PhD Defense : Elio Goettelmann – Risk-aware Business Process Modelling and Trusted Deployment in the Cloud – 21/10/2015

the defence of Elio PhD thesis that will take place the 21st of October (Wednesday), 1:30 PM, in room C005, LORIA.

Risk-aware Business Process Modelling and Trusted Deployment in the Cloud

*** Committee ***
– Salima BENBERNOU, Professor, University Paris Descartes, France
– Haralambos MOURATIDIS, Professor, University of Brighton, UK
– Frédérique BIENNIER, Professor, INSA-Lyon, France
– Eric DUBOIS, Professor, University of Namur, Belgium
– Benjamin GÂTEAU, PhD, Luxembourg Institute of Science and Technology
– Laurent VIGNERON, Professor, University of Lorraine, France
– Claude GODART, University of Lorraine, France

*** Abstract ***
Nowadays service ecosystems rely on dynamic software service chains that span over multiple organisations and providers. They provide an agile support for business applications, governments of end-users. This trend is reinforced by the Cloud based economy that allows sharing of costs and resources. However, the lack of trust in such cloud environments, that involve higher security requirements, is often seen as a braking force to the development of such services.
The objective of this thesis is to study the concepts of service orchestration and trust in the context of the Cloud. It proposes an approach which supports a trust model in order to allow the orchestration of trusted business process components on the cloud.
The contribution is threefold and consists in a method, a model and a framework. The method categorizes techniques to transform an existing business process into a risk-aware process model that takes into account security risks related to cloud environments. The model formalizes the relations and the responsibilities between the different actors of the cloud. This allows to identify the different information required to assess and quantify security risks in cloud environments. The framework is a comprehensive approach that decomposes a business process into fragments that can automatically be deployed on multiple clouds. The framework also integrates a selection algorithm that combines security information with other quality of service criteria to generate an optimized configuration.

*** Keywords ***
Business Process Management, Cloud Computing, Security Risk Management