Information Technology Reference
In-Depth Information
must be completed and managed in the rest
of activities of the process.
more difficult to implement into a mobile platform
due to the limitations of resources in these devices.
Due to this difficulty when we want to incor-
porate mobile devices into a grid system and due
to the fact that we must take into account security
aspects throughout the life cycle, it is necessary
to provide a systematic process to developers
for building this kind of system considering grid
characteristics, mobile computing and security
aspects throughout the development process. This
process must always be flexible, scalable and dy-
namic, so that it adapts itself to the ever-changing
necessities of mobile Grid systems.
In this paper we have presented a process
for designing and building a secure mobile grid
system based on an iterative, incremental and
reusable process. This process is composed of
several stages and activities and in each one of
them the stakeholders carry out their tasks. An
important activity of the process is the security
requirements analysis which we have proposed
with a set of tasks to obtain security requirements
for mobile grid systems based in security use cases.
Considering a case study for media domain, we
have applied the analysis activity for analyzing
security requirements in this real application using
techniques of uses cases, misuse cases, security
use cases and risk assessment where we obtain
a specification of security requirements of our
system analyzed on several refinements.
Applying this set of tasks we have been able to
incorporate security requirements into our analysis
and into our system. The application of this case
study has allowed us to improve and refine some
activities, tasks and artifacts of the process.
•
Carry out new case studies for a continu-
ous improvement of the process in other
environments and dominions apart from
the one developed here.
•
Extend the applicability of the process and
adapt its tasks and artifacts in order to de-
velop secure systems oriented to Cloud
Computing.
•
Extend the GridUCSec-profile to define
not only stereotypes for use cases but also
stereotypes for other kind of UML models
such as the models of interaction, deploy-
ment, collaboration, etc., that can be used
in the different activities of the process.
•
Implement all security services and inter-
faces of the reference security architecture
using the most advanced and used pro-
gramming languages such as Java, .Net o
C#.
CONCLUSION
The interest in incorporating mobile devices into
Grid systems has arisen with two main purposes.
The first one is to enrich users of these devices
while the other is that of enriching the Grid's own
infrastructure. Both benefit from this fact since,
on the one hand, the Grid offers its services to
mobile users to complete their work in a fast and
simple way and, on the other hand, the mobile
devices offer their limited resources, but millions
of them, in any place and at any time, endorsed
by the fast advance in the yield and capacity that
is being carried out in mobile technology.
In many cases, constrained wireless networks
are made up of devices that are physically con-
strained and therefore have little room for memory,
batteries, and auxiliary chips. Security over the
mobile platform is more critical due to the open
nature of wireless networks. In addition, security is
ACKNOWLEDGMENT
This research is part of the following projects:
MARISMA (HITO-2010-28), SISTEMAS
(PII2I09-0150-3135) and SEGMENT (HITO-
09-138) financed by the “Viceconsejería de
Ciencia y Tecnología de la Junta de Comunidades
Search WWH ::
Custom Search