Protecting Software as a Service in the Clouds by Validation
Identifieur interne : 001510 ( Main/Exploration ); précédent : 001509; suivant : 001511Protecting Software as a Service in the Clouds by Validation
Auteurs : Tien-Dung Cao [Viêt Nam] ; Kevin Chiew [Viêt Nam]Source :
- Lecture Notes in Computer Science [ 0302-9743 ]
Abstract
Abstract: The cloud computing has provided customers with various services at its SaaS layer though, few work has been done on the security checking of messages exchanged between a customer and a service provider at SaaS so as to protect SaaS. In this paper we propose a validation model to investigate the SaaS security issue. Rather than installing a set of probes as we have done for the testing web services, in this model we introduce a validation service that plays the role of a firewall and protects our SaaS by verifying the correctness of messages with respect to a set of predefined security rules and forwarding them to their real destinations if they pass the verification or rejecting them otherwise. We develop a prototype model based on the tool known as RV4WS which was developed in our early study on web service runtime verification, as well as a checking engine RVEngine to verify our checking algorithm for the model. A survey on how to use this model for the services deployed on Google App Engine, Window Azure and Oracle Java Cloud Service is also presented.
Url:
DOI: 10.1007/978-3-642-37804-1_5
Affiliations:
Links toward previous steps (curation, corpus...)
- to stream Istex, to step Corpus: 002F54
- to stream Istex, to step Curation: 002F15
- to stream Istex, to step Checkpoint: 000136
- to stream Main, to step Merge: 001522
- to stream Main, to step Curation: 001510
Le document en format XML
<record><TEI wicri:istexFullTextTei="biblStruct"><teiHeader><fileDesc><titleStmt><title xml:lang="en">Protecting Software as a Service in the Clouds by Validation</title><author><name sortKey="Cao, Tien Dung" sort="Cao, Tien Dung" uniqKey="Cao T" first="Tien-Dung" last="Cao">Tien-Dung Cao</name></author><author><name sortKey="Chiew, Kevin" sort="Chiew, Kevin" uniqKey="Chiew K" first="Kevin" last="Chiew">Kevin Chiew</name></author></titleStmt><publicationStmt><idno type="wicri:source">ISTEX</idno><idno type="RBID">ISTEX:C8269F3FA5BE88DC0506D096E78536AA6E1CE7AC</idno><date when="2013" year="2013">2013</date><idno type="doi">10.1007/978-3-642-37804-1_5</idno><idno type="url">https://api.istex.fr/ark:/67375/HCB-6VQXG2DP-W/fulltext.pdf</idno><idno type="wicri:Area/Istex/Corpus">002F54</idno><idno type="wicri:explorRef" wicri:stream="Istex" wicri:step="Corpus" wicri:corpus="ISTEX">002F54</idno><idno type="wicri:Area/Istex/Curation">002F15</idno><idno type="wicri:Area/Istex/Checkpoint">000136</idno><idno type="wicri:explorRef" wicri:stream="Istex" wicri:step="Checkpoint">000136</idno><idno type="wicri:doubleKey">0302-9743:2013:Cao T:protecting:software:as</idno><idno type="wicri:Area/Main/Merge">001522</idno><idno type="wicri:Area/Main/Curation">001510</idno><idno type="wicri:Area/Main/Exploration">001510</idno></publicationStmt><sourceDesc><biblStruct><analytic><title level="a" type="main" xml:lang="en">Protecting Software as a Service in the Clouds by Validation</title><author><name sortKey="Cao, Tien Dung" sort="Cao, Tien Dung" uniqKey="Cao T" first="Tien-Dung" last="Cao">Tien-Dung Cao</name><affiliation wicri:level="1"><country xml:lang="fr">Viêt Nam</country><wicri:regionArea>School of Engineering, Tan Tao University, Long An province</wicri:regionArea><wicri:noRegion>Long An province</wicri:noRegion></affiliation><affiliation wicri:level="1"><country wicri:rule="url">Viêt Nam</country></affiliation></author><author><name sortKey="Chiew, Kevin" sort="Chiew, Kevin" uniqKey="Chiew K" first="Kevin" last="Chiew">Kevin Chiew</name><affiliation wicri:level="1"><country xml:lang="fr">Viêt Nam</country><wicri:regionArea>School of Engineering, Tan Tao University, Long An province</wicri:regionArea><wicri:noRegion>Long An province</wicri:noRegion></affiliation><affiliation wicri:level="1"><country wicri:rule="url">Viêt Nam</country></affiliation></author></analytic><monogr></monogr><series><title level="s" type="main" xml:lang="en">Lecture Notes in Computer Science</title><idno type="ISSN">0302-9743</idno><idno type="eISSN">1611-3349</idno><idno type="ISSN">0302-9743</idno></series></biblStruct></sourceDesc><seriesStmt><idno type="ISSN">0302-9743</idno></seriesStmt></fileDesc><profileDesc><textClass></textClass></profileDesc></teiHeader><front><div type="abstract" xml:lang="en">Abstract: The cloud computing has provided customers with various services at its SaaS layer though, few work has been done on the security checking of messages exchanged between a customer and a service provider at SaaS so as to protect SaaS. In this paper we propose a validation model to investigate the SaaS security issue. Rather than installing a set of probes as we have done for the testing web services, in this model we introduce a validation service that plays the role of a firewall and protects our SaaS by verifying the correctness of messages with respect to a set of predefined security rules and forwarding them to their real destinations if they pass the verification or rejecting them otherwise. We develop a prototype model based on the tool known as RV4WS which was developed in our early study on web service runtime verification, as well as a checking engine RVEngine to verify our checking algorithm for the model. A survey on how to use this model for the services deployed on Google App Engine, Window Azure and Oracle Java Cloud Service is also presented.</div></front></TEI><affiliations><list><country><li>Viêt Nam</li></country></list><tree><country name="Viêt Nam"><noRegion><name sortKey="Cao, Tien Dung" sort="Cao, Tien Dung" uniqKey="Cao T" first="Tien-Dung" last="Cao">Tien-Dung Cao</name></noRegion><name sortKey="Cao, Tien Dung" sort="Cao, Tien Dung" uniqKey="Cao T" first="Tien-Dung" last="Cao">Tien-Dung Cao</name><name sortKey="Chiew, Kevin" sort="Chiew, Kevin" uniqKey="Chiew K" first="Kevin" last="Chiew">Kevin Chiew</name><name sortKey="Chiew, Kevin" sort="Chiew, Kevin" uniqKey="Chiew K" first="Kevin" last="Chiew">Kevin Chiew</name></country></tree></affiliations></record>Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Lorraine/explor/InforLorV4/Data/Main/Exploration
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 001510 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Main/Exploration/biblio.hfd -nk 001510 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Wicri/Lorraine
|area= InforLorV4
|flux= Main
|étape= Exploration
|type= RBID
|clé= ISTEX:C8269F3FA5BE88DC0506D096E78536AA6E1CE7AC
|texte= Protecting Software as a Service in the Clouds by Validation
}}
| This area was generated with Dilib version V0.6.33. |  |