Towards a Unified Secure Cloud Service Development and Deployment Life-cycle

Title

Towards a Unified Secure Cloud Service Development and Deployment Life-cycle

Authors

A. Hudic (AIT Austrian Institute of Technology), M. Flittner (Karlsruhe Institute of Technology), P. Radl (AIT Austrian Institute of Technology), T. Lorunser (AIT Austrian Institute of Technology), R. Bless (Karlsruhe Institute of Technology)

Abstract

Designing and developing cloud services is a challenging task that includes requirements engineering, secure service deployment, maintenance, assurance that proper actions have been taken to support security and, in addition, considering legal aspects. This is unfortunately not possible by taking current methods and techniques into consideration. Therefore, we require a systematic and comprehensive approach for building such services that starts the integration of security concerns from early stages of design and development, and continuous to refines and integrate them in the deployment phase. In this paper we therefore propose a solution that integrates security requirements engineering and continuous refinement in a comprehensive security development and deployment life-cycle for cloud services and applications. Our approach is focused on iterative refinement of the security-based requirements during both software engineering (development phase) and software maintenance (deployment phase).

Venue

SAW Workshop - ARES 2016 (https://www.ares-conference.eu/conference/workshopsares2016/saw-2016/)

Place and Date

Salzburg, Austria, August 31 – September 2, 2016.

Bibtex

@inproceedings{Hudic2016Towards,
    author       = {A. Hudic and M. Flittner and P. Radl and T. Lorunser and R. Bless},
    title        = {{Towards a Unified Secure Cloud Service Development and Deployment Life-cycle}},
    booktitle    = {11th International Conference on Availability, Reliability and Security (ARES), 2016 },
    year         = 2016,
    month        = SEP
}