Cloud application developers will use the PaaSword Context-aware Security Model, in order to annotate the database Entities, the Data Access Objects (DAO) or any other web endpoints that give access to data managed by their applications. This model involves two significant parts:

  • the first one refers to the evaluated contextual information (e.g. the identity of a user, its role in a company, patterns of access etc.) that should be considered before granting any data access request. It involves the following facets: Security Context Element, Permission, Context Pattern
  • a second part that refers to the attributes that characterize sensitivity levels of data objects along with the necessary encryption and physical distribution that these dictate, during the cloud application bootstrapping phase. It involves the following facet: DDE Element

Therefore, primarily, this model tries to conceptualize through a semantic vocabulary, all the facets, which must be taken under consideration during the development and enforcement of a data-access control policy.

This model will be updated during the project’s life-cycle. The details of the current version of this model can be found below: