Artikel in Tagungsband INPROC-2018-32

Zimmermann, Michael; Breitenbücher, Uwe; Krieger, Christoph; Leymann, Frank: Deployment Enforcement Rules for TOSCA-based Applications.
In: Yee, Georg (Hrsg); Rass, Stefan (Hrsg); Schauer, Stefan (Hrsg); Latzenhofer, Martin (Hrsg): Proceedings of The Twelfth International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2018).
Universität Stuttgart, Fakultät Informatik, Elektrotechnik und Informationstechnik.
S. 114-121, englisch.
Xpert Publishing Services, September 2018.
ISBN: 9781612086613.
Artikel in Tagungsband (Konferenz-Beitrag).
KörperschaftInternational Conference on Emerging Security Information, Systems and Technologies (SECURWARE)
CR-Klassif.D.2.11 (Software Engineering Software Architectures)
D.4.6 (Operating Systems Security and Protection)

In the context of Industry 4.0, gathering sensor dataand using data analysis software can lead to actionable insights,for example, enabling predictive maintenance. Since developingthese data analysis software requires some special expert knowl-edge, often external data scientist are charged for that. However,often the data to be analyzed is of vital importance and thus,must not leave the company. Therefore, applications developedand modeled as deployment models by third-parties have tobe enforced to be executed in the local company’s network.However, manually adapting a lot of these deployment modelsin order to meet the company’s requirements is cumbersome,time consuming and error-prone. Furthermore, some kind ofenforcement mechanism is required to really ensure that thesedata security and privacy requirements are fulfilled. Thus, in thispaper, we present an approach considering these issues duringthe deployment time of the application. The presented approachis based on the Topology and Orchestration Specification forCloud Applications (TOSCA), an OASIS standard enabling thedescription of cloud applications as well as their deployment. Theapproach enables the specification as well as the enforcement ofreoccurring and generic requirements and restrictions of TOSCA-based declarative deployment models, without the need to adaptor modify these deployment models. The practical feasibilityof the presented approach is validated by extending our open-source prototype OpenTOSCA, which provides a modeling tool,a TOSCA Runtime, as well as a self-service portal for TOSCA.

Abteilung(en)Universität Stuttgart, Institut für Architektur von Anwendungssystemen
Eingabedatum17. Oktober 2018
   Publ. Institut   Publ. Informatik