A Framework for Modelling Security Architectures in Services Ecosystems

Matthew Collinson; David Pym; Barry Taylor

doi:10.1007/978-3-642-33427-6_5

A Framework for Modelling Security Architectures in Services Ecosystems

Matthew Collinson, David Pym, Barry Taylor

Research output: Chapter in Book/Report/Conference proceeding › Chapter

Abstract

We develop a compositional framework for modelling security and business architectures based on rigorous underlying mathematical systems modelling technology. We explain the basic architectural model, which strictly separates declarative specification from operational implementation, and show architectures can interact by composition, substitution, and stacking. We illustrate these constructions using a running example based on airport security and an example based on (cloud-based) outsourcing, indicating how our approach can illustrate how security controls can fail or be circumvented in these cases. We explain our motivations from mathematical modelling and security economics, and conclude by indicating how to aim to develop a decision-support technology

Original language	English
Title of host publication	Service-Oriented and Cloud Computing
Subtitle of host publication	First European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings
Editors	Flavio De Paoli, Ernesto Pimentel, Gianluigi Zavaratto
Publisher	Springer
Pages	64-79
Number of pages	15
Volume	7592
ISBN (Electronic)	978-3-642-33427-6
ISBN (Print)	978-3-642-33426-9
DOIs	https://doi.org/10.1007/978-3-642-33427-6_5
Publication status	Published - 2012
Event	First European Conference, ESOCC 2012 - Bertinoro, Italy Duration: 19 Sept 2012 → 21 Sept 2012

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	7592
ISSN (Print)	0302-9743

Conference

Conference	First European Conference, ESOCC 2012
Country/Territory	Italy
City	Bertinoro
Period	19/09/12 → 21/09/12

Access to Document

10.1007/978-3-642-33427-6_5

Cite this

Collinson, M., Pym, D., & Taylor, B. (2012). A Framework for Modelling Security Architectures in Services Ecosystems. In F. De Paoli, E. Pimentel, & G. Zavaratto (Eds.), Service-Oriented and Cloud Computing: First European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings (Vol. 7592, pp. 64-79). (Lecture Notes in Computer Science ; Vol. 7592). Springer . https://doi.org/10.1007/978-3-642-33427-6_5

A Framework for Modelling Security Architectures in Services Ecosystems. / Collinson, Matthew; Pym, David; Taylor, Barry.
Service-Oriented and Cloud Computing: First European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings. ed. / Flavio De Paoli; Ernesto Pimentel; Gianluigi Zavaratto. Vol. 7592 Springer , 2012. p. 64-79 (Lecture Notes in Computer Science ; Vol. 7592).

Research output: Chapter in Book/Report/Conference proceeding › Chapter

Collinson, M, Pym, D & Taylor, B 2012, A Framework for Modelling Security Architectures in Services Ecosystems. in F De Paoli, E Pimentel & G Zavaratto (eds), Service-Oriented and Cloud Computing: First European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings. vol. 7592, Lecture Notes in Computer Science , vol. 7592, Springer , pp. 64-79, First European Conference, ESOCC 2012, Bertinoro, Italy, 19/09/12. https://doi.org/10.1007/978-3-642-33427-6_5

Collinson M, Pym D, Taylor B. A Framework for Modelling Security Architectures in Services Ecosystems. In De Paoli F, Pimentel E, Zavaratto G, editors, Service-Oriented and Cloud Computing: First European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings. Vol. 7592. Springer . 2012. p. 64-79. (Lecture Notes in Computer Science ). doi: 10.1007/978-3-642-33427-6_5

Collinson, Matthew ; Pym, David ; Taylor, Barry. / A Framework for Modelling Security Architectures in Services Ecosystems. Service-Oriented and Cloud Computing: First European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings. editor / Flavio De Paoli ; Ernesto Pimentel ; Gianluigi Zavaratto. Vol. 7592 Springer , 2012. pp. 64-79 (Lecture Notes in Computer Science ).

@inbook{0b7579ae2bec49bfbe9ce7ab39abb406,

title = "A Framework for Modelling Security Architectures in Services Ecosystems",

abstract = "We develop a compositional framework for modelling security and business architectures based on rigorous underlying mathematical systems modelling technology. We explain the basic architectural model, which strictly separates declarative specification from operational implementation, and show architectures can interact by composition, substitution, and stacking. We illustrate these constructions using a running example based on airport security and an example based on (cloud-based) outsourcing, indicating how our approach can illustrate how security controls can fail or be circumvented in these cases. We explain our motivations from mathematical modelling and security economics, and conclude by indicating how to aim to develop a decision-support technology",

author = "Matthew Collinson and David Pym and Barry Taylor",

year = "2012",

doi = "10.1007/978-3-642-33427-6_5",

language = "English",

isbn = "978-3-642-33426-9",

volume = "7592",

series = "Lecture Notes in Computer Science ",

publisher = "Springer ",

pages = "64--79",

editor = "{De Paoli}, {Flavio } and Pimentel, {Ernesto } and Gianluigi Zavaratto",

booktitle = "Service-Oriented and Cloud Computing",

note = "First European Conference, ESOCC 2012 ; Conference date: 19-09-2012 Through 21-09-2012",

}

TY - CHAP

T1 - A Framework for Modelling Security Architectures in Services Ecosystems

AU - Collinson, Matthew

AU - Pym, David

AU - Taylor, Barry

PY - 2012

Y1 - 2012

N2 - We develop a compositional framework for modelling security and business architectures based on rigorous underlying mathematical systems modelling technology. We explain the basic architectural model, which strictly separates declarative specification from operational implementation, and show architectures can interact by composition, substitution, and stacking. We illustrate these constructions using a running example based on airport security and an example based on (cloud-based) outsourcing, indicating how our approach can illustrate how security controls can fail or be circumvented in these cases. We explain our motivations from mathematical modelling and security economics, and conclude by indicating how to aim to develop a decision-support technology

AB - We develop a compositional framework for modelling security and business architectures based on rigorous underlying mathematical systems modelling technology. We explain the basic architectural model, which strictly separates declarative specification from operational implementation, and show architectures can interact by composition, substitution, and stacking. We illustrate these constructions using a running example based on airport security and an example based on (cloud-based) outsourcing, indicating how our approach can illustrate how security controls can fail or be circumvented in these cases. We explain our motivations from mathematical modelling and security economics, and conclude by indicating how to aim to develop a decision-support technology

U2 - 10.1007/978-3-642-33427-6_5

DO - 10.1007/978-3-642-33427-6_5

M3 - Chapter

SN - 978-3-642-33426-9

VL - 7592

T3 - Lecture Notes in Computer Science

SP - 64

EP - 79

BT - Service-Oriented and Cloud Computing

A2 - De Paoli, Flavio

A2 - Pimentel, Ernesto

A2 - Zavaratto, Gianluigi

PB - Springer

T2 - First European Conference, ESOCC 2012

Y2 - 19 September 2012 through 21 September 2012

ER -

A Framework for Modelling Security Architectures in Services Ecosystems

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this