Securing the Deployment of Cloud-Hosted Services for Guaranteeing Multitenancy Isolation

Multitenancy introduces significant error and security challenges in the cloud depending on the location of the functionality to be shared and the required degree of isolation between the tenants. Existing approaches for securing the deployment of cloud-hosted services to serve multiple users have paid little attention to evaluating the effect of the varying degrees of multitenancy isolation on the security and access privilege of tenants (or components). In addition, approaches for securing the isolation of tenants (or components) are usually implemented at lower layers of the cloud stack and often apply to the entire system and not to individual tenants (or components). This study presents CLAMP (Cloud-based architectural approach for securing services through Multitenancy deployment Patterns) to securing the deployment of cloud-hosted services in a way that guarantees the required degree of isolation between the tenants. We evaluated the framework by applying it to a motivating cloud deployment problem. The findings show among other things that the framework can be used to select suitable deployment patterns, evaluate the effect of varying degrees of isolation on the cloud-hosted service, analyse the deployment requirements of cloud-hosted services and optimise the deployment of the cloud-hosted service to guarantee multitenancy isolation

Ernst Denert Award for Software Engineering 2019

This open access book provides an overview of the dissertations of the five nominees for the Ernst Denert Award for Software Engineering in 2019. The prize, kindly sponsored by the Gerlind & Ernst Denert Stiftung, is awarded for excellent work within the discipline of Software Engineering, which includes methods, tools and procedures for better and efficient development of high quality software. An essential requirement for the nominated work is its applicability and usability in industrial practice. The book contains five papers describing the works by Sebastian Baltes (U Trier) on Software Developers’Work Habits and Expertise, Timo Greifenberg’s thesis on Artefaktbasierte Analyse modellgetriebener Softwareentwicklungsprojekte, Marco Konersmann’s (U Duisburg-Essen) work on Explicitly Integrated Architecture, Marija Selakovic’s (TU Darmstadt) research about Actionable Program Analyses for Improving Software Performance, and Johannes Späth’s (Paderborn U) thesis on Synchronized Pushdown Systems for Pointer and Data-Flow Analysis – which actually won the award. The chapters describe key findings of the respective works, show their relevance and applicability to practice and industrial software engineering projects, and provide additional information and findings that have only been discovered afterwards, e.g. when applying the results in industry. This way, the book is not only interesting to other researchers, but also to industrial software professionals who would like to learn about the application of state-of-the-art methods in their daily work

Explicitly Integrated Architecture - An Approach for Integrating Software Architecture Model Information with Program Code

Software-Architekturspezifikationen und -Implementierungen sind zwei Sichtweisen auf Softwarearchitektur. Sie beschreiben gemeinsame Aspekte, wie z.B. die Existenz und Verbindung von Komponenten. Die Spezifikation fügt Informationen zum Design, zur Kommunikation und zur Analyse hinzu. Die Implementierung beschreibt stattdessen zusätzlich Details für ein ausführbares System. Die Konsistenz zwischen diesen Darstellungen manuell zu verwalten, ist schwierig und fehleranfällig. Diese Arbeit stellt einen Ansatz vor, der Informationen der Architekturspezifikation vollständig in die Implementierung integriert, sodass die Spezifikation als eigenständiges Artefakt nicht mehr notwendig ist. Das Tool Codeling extrahiert die integrierte Architekturspezifikation in unterschiedlichen Sprachen aus dem Code und propagiert Änderungen in dieser Spezifikation automatisch an den Code zurück.Specifications and implementations are both viewpoints upon software architecture. Besides common aspects, the specification adds information for design, communication, or analysis, while the implementation adds details for an executable system instead. Managing the consistency between these representations manually is difficult and error-prone. This thesis presents an approach, that completely integrates architecture specifications with the implementation, so that separate specification artifacts are not necessary anymore. The tool Codeling extracts integrated architecture specifications in multiple languages from code, and automatically propagates changes in these specifications back to the code