User-centered Security Management of API-based Data Integration Workflows

Bojan Suzic

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


One of the consequences of the present adoption of cloud-based services among organizations is the increasing rate of outsourcing of business and technical functions to third parties. The recent approaches such as cloud integration platforms (iPaaS) facilitate this trend even further. In this scenario, users' resources distributed across different cloud systems are accessed, shared and processed completely in the cloud, at third-party premises, effectively transferring the execution of entire business processes to the cloud. In this work, we approach security challenges and issues that arise from data and resource integrations of such scale. Our contribution aims at advancing privacy and confidentiality in collaboration flows of distributed, cross-domain systems. We focus on the perspective of resource owners, enabling automated, structured discovery and security orchestration of their resources hosted at various cloud premises. We furthermore consider the perspective of integration clients that access and process distributed resources on behalf of resource owners, providing the model for discovery, integration and fine-grained constraints of sharing requests. Our contribution is examined on a basis of the focused prototype that allows proxy-based integration with existing systems and web authorization protocols.
Original languageEnglish
Title of host publication2016 IEEE/IFIP Network Operations and Management Symposium (NOMS)
PublisherInstitute of Electrical and Electronics Engineers
Number of pages6
Publication statusPublished - 2016


  • web api
  • web services
  • cloud services
  • security policy
  • security management
  • authorization management
  • data integration
  • data security
  • integration workflow
  • integration platform

Fields of Expertise

  • Information, Communication & Computing


Dive into the research topics of 'User-centered Security Management of API-based Data Integration Workflows'. Together they form a unique fingerprint.

Cite this