On the adoption of security SLAs in the cloud

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 8937, Issue , 2015, Pages 45-62

  Casola, Valentina ^a   De Benedictis, Alessandra ^a   Rak, Massimiliano ^b  

^a UNIVERSITY OF NAPLES FEDERICO II   (Italy)

^b SECOND UNIVERSITY OF NAPLES   (Italy)

Author keywords

Cloud computing; Security SLA; Service Level Agreement; SLA life cycle

Indexed keywords

ARTIFICIAL INTELLIGENCE; CLOUD COMPUTING; COMPUTERS;

RESEARCH ACTIVITIES; SECURITY SERVICES; SECURITY SLA; SERVICE LEVEL AGREEMENTS; WHOLE LIFE CYCLES;

LIFE CYCLE;

EID: 84943803095     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-319-17199-9_2     Document Type: Conference Paper

References (23)

1. ISO/IEC 17788:2014. Information Technology-Cloud Computing-Overview and Vocabulary. Technical report, International Organization for Standardization (2014)
2. ISO/IEC 17789:2014. Information Technology-Cloud computing-Reference architecture. Technical report, International Organization for Standardization (2014)
3. ISO/IEC NP 19086–1. Information Technology-Cloud computing-Service level agreement (SLA) framework and technology-Part 1: Overview and concepts. Technical report, International Organization for Standardization (2014)
4. Almorsy, M., Ibrahim, A., Grundy, J.: Adaptive security management in saas applications. In: Nepal, S., Pathan, M. (eds.) Security, Privacy and Trust in Cloud Systems, pp. 73–102. Springer, Heidelberg (2014)
5. Andrieux, A., Czajkowski, K., Dan, A., Keahey, K., Ludwig, H., Nakata, T., Pruyne, J., Rofrano, J., Tuecke, S., Xu, M.: Web Services Agreement Specification (WS-Agreement). Technical report, Global Grid Forum, Grid Resource Allocation Agreement Protocol (GRAAP) WG, September 2005
6. Casola, V., De Benedictis, A., Rak, M., Villano, U.: Preliminary design of a platform-as-a-service to provide security in cloud. In: CLOSER 2014 – Proceedings of the 4th International Conference on Cloud Computing and Services Science, pp. 752–757, Barcelona, Spain, April 3–5 (2014)
7. Casola, V., Fasolino, A. R., Mazzocca, N., Tramontana, P.: An ahp-based framework for quality and security evaluation. In: Proceedings of the 2009 International Conference on Computational Science and Engineering, CSE 2009, vol. 03, pp. 405–411. IEEE Computer Society, Washington, DC (2009)
8. Casola, V., Fasolino, A. R., Mazzocca, N., Tramontana, P.: A policy-based evaluation framework for quality and security in service oriented architectures. In: Proceedings – 2007 IEEE International Conference on Web Services, ICWS 2007, pp. 1181–1182 (2007)
9. Casola, V., Mazzeo, A., Mazzocca, N., Rak, M.: An innovative policy-based cross certification methodology for public key infrastructures. In: Chadwick, D., Zhao, G. (eds.) EuroPKI 2005. LNCS, vol. 3545, pp. 100–117. Springer, Heidelberg (2005)
10. Casola, V., Mazzeo, A., Mazzocca, N., Rak, M.: A sla evaluation methodology in service oriented architectures. In: Gollmann, D., Massacci, F., Yautsiukhin, A. (eds.) Advances in Information Security, pp. 119–130. Springer, USA (2006)
11. Casola, V., Mazzeo, A., Mazzocca, N., Vittorini, V.: A policy-based methodology for security evaluation: a security metric for public key infrastructures. J. Comput. Secur. 15(2), 197–229 (2007)
12. Casola, V., Mazzocca, N., Luna, J., Manso, O., Medina, M., Rak, M.: Static evaluation of certificate policies for grid pkis interoperability. In: Proceedings – Second International Conference on Availability, Reliability and Security, ARES 2007, pp. 391–399 (2007)
13. Cloud Security Alliance. Cloud Control Matrix v3. 0. https://cloudsecurityalliance. org/download/cloud-controls-matrix-v3/
14. Cloud Security Alliance. Consensus Assessment Initiative Questionnaire V1. 1. https://cloudsecurityalliance. org/research/cai/
15. European Commission. SWD(2012) 271 final. Unleashing the Potential of Cloud Computing in Europe. Technical report, September 2012
16. Emeakaroha, V. C., Brandic, I., Maurer, M., Dustdar, S.: Low level metrics to high level slas-lom2his framework: bridging the gap between monitored metrics and sla parameters in cloud environments. In: 2010 International Conference on High Performance Computing and Simulation (HPCS), pp. 48–54, June 2010
17. Emeakaroha, V. C., Ferreto, T. C., Netto, M. A. S., Brandic, I., De Rose, C. A. F.: Casvid: Application level monitoring for sla violation detection in clouds. In: 2012 IEEE 36th Annual Computer Software and Applications Conference (COMPSAC), pp. 499–508, July 2012
18. Harsh, P., Jegou, Y., Cascella, R. G., Morin, C.: Contrail virtual execution platform challenges in being part of a cloud federation. In: Abramowicz, W., Llorente, I. M., Surridge, M., Zisman, A., Vayssière, J. (eds.) ServiceWave 2011. LNCS, vol. 6994, pp. 50–61. Springer, Heidelberg (2011)
19. Liu, F., Tong, J., Mao, J., Bohn, R. B., Messina, J. V., Badger, M. L., Leaf, D. M.: NIST SP-500–292. Cloud Computing Reference Architecture. Technical report, National Institute of Standards & Technology, September 2011
20. Mell, P. M., Grance, T.: SP 800–145. The NIST Definition of Cloud Computing. Technical report, National Institute of Standards & Technology, Gaithersburg, MD, United States (2011)
21. European Network and Information Security Agency (ENISA). Procure secure. A guide to monitoring of security service levels in cloud contracts, April 2012
22. Rak, M., Venticinque, S., Mahr, T., Echevarria, G., Esnal, G.: Cloud application monitoring:the mosaic approach. In: 2011 IEEE Third International Conference on Cloud Computing Technology and Science (CloudCom), pp. 758–763, November 2011
23. European Commission C-SIG (Cloud Select Industry Group) subgroup. IP/14/743. New guidelines to help EU businesses use the Cloud. Technical report, June 2014