Secure Software Engineering in the Cloud
In his talk, Olmsted will investigate the problem of developing secure development of cloudbased enterprise applications. Consistency, availability, and durability are investigated for web service (WS) transactions. He proposes an approach that matches the availability of the popular lazy replica update propagation method while increasing durability and consistency. His replica update propagation method is called the “Buddy System”, which requires that updates are preserved synchronously in two replicas. The first implementation schedules fine-grained WS transactions. In these transactions, each activity is a low-level database operation. Later, he considers each transaction as a black box, with only the corresponding Metadata, expressed as UML specifications, as transaction semantics. He refers to these WS transactions as coarse-grained WS transactions. The “Buddy System” can handle these coarse grained WS transactions, using UML stereotypes that allow scheduling semantics to be embedded into the design model. Dr. Olmsted shows that his approach guarantees one-copy serializability, matches the performance of the lazy update propagation methods, and increases durability in the presence of hardware failures. The talk will conclude with current work investigating consistency guarantees for integration of external systems, cloud-based data models, and payment security.
Published in: World Congress on Internet Security (WorldCIS-2016)
- Date of Conference: 14-16 November 2016
- DOI: 10.2053/WorldCIS.2016.0002
- ISBN: 978-1-908320-66-7
- Conference Location: Heathrow Windsor Marriott Hotel, UK