Implementing secure applications in smart city clouds using microservices
Smart Cities make use of ICT technology to address the challenges of modern urban management. The cloud provides an efficient and cost-effective platform on which they can manage, store and process data, as well as build applications performing complex computations and analyses. The quickly changing requirements in a Smart City require flexible software architectures that let these applications scale in a distributed environment. Smart Cities have to deal with huge amounts of data including sensitive information about infrastructure and citizens. In order to leverage the benefits of the cloud, in particular in terms of scalability and cost-effectiveness, this data should be stored in a public cloud. However, in such an environment, sensitive data needs to be encrypted to prevent unauthorized access.
In our paper entitled Implementing secure applications in smart city clouds using microservices, we present a software architecture design that can be used as a template for the implementation of Smart City applications. The paper has just been published to the Future Generation Computer Systems journal.
The design described in our paper is based on the microservice architectural style, which provides properties that help make Smart City applications scalable and flexible. In addition, we present a hybrid approach to securing sensitive data in the cloud. Our architecture design combines a public cloud with a trusted private environment. To store data in a cost-effective manner in the public cloud, we encrypt metadata items with CP-ABE (Ciphertext-Policy Attribute-Based Encryption) and actual Smart City data with symmetric encryption. This approach allows data to be shared across multiple administrations and makes efficient use of cloud resources.
We show the applicability of our design by implementing a web-based application for urban risk management. We evaluate our architecture based on qualitative criteria, benchmark the performance of our security approach, and discuss it regarding honest-but-curious cloud providers as well as attackers trying to access user data through eavesdropping. Our findings indicate that the microservice architectural style fits the requirements of scalable Smart City applications while the proposed security approach helps prevent unauthorized access.
According to Elsevier’s article sharing policy, you may download the accepted manuscript here. This document is available under the CC-BY-NC-ND license. The final published journal article can be found on the publisher’s website.
Posted by Michel Krämer
on 14 May 2019
We present an approach to store encrypted geospatial data in the cloud while maintaining searchability. Compared to other approaches, ours allows users to dynamically add or remove data.
I just uploaded a new acoustic cover to YouTube. Damien Rice is one of my favourite artists of all time. It’s a wonder I haven’t uploaded more covers of his songs yet.
My latest research papers about “Capability-based Scheduling of Scientific Workflows in the Cloud” and “Scalable processing of massive geodata in the cloud” are now available.
Buckminster is a tool to build Eclipse RCP applications. It contains a lightweight Eclipse SDK and features but no means to build Scala projects yet. This post tries to bridge this gap.
Our paper has just been published in the journal of cloud computing. We present an approach for a cloud-based system executing scientific workflows whose structure may change during run time.