Hironori Washizaki, Sota Fukumoto, Misato Yamamoto, Masatoshi Yoshizawa, Yoshiaki Fukazawa, Shinpei Ogata, Eduardo B. Fernandez, Nobukazu Yoshioka, Takehisa Kato, Haruhiko Kaiya, Hideyuki Kanuka, Yuki Kondo, Takao Okubo, Atsuo Hazeyama, “A Metamodel for Security and Privacy Knowledge in Cloud Services,” 12th IEEE World Congress on Services (IEEE SERVICES 2016), Poster Paper, June 27 – July 2, 2016, San Francisco, USA. (to appear)

It is important to ensure security and privacy in cloud services. Although there are many security and privacy patterns and much non-pattern-based knowledge such as practices and principles in cloud services, it is difficult to select and combine the right ones due to the large number of those items and the nature of the layered cloud stack. In this paper, we propose a metamodel for handling security and privacy in cloud service development and operation. The metamodel is expected to be utilized for building a knowledge base to accumulate, classify and reuse existing cloud security and privacy patterns and practices in a consistent and uniform way. Moreover the metamodel and knowledge base are expected to be utilized for designing and maintaining architectures for cloud service systems incorporating security and privacy.