Access Control and Security Properties Requirements Specification for Clouds' SecLAs - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2013

Access Control and Security Properties Requirements Specification for Clouds' SecLAs

Résumé

Current Cloud Service Level Agreements (SLAs) do not cover security requirements. Some consortiums have proposed standards for the evaluation of security offered by the Cloud Providers (CP). Cloud Brokers (CB) can then generate Security Level Agreement (SecLA) contracts between customers and providers to fit users' requirements. However, the SecLAs do not provide enough details for complex customers' situations, such as sharing resources with other users/companies, or set up specific Access Controls and Security Properties (ACSP). In this paper, we tackle this issue, by introducing a general Requirement Specification Language (ACSP-RSL) to allow the customers to express their needs in term of ACSP. The underlying formal model, on which is based RSL, is partially presented. The global SecLA definition and negotiation process is thus extended with our proposal. RSL indeed also allows to express Security Requirements currently existing in SecLAs. The negotiation phase between CB and the CPs is discussed. We show how the RSL specifications expressed by the customer can be projected into a generic detection/protection policy expressed as an extension of RSL. A complete use-case for a healthcare system with multi-tenancy for users and services deployed is given. Its security requirements are analyzed, modeled, expressed and discussed.
Fichier non déposé

Dates et versions

hal-00920768 , version 1 (19-12-2013)

Identifiants

  • HAL Id : hal-00920768 , version 1

Citer

Asma Guesmi, Patrice Clemente. Access Control and Security Properties Requirements Specification for Clouds' SecLAs. CloudCom 2013, Dec 2013, Bristol, United Kingdom. pp.723-729. ⟨hal-00920768⟩

Relations

101 Consultations
0 Téléchargements

Partager

Gmail Facebook X LinkedIn More