Adapting Compliance of Security Requirements in Multi-Tenant Applications

Multi-tenancy in cloud-based applications helps cloud providers improve their Quality of Service (QoS) and reduce service customization and maintenance time. This result is achieved by sharing resources among many tenants, which can be in the form of applications composed of multiple web services. However, distinct tenants may impose different security requirements on their perspective of the application. Thus, the application must comply with the individual tenant requirements while assuring compatibility across all tenants using the application. This assurance during runtime remains a challenge, especially if tenants are allowed to alter their security posture dynamically. Such self-adaptation within cloud tenants can help to shift security compliance tasks from the static design time to runtime. Security requirements have relied on human intervention or complex models to change or integrate the requirements at runtime. Our approach permits tenants to modify security requirements during runtime without changing the internal code of their offered services. The proposed approach externalizes the process of mapping and guaranteeing the modified security requirements outside the service while preserving the application functionality.