Modelling Data Protection in Fog Computing Systems using UMLsec and SysML-Sec

Abstract

Fog computing provides low-latency cloud-like compute resources to end devices, thereby facilitating the delivery of modern data-intensive applications at the edge. These applications must comply with data protection requirements, such as posed by the European General Data Protection Regulation, which requires that protection of personal data must be ensured by design. We analyse to what extent UMLsec and SysMLSec, extensions of the widely used modelling languages UML and SysML, help modelling data protection aspects during the design of fog computing systems. We use UMLsec and SysMLSec because these languages are capable of modelling information security aspects, which significantly overlap with data protection aspects. As basis for our analysis, we create UMLSec und SysMLSec models for three real-world use cases from Smart City, Smart Manufacturing, and Smart Media. Using real-world use cases facilitates reflecting actual data protection concerns in practice. The results indicate that both UMLsec and SysML-Sec are partially suitable for capturing the data protection aspects identified in the use cases. Based on the identified gaps, we propose potential enhancements of these languages.

Publikation

J. Laufer, Z. Á. Mann and A. Metzger, "Modelling Data Protection in Fog Computing Systems using UMLsec and SysML-Sec," 2021 ACM/IEEE International Conference on Model Driven Engineering Languages and Systems Companion (MODELS-C), 2021, pp. 777-786, doi: 10.1109/MODELS-C53483.2021.00124 .

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9643714&isnumber=9643613