nach oben

Erschienen in:

2014 | OriginalPaper | Buchkapitel

SecLA-Based Negotiation and Brokering of Cloud Resources

verfasst von : Jesus Luna, Tsvetoslava Vateva-Gurova, Neeraj Suri, Massimiliano Rak, Alessandra De Benedictis

Erschienen in: Cloud Computing and Services Science

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

As the popularity of Cloud computing has grown during the last years, the choice of Cloud Service Provider (CSP) has become an important issue from user’s perspective. Although the Cloud users are more and more concerned about their security in the Cloud and might have some specific security requirements, currently this choice is based on requirements related to the offered Service Level Agreements (SLA) and costs. Most of the CSPs do not provide user- understandable information regarding the security levels associated with their services, and in this way impede the users to negotiate their security requirements. In other words, the users do not have the technical means in terms of tools and semantics to choose the CSP that best suits their security demands. Industrial efforts on specification of Cloud security parameters in SLAs, also known as “Security Level Agreements” or SecLAs represent the initial steps towards solving this problem. The aim of this paper is to propose a practical approach that enables user-centric negotiation and brokering of Cloud resources. The proposed methodology relies on both the notion of SecLAs for establishing a common semantic between the CSPs and the users, and on a quantitative approach to evaluate the security levels associated with the specific SecLAs.

This work is a result of the joint effort spent on the security metrology-related techniques being developed by the EU FP7 projects ABC4Trust/SPECS and, the framework for SLA-based negotiation and Cloud resource brokering proposed by the EU FP7 mOSAIC project. The feasibility of the proposed negotiation approach and its applicability for Cloud Federations is demonstrated in the paper with a real-world case study considering a scenario presented in the FP7 project SPECS. The presented scenario shows the negotiation of a user’s security requirements with respect to a set of CSPs SecLAs, using both the information available in the Cloud Security Alliance’s “Security, Trust & Assurance Registry” (CSA STAR) and the WS-Agreement standard.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nächstes Kapitel Trustworthiness Attributes and Metrics for Engineering Trusted Internet-Based Software Systems

Due to STAR’s usage restrictions, it is not possible to disclose the real identity of the CSPs under evaluation.

Cloud Security Alliance: Security and Privacy Level Agreements working groups (2012). https://cloudsecurityalliance.org/research/pla/. Accessed on 10.01.14

Rak, M., Aversa, R., Venticinque, S., Di Martino, B.: User centric service level management in mOSAIC applications. In: Alexander, M., et al. (eds.) Euro-Par 2011, Part II. LNCS, vol. 7156, pp. 106–115. Springer, Heidelberg (2012)

Kandukuri, B.R., et. al.: Cloud security issues. In: Proceedings of the IEEE International Conference on Services Computing, pp. 517–520. IEEE, New York (2009)

Dekker, M., Hogben, G.: Survey and analysis of security parameters in cloud SLAs across the European public sector. Technical report TR-2011-12-19, European Network and Information Security Agency (2011)

Luna, J., et al.: Quantitative assessment of cloud security level agreements: a case study. In: Samarati, P., Lou, W., Zhou, J. (eds.) Proceedings of Security and Cryptography, pp. 64–73. SciTePress (2012)

Luna, J., et al.: Benchmarking cloud security level agreements using quantitative policy trees. In: Proceedings of the 2012 ACM Workshop on Cloud Computing Security Workshop, CCSW ’12, pp. 103–112. ACM, New York (2012)

Andrieux, K., et al.: Web services agreement specification (WS-Agreement). Technical report TR-WSAgreement-2007, Open Grid Forum (2007)

mOSAIC: mOSAIC FP7 (2011). http://www.mosaic-cloud.eu/. Accessed on 05.10.13

Cloud Security Alliance: The Security, Trust & Assurance Registry (STAR) (2011). https://cloudsecurityalliance.org/star/. Accessed on 10.01.14

10.

Bernsmed, K., et al.: Security SLAs for federated cloud services. In: Proceedings of IEEE Availability, Reliability and Security, pp. 202–209. IEEE, New York (2011)

11.

Casola, V., et al.: A SLA evaluation methodology in service oriented architectures. In: Gollmann, D., Massacci, F., Yautsiukhin, A. (eds.) Quality of Protection. Advances in Information Security, vol. 23, pp. 119–130. Springer, Berlin (2006)CrossRef

12.

Valentina, C., et al.: A reference model for security level evaluation: policy and fuzzy techniques. J. UCS 11, 150–174 (2005)

13.

Samani, R., et al.: Common assurance maturity model: scoring model (2011). http://common-assurance.com/. Accessed on 10.12.13

14.

Luna, J., et al.: A security metrics framework for the cloud. In: Lopez, J., Samarati, P. (eds.) Proceedings of Security and Cryptography, pp. 245–250. SciTePress (2011)

15.

Savola, R., et al.: Towards wider cloud service applicability by security, privacy and trust measurements. In: Proceedings of IEEE Application of Information and Communication Technologies, pp. 1–6. IEEE, New York (2010)

16.

Cloud Security Alliance: The Consensus Assessments Initiative Questionnaire (2011). https://cloudsecurityalliance.org/research/cai/. Accessed on 14.01.14

17.

Almorsy, M., et al.: Collaboration-based cloud computing security management framework. In: Proceedings of IEEE International Conference on Cloud Computing, pp. 364–371. IEEE, New York (2011)

18.

ETSI: Cloud Standards Coordination (2013). Accessed on 12.11.13.

19.

Rak, M., Ficco, M.: Intrusion tolerance as a service - a SLA-based solution. In: Leymann, F., Ivanov, I., van Sinderen, M., Shan, T. (eds.): Proceedings of the International Conference on Cloud Computing and Services Science (CLOSER), pp. 375–384, SciTePress (2012)

20.

Amato, A., et. al.: SLA negotiation and brokering for sky computing. In: Leymann, F., Ivanov, I., van Sinderen, M., Shan, T. (eds).: In: Proceedings of the International Conference on Cloud Computing and Services Science (CLOSER), pp. 611–620. SciTePress (2012)

21.

SPECS: SPECS FP7 (2013). http://www.specs-project.eu/. Accessed on 14.01.14

22.

Rak, M., et. al.: A SLA-based interface for security management in cloud and GRID integrations. In: Proceedings of the IEEE International Conference on Information Assurance and Security, pp. 378–383. IEEE, New York (2011)

23.

Hale, M.L., Gamble R.: SecAgreement: advancing security risk calculations in cloud services. In: Proceedings of the IEEE World Congress on Services, pp. 133–140. IEEE , New York (2012)

24.

ABC4Trust: ABC4Trust FP7 (2011). http://www.abc4trust.eu/. Accessed on 14.12.13

Titel: SecLA-Based Negotiation and Brokering of Cloud Resources
verfasst von: Jesus Luna
Tsvetoslava Vateva-Gurova
Neeraj Suri
Massimiliano Rak
Alessandra De Benedictis
Verlag: Springer International Publishing
Buch: Cloud Computing and Services Science
Print ISBN: 978-3-319-11560-3

Electronic ISBN: 978-3-319-11561-0

Copyright-Jahr: 2014
DOI: https://doi.org/10.1007/978-3-319-11561-0_1

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"