Nell'ambito delle attività di ricerca nel settore della Sicurezza Informatica svolte presso il DIIES dal gruppo coordinato dal prof. Francesco Buccafurri (http://www.infolab.unirc.it/sts/), e del Dottorato di ricerca in Ingegneria dell’Informazione, il prof. Eduardo B. Fernandez terrà il seminario:
Modeling and Security in Cloud Ecosystems
27 maggio, ore 10:30
Aula del Consiglio, Ingegneria
Eduardo B. Fernandez, professore presso il Department of Computer and Electrical Engineering and Computer Science, Florida Atlantic University, Boca Raton, USA, è un top-scientist nel campo della sicurezza informatica, autore di svariate pubblicazioni tra cui diversi volumi utilizzati come libri di testo nelle più prestigiose università del mondo. Il tema trattato, che riguarda la sicurezza dei sistemi cloud, è di grande rilievo e di estrema attualità, considerato che l’utilizzo del cloud si sta progressivamente diffondendo in diversi scenari applicativi.
Tutti gli interessati sono invitati a partecipare
Abstract. Clouds do not work in isolation but interact with other clouds and with a variety of systems either developed by the same provider or by external entities with the purpose to interact with them; forming then an ecosystem. A software ecosystem is a collection of software systems that have been developed to coexist and evolve together. The stakeholders of such a system need a variety of models to give them a perspective of the possibilities of the system, to evaluate specific quality attributes, and to extend the system. A powerful representation when building or using software ecosystems is the use of architectural models, which describe the structural aspects of such a system. These models have value for security and compliance, are useful to build new systems, can be used to define service contracts, find where quality factors can be monitored, and to plan further expansion. We have described a cloud ecosystem in the form of a pattern diagram where its components are patterns and reference architectures. A pattern is an encapsulated solution to a recurrent problem. We have recently expanded these models to cover fog systems and containers. Fog Computing is a highly-virtualized platform that provides compute, storage, and networking services between end devices and Cloud Computing Data Centers; a Software Container provides an execution environment for applications sharing a host operating system, binaries, and libraries with other containers. We intend to use this architecture to answer a variety of questions about the security of this system as well as a reference to design interacting combinations of heterogeneous components. We defined a metamodel to relate security concepts which is being expanded.
Short Bio. Eduardo B. Fernandez (Eduardo Fernandez-Buglioni) is a professor in the Department of Computer Science and Engineering at Florida Atlantic University in Boca Raton, Florida, USA. He has published numerous papers on authorization models, object-oriented analysis and design, and security patterns. He has written four books on these subjects, the most recent being a book on security patterns. He has lectured all over the world at both academic and industrial meetings. He has created and taught several graduate and undergraduate courses and industrial tutorials. His current interests include security patterns, cloud computing security, and cyber-physical systems security and safety. He holds a MS degree in Electrical Engineering from Purdue University and a Ph.D. in Computer Science from UCLA. He is a Senior Member of the IEEE, and a Member of ACM. He is an active consultant for industry, including assignments with IBM, Allied Signal, Motorola, Lucent, Huawei, and others.