A Security Requirements Modelling Language to Secure Cloud Computing Environments

0
56

Authors: Aidan Delaney, Haralambos Mouratidis, Shaun Shei

Tags: 2017, conceptual modeling

This paper presents a cloud-enhanced modelling language for capturing and describing cloud computing environments, enabling developers to model and reason about security issues in cloud systems from a security requirements engineering perspective. Our work builds upon concepts from the Secure Tropos methodology, where in this paper we introduce novel cloud computing concepts, relationships and properties in order to carry out analysis and produce cloud security requirements. We illustrate our concepts through a case study of a cloud-based career office system from the University of the Aegean. Finally we discuss how our cloud modelling language enriches cloud models with security concepts, guiding developers of cloud systems in understanding cloud vulnerabilities and mitigation strategies through semi-automated security analysis.

Read the full paper here: https://link.springer.com/chapter/10.1007/978-3-319-59466-8_21