SLA-Based Cloud Security Monitoring: Challenges, Barriers, Models and Methods

  • Dana Petcu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8805)

Abstract

Despite the tremendous efforts in cloud computing to overcome its main adoption barriers, like security concerns or quality of service guarantees, there is currently no commercial product or research prototype of a SLA-based cloud security monitoring system. This paper investigates the main challenges and barriers in designing a SLA-based cloud security monitoring system and the models and methods that can be used in its development.

Keywords

cloud computing monitoring service level security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Aceto, G., Botta, A., De Donato, W., Pescapè, A.: Survey cloud monitoring: A survey. Computer Networks 57(9), 2093–2115 (2013), http://dx.doi.org/10.1016/j.comnet.2013.04.001 CrossRefGoogle Scholar
  2. 2.
    Alhamazani, K., Ranjan, R., Mitra, K., Rabhi, F.A., Khan, S.U., Guabtni, A., Bhatnagar, V.: An overview of the commercial cloud monitoring tools: Research dimensions, design issues, and state-of-the-art. CoRR abs/1312.6170 (2013), http://arxiv.org/abs/1312.6170
  3. 3.
    Bernsmed, K., Jaatun, M.G., Meland, P.H., Undheim, A.: Security slas for federated cloud services. In: 2011 Sixth International Conference on Availability, Reliability and Security (ARES), pp. 202–209 (August 2011), http://dx.doi.org/10.1109/ARES.2011.34
  4. 4.
    de Chaves, S.A., Westphall, C.B., Lamin, F.R.: Sla perspective in security management for cloud computing. In: 2010 Sixth International Conference on Networking and Services (ICNS), pp. 212–217 (March 2010), http://dx.doi.org/10.1109/ICNS.2010.36
  5. 5.
    Clayman, S., Galis, A., Chapman, C., Toffetti, G., Rodero-Merino, L., Vaquero, L.M., Nagin, K., Rochwerger, B.: Monitoring service clouds in the future internet. In: Towards the Future Internet, pp. 115–126. IOS Press (March 2010), http://dx.doi.org/10.3233/978-1-60750-539-6-115
  6. 6.
    Cloud Security Alliance: Cloud controls matrix. Tech. Rep. Version 3, CSA (September 2013), https://cloudsecurityalliance.org/download/cloud-controls-matrix-v3/
  7. 7.
    CUMULUS Consortium: Security-aware sla specification language and cloud security dependency model. Tech. Rep. Deliverable D2.1, CUMULUS (September 2013), http://cumulus-project.eu/index.php/public-deliverables
  8. 8.
    Danwei, C., Xiuli, H., Xunyi, R.: Access control of cloud service based on ucon. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) Cloud Computing. LNCS, vol. 5931, pp. 559–564. Springer, Heidelberg (2009), http://dx.doi.org/10.1007/978-3-642-10665-1_52 CrossRefGoogle Scholar
  9. 9.
    Emeakaroha, V.C.: Managing Cloud Service Provisioning and SLA Enforcement via Holistic Monitoring Techniques. Ph.D. thesis, Vienna University of Technology (2012), http://www.infosys.tuwien.ac.at/staff/vincent/pub/Emeakaroha_thesis.pdf
  10. 10.
    European Union Agency for Network and Information Security: Procure secure: A guide to monitoring of security service levels in cloud contracts. Tech. rep., ENISA (April 2012), http://www.enisa.europa.eu/activities/Resilience-and-CIIP/cloud-computing/procure-secure-a-guide-to-monitoring-of-security-service-levels-in-cloud-contracts
  11. 11.
    Federal Office for Information Security: Security recommendations for cloud computing providers. Tech. rep., BSI (June 2011), https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Minimum_information/SecurityRecommendationsCloudComputingProviders.html
  12. 12.
    Lahmadi, A., Andrey, L., Festor, O.: Design and validation of an analytical model to evaluate monitoring frameworks limits. In: Eighth International Conference on Networks, ICN 2009, pp. 397–402 (March 2009)Google Scholar
  13. 13.
    Laniepce, S., Lacoste, M., Kassi-Lahlou, M., Bignon, F., Lazri, K., Wailly, A.: Engineering intrusion prevention services for iaas clouds: The way of the hypervisor. In: 2013 IEEE 7th International Symposium on Service Oriented System Engineering (SOSE), pp. 25–36 (March 2013), http://dx.doi.org/10.1109/SOSE.2013.27
  14. 14.
    Manavi, S., Mohammadalian, S., Udzir, N.I., Abdullah, A.: Secure model for virtualization layer in cloud infrastructure. International Journal of Cyber-Security and Digital Forensics 1(1), 32–40 (2012)Google Scholar
  15. 15.
    Montes, J., Sánchez, A., Memishi, B., Pérez, M.S., Antoniu, G.: Gmone: A complete approach to cloud monitoring. Future Generation Computing Systems 29(8), 2026–2040 (2013), http://dx.doi.org/10.1016/j.future.2013.02.011 CrossRefGoogle Scholar
  16. 16.
    Muñoz, A., Gonzalez, J., Maña, A.: A performance-oriented monitoring system for security properties in cloud computing applications. The Computer Journal 55(8), 979–994 (2012), http://dx.doi.org/10.1093/comjnl/bxs042 CrossRefGoogle Scholar
  17. 17.
    NIST Cloud Computing Standards Roadmap Working Group: Nist cloud computing reference architecture cloud service metrics description. Tech. rep., NIST (September 2013), http://www.nist.gov/itl/cloud/
  18. 18.
    Palhares, N., Lima, S.R., Carvalho, P.: A multidimensional model for monitoring cloud services. In: Rocha, Á., Correia, A.M., Wilson, T., Stroetmann, K.A. (eds.) Advances in Information Systems and Technologies. AISC, vol. 206, pp. 931–938. Springer, Heidelberg (2013), http://dx.doi.org/10.1007/978-3-642-36981-087 CrossRefGoogle Scholar
  19. 19.
    Petcu, D.: A taxonomy for sla-based monitoring of cloud security. In: 2014 IEEE 38th Annual Computer Software and Applications Conference (COMPSAC) (in print July, 2014)Google Scholar
  20. 20.
    Petcu, D., Crăciun, C.: Towards a security sla-based cloud monitoring service. In: 2014 4th International Conference on Cloud Computing and Services Science (CLOSER), pp. 598–603 (April 2014), http://dx.doi.org/10.5220/0004957305980603
  21. 21.
    Povedano-Molina, J., Lopez-Vega, J.M., Lopez-Soler, J.M., Corradi, A., Foschini, L.: Dargos: A highly adaptable and scalable monitoring architecture for multi-tenant clouds. Future Generation Computer Systems 29(8), 2041–2056 (2013), http://dx.doi.org/10.1016/j.future.2013.04.022 CrossRefGoogle Scholar
  22. 22.
    Rak, M., Suri, N., Luna, J., Petcu, D., Casola, V., Villano, U.: Security as a service using an sla-based approach via specs. In: 2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom), vol. 2, pp. 1–6 (December 2013), http://dx.doi.org/10.1109/CloudCom.2013.165
  23. 23.
    Rudolph, M., Schwarz, R.: A critical survey of security indicator approaches. In: 2012 Seventh International Conference on Availability, Reliability and Security (ARES), pp. 291–300 (August 2012), http://dx.doi.org/10.1109/ARES.2012.10
  24. 24.
    Siegel, J., Perdue, J.: Cloud services measures for global use: The service measurement index (smi). In: Annual SRII Global Conference, pp. 411–415 (2012)Google Scholar
  25. 25.
    Spring, J.: Monitoring cloud computing by layer, part 1. IEEE Security and Privacy 9(2), 66–68 (2011), http://dx.doi.org/10.1109/MSP.2011.33 CrossRefGoogle Scholar
  26. 26.
    Wagner, R., Heiser, J., Perkins, E., Nicolett, M., Kavanagh, K.M., Chuvakin, A., Young, G.: Predicts 2013: Cloud and services security. Tech. Rep. G00245775, Gartner (Nov 2012), https://www.gartner.com/doc/2254916/predicts--cloud-services-security
  27. 27.
    Zou, D., Zhang, W., Qiang, W., Xiang, G., Yang, L.T., Jin, H., Hu, K.: Design and implementation of a trusted monitoring framework for cloud platforms. Future Generation Computer Systems 29(8), 2092–2102 (2013), http://dx.doi.org/10.1016/j.future.2012.12.020 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Dana Petcu
    • 1
  1. 1.West University of TimişoaraRomania

Personalised recommendations