Risk-aware Business Process Modelling and Trusted Deployment in the Cloud

Elio Goettelmann 1, 2, 3
1 SCORE - Services and Cooperation
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
2 COAST - Web Scale Trustworthy Collaborative Service Systems
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : Nowadays service ecosystems rely on dynamic software service chains that span over multiple organisations and providers. They provide an agile support for business applications, governments of end-users. This trend is reinforced by the Cloud based economy that allows sharing of costs and resources. However, the lack of trust in such cloud environments, that involve higher security requirements, is often seen as a braking force to the development of such services. The objective of this thesis is to study the concepts of service orchestration and trust in the context of the Cloud. It proposes an approach which supports a trust model in order to allow the orchestration of trusted business process components on the cloud. The contribution is threefold and consists in a method, a model and a framework. The method categorizes techniques to transform an existing business process into a risk-aware process model that takes into account security risks related to cloud environments. The model formalizes the relations and the responsibilities between the different actors of the cloud. This allows to identify the different information required to assess and quantify security risks in cloud environments. The framework is a comprehensive approach that decomposes a business process into fragments that can automatically be deployed on multiple clouds. The framework also integrates a selection algorithm that combines security information with other quality of service criteria to generate an optimized configuration. Finally, the work is implemented in order to validate the approach. The framework is implemented in a tool. The security assessment model is also applied over an access control model. The last part presents the results of the implementation of our work on a real world use case.
Document type :
Theses
Complete list of metadatas

Cited literature [89 references]  Display  Hide  Download

https://hal.inria.fr/tel-01751996
Contributor : Elio Goettelmann <>
Submitted on : Thursday, December 3, 2015 - 3:53:27 PM
Last modification on : Tuesday, December 18, 2018 - 4:26:02 PM
Long-term archiving on : Friday, March 4, 2016 - 2:00:25 PM

Identifiers

  • HAL Id : tel-01751996, version 2

Citation

Elio Goettelmann. Risk-aware Business Process Modelling and Trusted Deployment in the Cloud. Web. Université de Lorraine, 2015. English. ⟨NNT : 2015LORR0144⟩. ⟨tel-01751996v2⟩

Share

Metrics

Record views

621

Files downloads

1294