Auditing Requirements for Implementing the Chinese Wall Model in the Service Cloud

2013 IEEE Ninth World Congress on Services Pub Date : 2013-06-28 DOI:10.1109/SERVICES.2013.44

Sarra M. Alqahtani, R. Gamble, I. Ray

{"title":"Auditing Requirements for Implementing the Chinese Wall Model in the Service Cloud","authors":"Sarra M. Alqahtani, R. Gamble, I. Ray","doi":"10.1109/SERVICES.2013.44","DOIUrl":null,"url":null,"abstract":"The service cloud model allows for the composition of services into an application that can respond to tenant requests. The composition of services, which may originate with different vendors, results in a service chain that supports end-to-end round trip messaging. Thus, the service cloud model must support provisioning services for the request without incurring a conflict of interest (COI) in their message exchange among vendors. Service vendors must disclose their COI classes for storage and analysis by the cloud because as services are provisioned to an application, additional conflict classes may be added, preventing the service from future compositions to avoid COI. In this paper, we present a strategy to centrally store and monitor COI classes for services in a service chain using principles of the Chinese Wall Model. We introduce a Security Monitoring Database (SMDB) that audits and monitors the COI classes as they exist or are assigned to hosted services, including the tenant services making requests. We describe an algorithm to prevent COI before provisioning services and dynamically detect it during run time due to concurrent service invocations using the SMDB information.","PeriodicalId":169370,"journal":{"name":"2013 IEEE Ninth World Congress on Services","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE Ninth World Congress on Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERVICES.2013.44","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

The service cloud model allows for the composition of services into an application that can respond to tenant requests. The composition of services, which may originate with different vendors, results in a service chain that supports end-to-end round trip messaging. Thus, the service cloud model must support provisioning services for the request without incurring a conflict of interest (COI) in their message exchange among vendors. Service vendors must disclose their COI classes for storage and analysis by the cloud because as services are provisioned to an application, additional conflict classes may be added, preventing the service from future compositions to avoid COI. In this paper, we present a strategy to centrally store and monitor COI classes for services in a service chain using principles of the Chinese Wall Model. We introduce a Security Monitoring Database (SMDB) that audits and monitors the COI classes as they exist or are assigned to hosted services, including the tenant services making requests. We describe an algorithm to prevent COI before provisioning services and dynamically detect it during run time due to concurrent service invocations using the SMDB information.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

服务云中中国墙模型实施的审计要求

服务云模型允许将服务组合到可以响应租户请求的应用程序中。服务的组合(可能来自不同的供应商)产生了一个支持端到端往返消息传递的服务链。因此，服务云模型必须支持为请求提供服务，而不会在供应商之间的消息交换中产生利益冲突(COI)。服务供应商必须公开其COI类以供云存储和分析，因为在向应用程序提供服务时，可能会添加额外的冲突类，从而阻止服务将来组合以避免COI。在本文中，我们提出了一种使用中国墙模型的原则来集中存储和监控服务链中服务的COI类的策略。我们引入一个安全监视数据库(SMDB)，它在COI类存在或分配给托管服务(包括发出请求的租户服务)时对它们进行审计和监视。我们描述了一种算法，用于在提供服务之前防止COI，并在运行时动态检测由于使用SMDB信息并发服务调用而导致的COI。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2013 IEEE Ninth World Congress on Services

自引率

0.00%

发文量