Security as a Service Using an SLA-Based Approach via SPECS
作者: Massimiliano Rak , Neeraj Suri , Jesus Luna , Dana Petcu , Valentina Casola
DOI: 10.1109/CLOUDCOM.2013.165
关键词:
摘要: The cloud offers attractive options to migrate corporate applications, without any implication for the security manager manage or secure physical resources. While this ease of migration is appealing, several issues arise: can validity legal compliance regulations still be ensured remote data storage? How it possible assess Cloud Service Provider (CSP) ability meet requirements? Can one monitor and enforce agreed levels? Unfortunately, no comprehensive solutions exist these issues. In context, we introduce a new approach, named SPECS. It aims offer mechanisms specify requirements features offered by CSPs, integrate desired services (e.g., credential access management) into with Security-as-a-Service approach. Furthermore, SPECS intends provide systematic approaches negotiate, parameters specified in Level Agreements (SLA), develop deploy that are SLA-aware implemented as an open-source Platform-as-a-Service (PaaS). This paper introduces main concepts
sci-hub.se 参考文章(27)
Valentina Casola, Antonino Mazzeo, Nicola Mazzocca, Massimiliano Rak, A SLA evaluation methodology in Service Oriented Architectures Quality of Protection. pp. 119- 130 ,(2006) , 10.1007/978-0-387-36584-8_10
Massimo Ficco, Salvatore Venticinque, Beniamino Di Martino, mOSAIC-Based Intrusion Detection Framework for Cloud Computing OTM Confederated International Conferences "On the Move to Meaningful Internet Systems". pp. 628- 644 ,(2012) , 10.1007/978-3-642-33615-7_12
Jim Pruyne, Alain Andrieux, Steven Tuecke, Karl Czajkowski, Asit Dan, Heiko Ludwig, John J. Rofrano, M. Xu, Katarzyna Keahey, Web services agreement specification (ws-agreement) ,(2004)
Massimiliano Rak, Rocco Aversa, Salvatore Venticinque, Beniamino Di Martino, User centric service level management in mOSAIC applications international conference on parallel processing. pp. 106- 115 ,(2011) , 10.1007/978-3-642-29740-3_13
Jung-Ho Eom, Tai-Myoung Chung, Min-Woo Park, Jun-Ho Lee, Multi-level Intrusion Detection System and log management in Cloud Computing international conference on advanced communication technology. pp. 552- 555 ,(2011)
Daniel Germanus, Jesus Luna, Hamza Ghani, Neeraj Suri, A security metrics framework for the Cloud international conference on security and cryptography. pp. 245- 250 ,(2011)
Massimiliano Rak, Salvatore Venticinque, Tam´s M´hr, Gorka Echevarria, Gorka Esnal, Cloud Application Monitoring: The mOSAIC Approach ieee international conference on cloud computing technology and science. pp. 758- 763 ,(2011) , 10.1109/CLOUDCOM.2011.117
Reijo M. Savola, Arto Juhola, Ilkka Uusitalo, Towards wider cloud service applicability by security, privacy and trust measurements international conference on application of information and communication technologies. pp. 1- 6 ,(2010) , 10.1109/ICAICT.2010.5612067
Jesus Luna Garcia, Robert Langenberg, Neeraj Suri, Benchmarking cloud security level agreements using quantitative policy trees Proceedings of the 2012 ACM Workshop on Cloud computing security workshop - CCSW '12. pp. 103- 112 ,(2012) , 10.1145/2381913.2381932
Kleber Vieira, Alexandre Schulter, Carlos Becker Westphall, Carla Merkle Westphall, Intrusion Detection for Grid and Cloud Computing IT Professional. ,vol. 12, pp. 38- 43 ,(2010) , 10.1109/MITP.2009.89