User-centered security management of API-based data integration workflows

Abstract

One of the consequences of the present adoption of cloud-based services among organizations is the increasing rate of outsourcing of business and technical functions to third parties. The recent approaches such as cloud integration platforms (iPaaS) facilitate this trend even further. In this scenario, users' resources distributed across different cloud systems are accessed, shared and processed completely in the cloud, at third-party premises, effectively transferring the execution of entire business processes to the cloud. In this work, we approach security challenges and issues that arise from data and resource integrations of such scale. Our contribution aims at advancing privacy and confidentiality in collaboration flows of distributed, cross-domain systems. We focus on the perspective of resource owners, enabling automated, structured discovery and security orchestration of their resources hosted at various cloud premises. We furthermore consider the perspective of integration clients that access and process distributed resources on behalf of resource owners, providing the model for discovery, integration and fine-grained constraints of sharing requests. Our contribution is examined on a basis of the focused prototype that allows proxy-based integration with existing systems and web authorization protocols.