Article in Proceedings INPROC-2018-32

BibliographyZimmermann, Michael; Breitenbücher, Uwe; Krieger, Christoph; Leymann, Frank: Deployment Enforcement Rules for TOSCA-based Applications.
In: Yee, Georg (ed.); Rass, Stefan (ed.); Schauer, Stefan (ed.); Latzenhofer, Martin (ed.): Proceedings of The Twelfth International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2018).
University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology.
pp. 114-121, english.
Xpert Publishing Services, September 2018.
ISBN: 9781612086613.
Article in Proceedings (Conference Paper).
CorporationInternational Conference on Emerging Security Information, Systems and Technologies (SECURWARE)
CR-SchemaD.2.11 (Software Engineering Software Architectures)
D.4.6 (Operating Systems Security and Protection)
Abstract

In the context of Industry 4.0, gathering sensor dataand using data analysis software can lead to actionable insights,for example, enabling predictive maintenance. Since developingthese data analysis software requires some special expert knowl-edge, often external data scientist are charged for that. However,often the data to be analyzed is of vital importance and thus,must not leave the company. Therefore, applications developedand modeled as deployment models by third-parties have tobe enforced to be executed in the local company’s network.However, manually adapting a lot of these deployment modelsin order to meet the company’s requirements is cumbersome,time consuming and error-prone. Furthermore, some kind ofenforcement mechanism is required to really ensure that thesedata security and privacy requirements are fulfilled. Thus, in thispaper, we present an approach considering these issues duringthe deployment time of the application. The presented approachis based on the Topology and Orchestration Specification forCloud Applications (TOSCA), an OASIS standard enabling thedescription of cloud applications as well as their deployment. Theapproach enables the specification as well as the enforcement ofreoccurring and generic requirements and restrictions of TOSCA-based declarative deployment models, without the need to adaptor modify these deployment models. The practical feasibilityof the presented approach is validated by extending our open-source prototype OpenTOSCA, which provides a modeling tool,a TOSCA Runtime, as well as a self-service portal for TOSCA.

Department(s)University of Stuttgart, Institute of Architecture of Application Systems
Project(s)SePiA.Pro
ADDCompliance
Entry dateOctober 17, 2018
   Publ. Institute   Publ. Computer Science