On-Demand Dynamic Security for Risk-Based Secure Collaboration in Clouds

Industrial adoption of cloud computing for collaborative business processes is limited by their ability to meet inter-enterprise security requirements. Although some clouds offerings comply with security standards, no solution today allows businesses to assess security compliance of applications at the business level and dynamically link to security countermeasures on-demand. In this paper, we present a Platform-as-a-Service infrastructure that combines semantic security risk management tools with dynamic web service policy frameworks to support the mitigation of security threats throughout the lifecycle of a service-oriented application deployed within the cloud. The platform address the need to model security requirements, dynamically provision and configure security services and link operational security events to vulnerabilities and impact assessments at the business level. The Platform has been evaluated using a collaborative engineering design scenario and a proof-of-concept deployed at a multi-tenant cloud as part of the UK CFMS project. The work is being further enhanced in the European Funded SERSCIS project.