Abstract
Cloud computing has emerged as a crucial solution for handling data- and compute-intensive workflows, offering scalability to address dynamic demands. However, ensuring the secure execution of workflows in the untrusted multi-cloud environment poses significant challenges, given the sensitive nature of the involved data and tasks. The lack of comprehensive approaches for detecting attacks during workflow execution, coupled with inadequate measures for reacting to security and privacy breaches has been identified in the literature. To close this gap, in this work, we propose an approach that focuses on monitoring cloud services and networks to detect security violations during workflow executions. Upon detection, our approach selects the optimal adaptation action to minimize the impact on the workflow. To mitigate the uncertain cost associated with such adaptations and their potential impact on other tasks in the workflow, we employ adaptive learning to determine the most suitable adaptation action. Our approach is evaluated based on the performance of the detection procedure and the impact of the selected adaptations on the workflows.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Preprint available at the ArXiv: https://arxiv.org/abs/2307.05137.
- 2.
Our code is available at https://github.com/nafisesoezy/SecFlow.
- 3.
References
Varshney, S., et al.: QoS based resource provisioning in cloud computing environment: a technical survey. In: International Conference on Advances in Computing and Data Sciences, pp. 711–723 (2019)
Maguluri, S.T., et al.: Stochastic models of load balancing and scheduling in cloud computing clusters. In: Proceedings IEEE Infocom, pp. 702–710 (2012)
Chen, H., et al.: Towards energy-efficient scheduling for real-time tasks under uncertain cloud computing environment. J. Syst. Softw. 99, 20–35 (2015)
Nolle, T., Luettgen, S., Seeliger, A., Mühlhäuser, M.: Analyzing business process anomalies using autoencoders. Mach. Learn. 107(11), 1875–1893 (2018). https://doi.org/10.1007/s10994-018-5702-8
Chen, H., et al.: Uncertainty-aware real-time workflow scheduling in the cloud. In: 2016 IEEE Cloud Conference, pp. 577–584. IEEE
Soveizi, N., et al.: SecFlow: adaptive security-aware workflow management system in multi-cloud environment. In: International Conference on Enterprise Design, Operations, and Computing. Springer, cham (2023)
Soveizi, N., Turkmen, F., Karastoyanova, D.: Security and privacy concerns in cloud-based scientific and business workflows: a systematic review. Future Gener. Comput. Syst. (2023)
Shirvani, M.H.: Bi-objective web service composition problem in multi-cloud environment: a bi-objective time-varying particle swarm optimisation algorithm. J. Exp. Theor. Artif. Intell. 33, 1–24 (2020)
Wang, Y., et al.: Protecting scientific workflows in clouds with an intrusion tolerant system. IET Inf. Secur. 14(2), 157–165 (2020)
Wang, Y., et al.: INHIBITOR: an intrusion tolerant scheduling algorithm in cloud-based scientific workflow system. Futur. Gener. Comput. Syst. 114, 272–284 (2021)
Wen, Z., et al.: Dynamically partitioning workflow over federated clouds for optimising the monetary cost and handling run-time failures. IEEE Trans. Cloud Comput. 8(4), 1093–1107 (2020)
Abazari, F., et al.: MOWS: multi-objective workflow scheduling in cloud computing based on heuristic algorithm. Simul. Modell. Pract. Theory 93(2018), 119–132 (2019)
Ahmad, Z., Nazir, B., Umer, A.: A fault-tolerant workflow management system with quality-of-service-aware scheduling for scientific workflows in cloud computing. Int. J. Commun. Syst. 34(1), e4649 (2021)
Alaei, M., et al.: An adaptive fault detector strategy for scientific workflow scheduling based on improved differential evolution algorithm in cloud. Appl. Soft Comput. 99, 106895 (2021)
Nolle, T., Seeliger, A., Mühlhäuser, M.: BINet: multivariate business process anomaly detection using deep learning. In: Weske, M., Montali, M., Weber, I., vom Brocke, J. (eds.) BPM 2018. LNCS, vol. 11080, pp. 271–287. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98648-7_16
Kaelbling, L.P., et al.: Reinforcement learning: a survey. J. Artif. Intell. Res. 4, 237–285 (1996)
Watkins, C.J.C.H., Dayan, P.: Q-learning. Mach. Learn. 8, 279–292 (1992)
jBPM: Business Process Management Suite. https://www.jbpm.org/
CloudSim Plus Contributors. CloudSim Plus. GitHub repository. https://github.com/manoelcampos/cloudsim-plus
Yang, H., et al.: Network security situation assessment with network attack behavior classification. Int. J. Intell. Syst. 37(10), 6909–6927 (2022)
KDD Cup. In: The UCI KDD Archive (1999). http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Soveizi, N., Karastoyanova, D. (2024). Enhancing Workflow Security in Multi-cloud Environments Through Monitoring and Adaptation upon Cloud Service and Network Security Violations. In: Sellami, M., Vidal, ME., van Dongen, B., Gaaloul, W., Panetto, H. (eds) Cooperative Information Systems. CoopIS 2023. Lecture Notes in Computer Science, vol 14353. Springer, Cham. https://doi.org/10.1007/978-3-031-46846-9_9
Download citation
DOI: https://doi.org/10.1007/978-3-031-46846-9_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-46845-2
Online ISBN: 978-3-031-46846-9
eBook Packages: Computer ScienceComputer Science (R0)