{"title":"基于api的数据集成工作流的以用户为中心的安全管理","authors":"Bojan Suzic","doi":"10.1109/NOMS.2016.7502993","DOIUrl":null,"url":null,"abstract":"One of the consequences of the present adoption of cloud-based services among organizations is the increasing rate of outsourcing of business and technical functions to third parties. The recent approaches such as cloud integration platforms (iPaaS) facilitate this trend even further. In this scenario, users' resources distributed across different cloud systems are accessed, shared and processed completely in the cloud, at third-party premises, effectively transferring the execution of entire business processes to the cloud. In this work, we approach security challenges and issues that arise from data and resource integrations of such scale. Our contribution aims at advancing privacy and confidentiality in collaboration flows of distributed, cross-domain systems. We focus on the perspective of resource owners, enabling automated, structured discovery and security orchestration of their resources hosted at various cloud premises. We furthermore consider the perspective of integration clients that access and process distributed resources on behalf of resource owners, providing the model for discovery, integration and fine-grained constraints of sharing requests. Our contribution is examined on a basis of the focused prototype that allows proxy-based integration with existing systems and web authorization protocols.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"User-centered security management of API-based data integration workflows\",\"authors\":\"Bojan Suzic\",\"doi\":\"10.1109/NOMS.2016.7502993\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"One of the consequences of the present adoption of cloud-based services among organizations is the increasing rate of outsourcing of business and technical functions to third parties. The recent approaches such as cloud integration platforms (iPaaS) facilitate this trend even further. In this scenario, users' resources distributed across different cloud systems are accessed, shared and processed completely in the cloud, at third-party premises, effectively transferring the execution of entire business processes to the cloud. In this work, we approach security challenges and issues that arise from data and resource integrations of such scale. Our contribution aims at advancing privacy and confidentiality in collaboration flows of distributed, cross-domain systems. We focus on the perspective of resource owners, enabling automated, structured discovery and security orchestration of their resources hosted at various cloud premises. We furthermore consider the perspective of integration clients that access and process distributed resources on behalf of resource owners, providing the model for discovery, integration and fine-grained constraints of sharing requests. Our contribution is examined on a basis of the focused prototype that allows proxy-based integration with existing systems and web authorization protocols.\",\"PeriodicalId\":344879,\"journal\":{\"name\":\"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-04-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NOMS.2016.7502993\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NOMS.2016.7502993","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
User-centered security management of API-based data integration workflows
One of the consequences of the present adoption of cloud-based services among organizations is the increasing rate of outsourcing of business and technical functions to third parties. The recent approaches such as cloud integration platforms (iPaaS) facilitate this trend even further. In this scenario, users' resources distributed across different cloud systems are accessed, shared and processed completely in the cloud, at third-party premises, effectively transferring the execution of entire business processes to the cloud. In this work, we approach security challenges and issues that arise from data and resource integrations of such scale. Our contribution aims at advancing privacy and confidentiality in collaboration flows of distributed, cross-domain systems. We focus on the perspective of resource owners, enabling automated, structured discovery and security orchestration of their resources hosted at various cloud premises. We furthermore consider the perspective of integration clients that access and process distributed resources on behalf of resource owners, providing the model for discovery, integration and fine-grained constraints of sharing requests. Our contribution is examined on a basis of the focused prototype that allows proxy-based integration with existing systems and web authorization protocols.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
