User-centered Security Management of API-based Data Integration Workflows

Bojan Suzic

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

One of the consequences of the present adoption of cloud-based services among organizations is the increasing rate of outsourcing of business and technical functions to third parties. The recent approaches such as cloud integration platforms (iPaaS) facilitate this trend even further. In this scenario, users' resources distributed across different cloud systems are accessed, shared and processed completely in the cloud, at third-party premises, effectively transferring the execution of entire business processes to the cloud. In this work, we approach security challenges and issues that arise from data and resource integrations of such scale. Our contribution aims at advancing privacy and confidentiality in collaboration flows of distributed, cross-domain systems. We focus on the perspective of resource owners, enabling automated, structured discovery and security orchestration of their resources hosted at various cloud premises. We furthermore consider the perspective of integration clients that access and process distributed resources on behalf of resource owners, providing the model for discovery, integration and fine-grained constraints of sharing requests. Our contribution is examined on a basis of the focused prototype that allows proxy-based integration with existing systems and web authorization protocols.
Original languageEnglish
Title of host publication2016 IEEE/IFIP Network Operations and Management Symposium (NOMS)
PublisherInstitute of Electrical and Electronics Engineers
Pages1233-1238
Number of pages6
DOIs
Publication statusPublished - 2016

Fingerprint

Data integration
Application programming interfaces (API)
Outsourcing
Industry
Network protocols

Keywords

  • web api
  • web services
  • cloud services
  • security policy
  • security management
  • authorization management
  • data integration
  • data security
  • integration workflow
  • integration platform

Fields of Expertise

  • Information, Communication & Computing

Cite this

Suzic, B. (2016). User-centered Security Management of API-based Data Integration Workflows. In 2016 IEEE/IFIP Network Operations and Management Symposium (NOMS) (pp. 1233-1238). Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/NOMS.2016.7502993

User-centered Security Management of API-based Data Integration Workflows. / Suzic, Bojan.

2016 IEEE/IFIP Network Operations and Management Symposium (NOMS). Institute of Electrical and Electronics Engineers, 2016. p. 1233-1238.

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Suzic, B 2016, User-centered Security Management of API-based Data Integration Workflows. in 2016 IEEE/IFIP Network Operations and Management Symposium (NOMS). Institute of Electrical and Electronics Engineers, pp. 1233-1238. https://doi.org/10.1109/NOMS.2016.7502993
Suzic B. User-centered Security Management of API-based Data Integration Workflows. In 2016 IEEE/IFIP Network Operations and Management Symposium (NOMS). Institute of Electrical and Electronics Engineers. 2016. p. 1233-1238 https://doi.org/10.1109/NOMS.2016.7502993
Suzic, Bojan. / User-centered Security Management of API-based Data Integration Workflows. 2016 IEEE/IFIP Network Operations and Management Symposium (NOMS). Institute of Electrical and Electronics Engineers, 2016. pp. 1233-1238
@inproceedings{ca69e7cda66d4cec84690dda7f8760ba,
title = "User-centered Security Management of API-based Data Integration Workflows",
abstract = "One of the consequences of the present adoption of cloud-based services among organizations is the increasing rate of outsourcing of business and technical functions to third parties. The recent approaches such as cloud integration platforms (iPaaS) facilitate this trend even further. In this scenario, users' resources distributed across different cloud systems are accessed, shared and processed completely in the cloud, at third-party premises, effectively transferring the execution of entire business processes to the cloud. In this work, we approach security challenges and issues that arise from data and resource integrations of such scale. Our contribution aims at advancing privacy and confidentiality in collaboration flows of distributed, cross-domain systems. We focus on the perspective of resource owners, enabling automated, structured discovery and security orchestration of their resources hosted at various cloud premises. We furthermore consider the perspective of integration clients that access and process distributed resources on behalf of resource owners, providing the model for discovery, integration and fine-grained constraints of sharing requests. Our contribution is examined on a basis of the focused prototype that allows proxy-based integration with existing systems and web authorization protocols.",
keywords = "api, service integration, api integration, cloud, integration platform, ipaas, oauth, uma, user-managed access, interoperable security, security policy, json-ld, linked data, linked data security, encryption, web api, web services, cloud services, security policy, security management, authorization management, data integration, data security, integration workflow, integration platform",
author = "Bojan Suzic",
note = "This work has been supported by the EU H2020 Programme under the SUNFISH project, grant agreement N.644666.",
year = "2016",
doi = "10.1109/NOMS.2016.7502993",
language = "English",
pages = "1233--1238",
booktitle = "2016 IEEE/IFIP Network Operations and Management Symposium (NOMS)",
publisher = "Institute of Electrical and Electronics Engineers",
address = "United States",

}

TY - GEN

T1 - User-centered Security Management of API-based Data Integration Workflows

AU - Suzic, Bojan

N1 - This work has been supported by the EU H2020 Programme under the SUNFISH project, grant agreement N.644666.

PY - 2016

Y1 - 2016

N2 - One of the consequences of the present adoption of cloud-based services among organizations is the increasing rate of outsourcing of business and technical functions to third parties. The recent approaches such as cloud integration platforms (iPaaS) facilitate this trend even further. In this scenario, users' resources distributed across different cloud systems are accessed, shared and processed completely in the cloud, at third-party premises, effectively transferring the execution of entire business processes to the cloud. In this work, we approach security challenges and issues that arise from data and resource integrations of such scale. Our contribution aims at advancing privacy and confidentiality in collaboration flows of distributed, cross-domain systems. We focus on the perspective of resource owners, enabling automated, structured discovery and security orchestration of their resources hosted at various cloud premises. We furthermore consider the perspective of integration clients that access and process distributed resources on behalf of resource owners, providing the model for discovery, integration and fine-grained constraints of sharing requests. Our contribution is examined on a basis of the focused prototype that allows proxy-based integration with existing systems and web authorization protocols.

AB - One of the consequences of the present adoption of cloud-based services among organizations is the increasing rate of outsourcing of business and technical functions to third parties. The recent approaches such as cloud integration platforms (iPaaS) facilitate this trend even further. In this scenario, users' resources distributed across different cloud systems are accessed, shared and processed completely in the cloud, at third-party premises, effectively transferring the execution of entire business processes to the cloud. In this work, we approach security challenges and issues that arise from data and resource integrations of such scale. Our contribution aims at advancing privacy and confidentiality in collaboration flows of distributed, cross-domain systems. We focus on the perspective of resource owners, enabling automated, structured discovery and security orchestration of their resources hosted at various cloud premises. We furthermore consider the perspective of integration clients that access and process distributed resources on behalf of resource owners, providing the model for discovery, integration and fine-grained constraints of sharing requests. Our contribution is examined on a basis of the focused prototype that allows proxy-based integration with existing systems and web authorization protocols.

KW - api

KW - service integration

KW - api integration

KW - cloud

KW - integration platform

KW - ipaas

KW - oauth

KW - uma

KW - user-managed access

KW - interoperable security

KW - security policy

KW - json-ld

KW - linked data

KW - linked data security

KW - encryption

KW - web api

KW - web services

KW - cloud services

KW - security policy

KW - security management

KW - authorization management

KW - data integration

KW - data security

KW - integration workflow

KW - integration platform

U2 - 10.1109/NOMS.2016.7502993

DO - 10.1109/NOMS.2016.7502993

M3 - Conference contribution

SP - 1233

EP - 1238

BT - 2016 IEEE/IFIP Network Operations and Management Symposium (NOMS)

PB - Institute of Electrical and Electronics Engineers

ER -