A Framework for Modelling Security Architectures in Services Ecosystems

Matthew Collinson, David Pym, Barry Taylor

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

We develop a compositional framework for modelling security and business architectures based on rigorous underlying mathematical systems modelling technology. We explain the basic architectural model, which strictly separates declarative specification from operational implementation, and show architectures can interact by composition, substitution, and stacking. We illustrate these constructions using a running example based on airport security and an example based on (cloud-based) outsourcing, indicating how our approach can illustrate how security controls can fail or be circumvented in these cases. We explain our motivations from mathematical modelling and security economics, and conclude by indicating how to aim to develop a decision-support technology
Original languageEnglish
Title of host publicationService-Oriented and Cloud Computing
Subtitle of host publicationFirst European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings
EditorsFlavio De Paoli, Ernesto Pimentel, Gianluigi Zavaratto
PublisherSpringer
Pages64-79
Number of pages15
Volume7592
ISBN (Electronic)978-3-642-33427-6
ISBN (Print)978-3-642-33426-9
DOIs
Publication statusPublished - 2012
EventFirst European Conference, ESOCC 2012 - Bertinoro, Italy
Duration: 19 Sep 201221 Sep 2012

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume7592
ISSN (Print)0302-9743

Conference

ConferenceFirst European Conference, ESOCC 2012
CountryItaly
CityBertinoro
Period19/09/1221/09/12

Fingerprint

Ecosystems
Airport security
Outsourcing
Substitution reactions
Specifications
Economics
Chemical analysis
Industry

Cite this

Collinson, M., Pym, D., & Taylor, B. (2012). A Framework for Modelling Security Architectures in Services Ecosystems. In F. De Paoli, E. Pimentel, & G. Zavaratto (Eds.), Service-Oriented and Cloud Computing: First European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings (Vol. 7592, pp. 64-79). (Lecture Notes in Computer Science ; Vol. 7592). Springer . https://doi.org/10.1007/978-3-642-33427-6_5

A Framework for Modelling Security Architectures in Services Ecosystems. / Collinson, Matthew; Pym, David; Taylor, Barry.

Service-Oriented and Cloud Computing: First European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings. ed. / Flavio De Paoli; Ernesto Pimentel; Gianluigi Zavaratto. Vol. 7592 Springer , 2012. p. 64-79 (Lecture Notes in Computer Science ; Vol. 7592).

Research output: Chapter in Book/Report/Conference proceedingChapter

Collinson, M, Pym, D & Taylor, B 2012, A Framework for Modelling Security Architectures in Services Ecosystems. in F De Paoli, E Pimentel & G Zavaratto (eds), Service-Oriented and Cloud Computing: First European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings. vol. 7592, Lecture Notes in Computer Science , vol. 7592, Springer , pp. 64-79, First European Conference, ESOCC 2012, Bertinoro, Italy, 19/09/12. https://doi.org/10.1007/978-3-642-33427-6_5
Collinson M, Pym D, Taylor B. A Framework for Modelling Security Architectures in Services Ecosystems. In De Paoli F, Pimentel E, Zavaratto G, editors, Service-Oriented and Cloud Computing: First European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings. Vol. 7592. Springer . 2012. p. 64-79. (Lecture Notes in Computer Science ). https://doi.org/10.1007/978-3-642-33427-6_5
Collinson, Matthew ; Pym, David ; Taylor, Barry. / A Framework for Modelling Security Architectures in Services Ecosystems. Service-Oriented and Cloud Computing: First European Conference, ESOCC 2012, Bertinoro, Italy, September 19-21, 2012. Proceedings. editor / Flavio De Paoli ; Ernesto Pimentel ; Gianluigi Zavaratto. Vol. 7592 Springer , 2012. pp. 64-79 (Lecture Notes in Computer Science ).
@inbook{0b7579ae2bec49bfbe9ce7ab39abb406,
title = "A Framework for Modelling Security Architectures in Services Ecosystems",
abstract = "We develop a compositional framework for modelling security and business architectures based on rigorous underlying mathematical systems modelling technology. We explain the basic architectural model, which strictly separates declarative specification from operational implementation, and show architectures can interact by composition, substitution, and stacking. We illustrate these constructions using a running example based on airport security and an example based on (cloud-based) outsourcing, indicating how our approach can illustrate how security controls can fail or be circumvented in these cases. We explain our motivations from mathematical modelling and security economics, and conclude by indicating how to aim to develop a decision-support technology",
author = "Matthew Collinson and David Pym and Barry Taylor",
year = "2012",
doi = "10.1007/978-3-642-33427-6_5",
language = "English",
isbn = "978-3-642-33426-9",
volume = "7592",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "64--79",
editor = "{De Paoli}, {Flavio } and Pimentel, {Ernesto } and Gianluigi Zavaratto",
booktitle = "Service-Oriented and Cloud Computing",

}

TY - CHAP

T1 - A Framework for Modelling Security Architectures in Services Ecosystems

AU - Collinson, Matthew

AU - Pym, David

AU - Taylor, Barry

PY - 2012

Y1 - 2012

N2 - We develop a compositional framework for modelling security and business architectures based on rigorous underlying mathematical systems modelling technology. We explain the basic architectural model, which strictly separates declarative specification from operational implementation, and show architectures can interact by composition, substitution, and stacking. We illustrate these constructions using a running example based on airport security and an example based on (cloud-based) outsourcing, indicating how our approach can illustrate how security controls can fail or be circumvented in these cases. We explain our motivations from mathematical modelling and security economics, and conclude by indicating how to aim to develop a decision-support technology

AB - We develop a compositional framework for modelling security and business architectures based on rigorous underlying mathematical systems modelling technology. We explain the basic architectural model, which strictly separates declarative specification from operational implementation, and show architectures can interact by composition, substitution, and stacking. We illustrate these constructions using a running example based on airport security and an example based on (cloud-based) outsourcing, indicating how our approach can illustrate how security controls can fail or be circumvented in these cases. We explain our motivations from mathematical modelling and security economics, and conclude by indicating how to aim to develop a decision-support technology

U2 - 10.1007/978-3-642-33427-6_5

DO - 10.1007/978-3-642-33427-6_5

M3 - Chapter

SN - 978-3-642-33426-9

VL - 7592

T3 - Lecture Notes in Computer Science

SP - 64

EP - 79

BT - Service-Oriented and Cloud Computing

A2 - De Paoli, Flavio

A2 - Pimentel, Ernesto

A2 - Zavaratto, Gianluigi

PB - Springer

ER -