Abstract
The development of web 2.0 increases the call for agile and simple business process support. SOA (Service oriented Architecture) provides companies a new model to build their IT applications around their business processes and to combine them dynamically with the services of partner companies. Moreover cloud computing offers new business models and deployment opportunities to support adaptive and scalable execution environment. However, to provide services collaboration from several companies, the security policy associate to each company must be respected. So, the Business Process (BP) provides by these companies services inter-connections should be adapted to the security policy of each company and to the platform where it will be deployed. This leads to propose a new platform based on MDE (Model-Driven Engineering) approach to allow companies to build and deploy safely their BP in the Cloud environments.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
OMG (Object Management Group), (2011). Business Process Model and Notation (BPMN) Version 2.0, http://www.omg.org/spec/BPMN/2.0
Backes M, Pfitzmann B, Waider M (2003) Security in Business Process Engineering. In: vander Aalst, W.M.P., ter Hofstede, A.H.M., Weske, M. (eds.) BPM 2003. LNCS, vol. 2678,pp. 168–183. Springer, Heidelberg
Herrmann P, Herrmann G (2006) Security requirement analysis of business processes. Electronic Commerce Research 6(3-4), 305–335
Rodriguez A., Fernandez-Medina E., Piattini M., (2007) A BPMN extension for the modelling of security requirements in business processes, the institute of electronics, Information and Communication Engineers (IEICE), Vol.E90-D, NO.4.
Mülle J, von Stackelberg S, Klemen A (2011) Security Language for BPMN Process Models, Karlsruhe institute of technology, Germany.
ANSI (Agence National de la sécurité des SI), (2004). Expression des besoins et identification des objectifs de sécurité. La démarche”, Version 2.
Club de la sécurité de l’Information Français (CLUSIF), (2010). MEHARI 2010. Guide de la démarche d’analyse et de traitement des risques.
Dorofee A (2002) Managing information security risks across the enterprise, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA 15213.
Alberts, C., Dorofee, A., Stevens J., Woody C., (2003). Introduction to the OCTAVE Approach, Carnegie Mellon University, Pittsburgh.
Moore AP, Ellison R J, (2001) Architectural Refinement for the Design of Survivable Systems, Technical Note (CMU/SEI-2001-TN-008). Software Engineering Institute, Carnegie Mellon University.
Mell P, Grance T, J (2011) The NIST Definition of Cloud Computing, Recommendations of the National Institute of Standards and Technology, NIST Special Publication 800-145
Sinclair J, Hudzia B, Lindner M (2011) The first International Conference on Cloud Computing and Services Science, CLOSER 2011 “Architecture for compliance analysis of distributed service based systems”. Belfast, Northern Ireland, U.K.
US Government, (2001).Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act, Title V, s 505.
Cloud Cube Model: Selecting Cloud Formations for Secure Collaboration, Jericho Forum, Version 1.0, (April 2009), http://www.opengroup.org/jericho/cloud_cube_model_v1.0.pdf.
Organization for the Advancement of Structured Information Standards (OASIS), (2009). OASIS: Reference Architecture Foundation for Service Oriented Architecture, Version 1.0.
Lima Dutra M, Ghodous P, Kuhn O, Minh T (2010) A Generic and Synchronous Ontology-based Architecture for Collaborative Design. Concurrent Engineering, Research and Applications 18(1):65-74, Sage, ISSN 1063 293X.2010.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag London
About this paper
Cite this paper
Ouedraogo, W.F., Biennier, F., Ghodous, P. (2013). A Model Driven Security Engineering Approach to Support Collaborative Tools Deployment Over Clouds. In: Stjepandić, J., Rock, G., Bil, C. (eds) Concurrent Engineering Approaches for Sustainable Product Development in a Multi-Disciplinary Environment. Springer, London. https://doi.org/10.1007/978-1-4471-4426-7_95
Download citation
DOI: https://doi.org/10.1007/978-1-4471-4426-7_95
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-4425-0
Online ISBN: 978-1-4471-4426-7
eBook Packages: EngineeringEngineering (R0)