Malicious clouds coalition management for business processes deployment

Abstract

Cloud computing has raised concerns about security, causing many companies to hesitate in adopting it. Despite these concerns, there are methods available to address the risks associated with implementing a business process (BP) in the cloud. One common approach involves breaking down the BP model into smaller fragments, allowing each cloud provider access to a specific part of the overall model. However, this method fails to protect against collaboration between malicious cloud providers, which, by pooling their knowledge, can exploit the logic of the process. To tackle this issue, our paper proposes an approach that effectively manages coalitions when they arise. To do this, we introduce observer and deceiver fragments, which play a crucial role in redirecting the process execution toward a fake task. This strategic redirection prevents access to important information. The obtained results demonstrate that our proposed solution enhances security, mitigates risks, and does not necessarily lead to higher costs compared to other methods based solely on splitting.