D7.3 Progress report on holistic security model for secure service composition
UNI PASSAU, AIT, ATOS, UNIL
In this report we describe the concept behind PRISMACLOUD's service capabilities. A Service Capability is a security & privacy relevant property that is of importance for the application domain of the service and that can be described in a speciFIc machine readable language in order to compare the service with other services according to the fulFIlment of the property. It allows PRISMACLOUD to abstractly communicate enhancements towards the service consumers like end-users and application developers. Service capabilities are what the application level sees from PRISMACLOUD's work and they are part of the associated development methodology: Cryptographic Service Development Lifecycle (CryptSDLC). In this first of two reports we show how service capabilities are modelled and how they get linked to the lower layers of the PRISMACLOUD architecture. PRISMACLOUD 's holistic view aids the implementation of the services in software, as a rigorous transformation process is described (facilitating the functional programming language Haskell). This transformation process links the service capability and the conFIgurations, such that the software libraries -the Prismacloud tools- are be parameterised adequately and also the service's logic can be adjusted to full the customer requirements explained by the service capability. Thus, this is another step towards PRISMACLOUD 's goal to holistically capture all the complexity and interdisciplinary (cryptographic-, software- development-, application-domain-) knowledge that is necessary to build cryptographic applications.
The service capability's transformation process from and into the tool's configuration is transforming the cryptographic knowledge into a Haskell model. PRISMACLOUD aims to model the relationship between certain parameters of the tools. For example, assume the tool creates replicas, so called shares, of data to be stored in the cloud and assume further that each share gets stored on a different cloud storage provider. Each of the selected multiple storage providers advertises different availability levels. With this tool being used in a service, a service capability like "What is the availability?" would need to know how the tool is used as a certain conguration might need to always retrieve x out of those y shares to reconstruct the original data. Thus, this conguration ("x out of y") and the availability of the involved storage providers will be modelled in the transformation process.
We see that service developers can use the service capabilities to advertise their newly developed services easily to the market, they can use the bottom-up steps described in this report to derive a capability from their tool's configuration. However, we hope that it will be even better to use the transformation process in a top-down direction, as this allows to adapt the conguration and inner workings of their service to swiftly address changing customer demands.
The intended audience are end-users as well as application designers and service developers that can communicate using the service capabilities.