A novel approach to manage cloud security SLA incidents |
| |
| Affiliation: | 1. Department of Computer Science, Technische Universität Darmstadt, Darmstadt, 64289, Germany;2. XLAB d.o.o., Pot za Brdom 100, 1000 Ljubljana, Slovenia;1. Departamento de Física, CINVESTAV, Apdo. Postal 14-740, 07000 México, D.F., México;2. Ingeniería en Mecatrónica, UPP, Tercer Carril del Ejido ”Serrano” s/n San Mateo Cuanalá. Juan C. Bonilla, Puebla, Pue, México |
| |
| Abstract: | Cloud computing is increasingly playing an important role in the service provisioning domain given the economic and technological benefits it offers. The popularity of cloud services is increasing but so are their customers’ concerns about security assurance and transparency of the Cloud Service Providers (CSPs). This is especially relevant in the case of critical services that are progressively moving to the cloud. Examples include the integrated European air traffic control system or public administrations through the governmental clouds. Recent efforts aim to specify security in cloud by using security service level agreements (secSLAs). However, the paucity of approaches to actually control the fulfillment of secSLAs and to react in case of security breaches, often results in distrust in cloud services. In this paper, we present a solution to monitor and enforce the fulfillment of secSLAs. Our framework is able to (a) detect occurrences that lead to unfulfillment of commitments, and (b) also provide mitigation to the harmful events that may or do compromise the validity of secSLAs. |
| |
| Keywords: | Security SLAs Cloud computing Cloud security SLA monitoring SLA remediation |
| 本文献已被 ScienceDirect 等数据库收录! |
|
