The Service Security Lab: A Model-Driven Platform to Compose and Explore Service Security in the Cloud

Cloud computing enables the provisioning of dynamically scalable resources as a service. Next to cloud computing, the paradigm of Service-oriented Architectures emerged to facilitate the provisioning of functionality as services. While both concepts are complementary, their combination enables the flexible provisioning and consumption of independently scalable services. These approaches come along with new security risks that require the usage of identity and access management solutions and information protection. The requirements concerning security mechanisms, protocols and options are stated in security policies that configure the interaction between services and clients in a system. In this paper, we present our cloud-based Service Security Lab that supports the on-demand creation and orchestration of composed applications and services. Our cloud platform enables the testing, monitoring and analysis of Web Services regarding different security configurations, concepts and infrastructure components. Since security policies are hard to understand and even harder to codify, we foster a model-driven approach to simplify the creation of security configurations. Our model-driven approach enables the definition of security requirements at the modelling layer and facilitates a transformation based on security configuration patterns.