Title Formalization of SLAs for Cloud Forensic Readiness

2013 IEEE 5th International Conference on Cloud Computing Technology and Science, 2013

The cloud offers attractive options to migrate corporate applications, without any implication for the corporate security manager to manage or to secure physical resources. While this ease of migration is appealing, several security issues arise: can the validity of corporate legal compliance regulations still be ensured for remote data storage? How is it possible to assess the Cloud Service Provider (CSP) ability to meet corporate security requirements? Can one monitor and enforce the agreed cloud security levels? Unfortunately, no comprehensive solutions exist for these issues. In this context, we introduce a new approach, named SPECS. It aims to offer mechanisms to specify cloud security requirements and to assess the security features offered by CSPs, and to integrate the desired security services (e.g., credential and access management) into cloud services with a Security-as-a-Service approach. Furthermore, SPECS intends to provide systematic approaches to negotiate, to monitor and to enforce the security parameters specified in Service Level Agreements (SLA), to develop and to deploy security services that are cloud SLA-aware and are implemented as an opensource Platform-as-a-Service (PaaS). This paper introduces the main concepts of SPECS.

Journal of Information Security, 2012

The tremendous growth of the cloud computing environments requires new architecture for security services. Cloud computing is the utilization of many servers/data centers or Cloud Data Storages (CDSs) housed in many different locations and interconnected by high speed networks. CDS, like any other emerging technology, is experiencing growing pains. It is immature, it is fragmented and it lacks standardization. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this paper a comprehensive security framework based on Multi-Agent System (MAS) architecture for CDS to facilitate confidentiality, correctness assurance, availability and integrity of users' data in the cloud is proposed. Our security framework consists of two main layers as agent layer and CDS layer. Our propose MAS architecture includes main five types of agents: Cloud Service Provider Agent (CSPA), Cloud Data Confidentiality Agent (CDConA), Cloud Data Correctness Agent (CDCorA), Cloud Data Availability Agent (CDAA) and Cloud Data Integrity Agent (CDIA). In order to verify our proposed security framework based on MAS architecture, pilot study is conducted using a questionnaire survey. Rasch Methodology is used to analyze the pilot data. Item reliability is found to be poor and a few respondents and items are identified as misfits with distorted measurements. As a result, some problematic questions are revised and some predictably easy questions are excluded from the questionnaire. A prototype of the system is implemented using Java. To simulate the agents, oracle database packages and triggers are used to implement agent functions and oracle jobs are utilized to create agents.

2012 International Conference for Internet Technology and Secured Transactions, 2012

Increasing emphasis in data protection legislation on the provision of user consent and privacy protection poses a challenge to automated Cloud Computing applications.. Here, the infrastructure is removed from the user and therefore no direct link for consent or user control exists. In such environments assurance and best effort from the Cloud Provider to carry out the users wishes and protect his or her privacy must be achieved. This paper introduces such an approach using legally focused risk assessment management of Service Level Agreements between Cloud Service Providers and Cloud Infrastructure Providers.

Cloud computing, as new paradigm of new century, provides various advantages and benefits for the organizations and individuals. Among them resource provisioning is a big advantage that supports cloud providers cloud resources with their users. Providing a secure way for resource provisioning is a critical issue, so that any neglect of it causes a lot of concerns for both providers and users. Service Level Agreement (SLA) defines the level of access to the resources providing in cloud environment. The main aim of this study is providing a model to integrate the common security policies and mechanisms with SLA. It proposed a security infrastructure for on-demand service provisioning.

Proceedings of the 6th International Conference on Cloud Computing and Services Science, 2016

We present a framework that allows monitoring of the cloud-based applications and environments to verify fulfilment of Service Level Agreements (SLAs), to analyse and remediate detectable security breaches that compromise the validity of SLAs related to storage services. In particular, we describe a system to facilitate identification of the root cause of each violation of integrity, write-serializability and read-freshness properties. Such a system enables executing remediation actions specifically planned for detectable security incidents. The system is activated in an automated way on top of storage services, according to an SLA, which can be negotiated with customers.

Cloud Workshops at OOPSLA, 2009

Cloud computing that provides cheap and pay-as-you-go computing resources is rapidly gaining momentum as an alternative to traditional IT Infrastructure. As more and more consumers delegate their tasks to cloud providers, Service Level Agreements(SLA) between consumers and providers emerge as a key aspect. Due to the dynamic nature of the cloud, continuous monitoring on Quality of Service (QoS) attributes is necessary to enforce SLAs. Also numerous other factors such as trust (on the cloud provider) come into consideration, particularly for enterprise customers that may outsource its critical data. This complex nature of the cloud landscape warrants a sophisticated means of managing SLAs. This paper proposes a mechanism for managing SLAs in a cloud computing environment using the Web Service Level Agreement(WSLA) framework, developed for SLA monitoring and SLA enforcement in a Service Oriented Architecture (SOA). We use the third party support feature of WSLA to delegate monitoring and enforcement tasks to other entities in order to solve the trust issues. We also present a real world use case to validate our proposal.

International Journal of Research in Engineering and Technology, 2014

One of the most promising field in computing is regarded as cloud computing, which allows users to store their data virtually over the cloud without the need of any fixed infrastructure. It offer user to manipulate their data regardless of the geographical position, hence providing a scalable, feasible and flexible way to connect user to their data. The cloud can be considered as of the Internet where data are usually stored and computing refers to the applications and services that it can provide. Users are connected to cloud by Cloud Service Providers through the Internet connection. Both users and cloud service provider agree on a protocol known as service level agreements for exchange of information. Cloud computing provides increase in capacity and grants the capability to perform computation on cloud infrastructure to its users. Cloud Computing is capable of providing more convenient communication and instant multi-point collaboration feature. Cloud computing provides better utilization of distributed resource over large amount of data and they can be access remotely through the internet. Quality of service should be kept in mind will designing the service level agreement. There are many problem related to cloud computing such as traffic managements, security and privacy. This paper provides a survey on the basic working principle of clouding computing. This paper provides an overview of the cloud architecture including the different types and level of clouds services. In this paper focus has been made upon the service level agreement, issue and security prospectus over the cloud computing.

2013 IEEE International Conference on Big Data, 2013

Service Level Agreements (SLAs) represent service management contracts that are processed by monitoring and measurement mechanisms for the evaluation of the signatories adherence to the agreed service levels during service execution. The paper discusses SLA data management characteristics that need to be considered in the design of data models for SLA documents. The SLA anatomy is introduced with respect to the Web Service Level Agreement (WSLA) [1] language specification. Furthermore, the paper highlights current obstacles for the integration of automated SLA management in the cloud business setting. The contributed SLA data analysis maps SLA terms to data management attributes according to their operational relevance during the SLA activity. We present an SLA digraph model for the automated SLA formulation and data handling. The SLA digraph is introduced as a programming module that sits on the application layer and communicates with backend data stores for the SLA persistence.

Lecture Notes in Computer Science, 2014

The emerging transformation from a product oriented economy to a service oriented economy based on Cloud environments envisions new scenarios where actual QoS (Quality of Service) mechanisms need to be redesigned. In such scenarios new models to negotiate and manage Service Level Agreements (SLAs) are necessary. An SLA is a formal contract which defines acceptable service levels to be provided by the Service Provider to its customers in measurable terms. SLAs are an essential component in building Cloud systems where commitments and assurances are specified, implemented, monitored and possibly negotiable. This is meant to guarantee that consumers' service quality expectations can be achieved. In fact, the level of customer satisfaction is crucial in Cloud environments, making SLAs one of the most important and active research topics. This paper presents an SLA implementation for negotiation, monitoring and renegotiation of agreements for Cloud services based on the CMAC (Condition Monitoring on A Cloud) platform. CMAC offers condition monitoring services in cloud computing environments to detect events on assets as well as data storage services.

Communications in Computer and Information Science, 2013

Cloud Computing represents both a technology for using distributed computing infrastructures in a more efficient way, and a business model for renting computing services and resources. It is an opportunity for customers to reduce costs and increase efficiency. Moreover, it gives to small and medium enterprises the possibility of using services and technologies that were prerogative of large ones, by paying only for the used resources and avoiding unnecessary investment. The possibility of dynamically acquire and use resources and services on the base of a payby-use model, implies an incredible flexibility in terms of management, which is otherwise often hard to address. In this paper, we propose an approach to to build up SLA-oriented Cloud applications, which enable a Cloud provider to offer service customized on the customer security needing. In particular, by using a Cloud-oriented API derived from the mOSAIC project, the developer can implement security features that can be offered by the Cloud provider within their Service Level Agreement. In particular, we focus on providing an intrusion tolerance service to grant an application service availability even when the host system is under attack.