Metric-Aware Secure Service Orchestration

TL;DR

This paper presents a framework for defining, verifying, and enforcing quantitative security metrics in service orchestration to ensure security requirements are met and aid in selecting suitable service architectures.

Contribution

It extends previous work by integrating metric-based security analysis with other security properties in a unified framework.

Findings

Framework enables analysis of security metrics in complex service processes.

Supports verification and enforcement of quantitative security requirements.

Aids in selecting optimal service architectures based on security metrics.

Abstract

Secure orchestration is an important concern in the internet of service. Next to providing the required functionality the composite services must also provide a reasonable level of security in order to protect sensitive data. Thus, the orchestrator has a need to check whether the complex service is able to satisfy certain properties. Some properties are expressed with metrics for precise definition of requirements. Thus, the problem is to analyse the values of metrics for a complex business process. In this paper we extend our previous work on analysis of secure orchestration with quantifiable properties. We show how to define, verify and enforce quantitative security requirements in one framework with other security properties. The proposed approach should help to select the most suitable service architecture and guarantee fulfilment of the declared security requirements.