TY - GEN
T1 - Security SLA Based Monitoring in Clouds
AU - Kaaniche, Nesrine
AU - Mohamed, Mohamed
AU - Laurent, Maryline
AU - Ludwig, Heiko
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/9/7
Y1 - 2017/9/7
N2 - Nowadays, Cloud providers revise the terms of their Service Level Agreements (SLAs) to include security provisions due to their criticality for their customers. In order to speed up their adoption by service providers and consumers and to make them more actionable, security SLAs monitoring should be described in a machine-processable, agile and extensible way. Several tools for SLA management are available on the market but most deal with performance metrics and do not refer to security properties. There are other tools for monitoring cloud security, in a non-SLA way. However, they are not associated with SLA management systems. We propose an extension to an SLA language (i.e., rSLA) to enable the description of security requirements in an SLA document. We also extend the rSLA framework by a security methodology that makes use of known tools and that enables continuously checking that the security requirements are respected during runtime according to the SLA document.
AB - Nowadays, Cloud providers revise the terms of their Service Level Agreements (SLAs) to include security provisions due to their criticality for their customers. In order to speed up their adoption by service providers and consumers and to make them more actionable, security SLAs monitoring should be described in a machine-processable, agile and extensible way. Several tools for SLA management are available on the market but most deal with performance metrics and do not refer to security properties. There are other tools for monitoring cloud security, in a non-SLA way. However, they are not associated with SLA management systems. We propose an extension to an SLA language (i.e., rSLA) to enable the description of security requirements in an SLA document. We also extend the rSLA framework by a security methodology that makes use of known tools and that enables continuously checking that the security requirements are respected during runtime according to the SLA document.
KW - Cloud Security Monitoring
KW - SLA
KW - Security Level Agreement
KW - Security Monitoring
U2 - 10.1109/IEEE.EDGE.2017.20
DO - 10.1109/IEEE.EDGE.2017.20
M3 - Conference contribution
AN - SCOPUS:85032299890
T3 - Proceedings - 2017 IEEE 1st International Conference on Edge Computing, EDGE 2017
SP - 90
EP - 97
BT - Proceedings - 2017 IEEE 1st International Conference on Edge Computing, EDGE 2017
A2 - Goscinski, Andrzej M
A2 - Luo, Min
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 1st IEEE International Conference on Edge Computing, EDGE 2017
Y2 - 25 June 2017 through 30 June 2017
ER -