments by integrating real-time based security policy enforcement and its post-execution conformance verification. The goal of this framework is to enable secure service integration and data exchange in cross-entity contexts by inspecting data flows and assuring their conformance with security policies, both on organizational and federation level.",
    keywords = "authorization, federated authorization, intracloud, intra-cloud, multicloud, multi-cloud, xacml, rbac, authentication, oauth, security enforcement, security policies, abac, data security, data transformation, encryption, format-preserving encryption, cloud federation, integration, service integration",
    author = "Bojan Suzic and Andreas Reiter",
    note = "This work has been supported partially by the SUNFISH project (N.644666) funded by the European Commission H2020 Program.",
    year = "2016",
    doi = "10.1109/ARES.2016.46",
    language = "English",
    isbn = "978-1-5090-0991-6",
    pages = "750--759",
    booktitle = "2016 11th International Conference on Availability, Reliability and Security (ARES)",
    publisher = "Institute of Electrical and Electronics Engineers",
    address = "United States",

    }

    TY - GEN

    T1 - Towards Secure Collaboration in Federated Cloud Environments

    AU - Suzic, Bojan

    AU - Reiter, Andreas

    N1 - This work has been supported partially by the SUNFISH project (N.644666) funded by the European Commission H2020 Program.

    PY - 2016

    Y1 - 2016

    N2 - Public administrations across Europe are actively following and adopting cloud paradigms. By establishing modern data centers and consolidating their infrastructures, many organizations already benefit from cloud computing. However, there is a growing need to further support the consolidation and sharing of resources across different public entities or corporations. The ever increasing volume of processed data and diversity of organizational interactions stress this need even further, calling for the integration on infrastructure, data and services level. This is currently hindered by strict requirements in the field of data security and privacy. In this paper, we present ongoing work enabling secure private cloud federations for public administrations, performed in the scope of the SUNFISH H2020 project. We focus on architectural components and processes that establish cross-organizational enforcement of data security policies in heterogeneous environments. Our proposal introduces proactive restriction of data flows in federated environments by integrating real-time based security policy enforcement and its post-execution conformance verification. The goal of this framework is to enable secure service integration and data exchange in cross-entity contexts by inspecting data flows and assuring their conformance with security policies, both on organizational and federation level.

    AB - Public administrations across Europe are actively following and adopting cloud paradigms. By establishing modern data centers and consolidating their infrastructures, many organizations already benefit from cloud computing. However, there is a growing need to further support the consolidation and sharing of resources across different public entities or corporations. The ever increasing volume of processed data and diversity of organizational interactions stress this need even further, calling for the integration on infrastructure, data and services level. This is currently hindered by strict requirements in the field of data security and privacy. In this paper, we present ongoing work enabling secure private cloud federations for public administrations, performed in the scope of the SUNFISH H2020 project. We focus on architectural components and processes that establish cross-organizational enforcement of data security policies in heterogeneous environments. Our proposal introduces proactive restriction of data flows in federated environments by integrating real-time based security policy enforcement and its post-execution conformance verification. The goal of this framework is to enable secure service integration and data exchange in cross-entity contexts by inspecting data flows and assuring their conformance with security policies, both on organizational and federation level.

    KW - authorization

    KW - federated authorization

    KW - intracloud

    KW - intra-cloud

    KW - multicloud

    KW - multi-cloud

    KW - xacml

    KW - rbac

    KW - authentication

    KW - oauth

    KW - security enforcement

    KW - security policies

    KW - abac

    KW - data security

    KW - data transformation

    KW - encryption

    KW - format-preserving encryption

    KW - cloud federation

    KW - integration

    KW - service integration

    U2 - 10.1109/ARES.2016.46

    DO - 10.1109/ARES.2016.46

    M3 - Conference contribution

    SN - 978-1-5090-0991-6

    SP - 750

    EP - 759

    BT - 2016 11th International Conference on Availability, Reliability and Security (ARES)

    PB - Institute of Electrical and Electronics Engineers

    ER -