Skip to main content
SpringerLink
Log in

Security Assurance of (Multi-)Cloud Application with Security SLA Composition

  • Conference paper
  • First Online:
Green, Pervasive, and Cloud Computing (GPC 2017)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 10232))

Included in the following conference series:

Abstract

Despite the diffusion of the cloud computing paradigm, cloud security is still considered one of the main inhibitors for the adoption of cloud-based solution. Security Service Level Agreements (Security SLAs), i.e. agreements among providers and customers that states the level of security granted on the services delivered, adopted to enable a Cloud Service Provider (CSP) to declare its security policy and a way to measure them from cloud service customer (CSC) point of view. Security SLAs, however, not completely solve the security issue in cloud when we have complex supply chains. This paper proposes a technique to automatically generate Security SLA, relying on CSP declaration and on the services, composing the application. Security SLAs and cloud applications are modeled, enabling automatic reasoning over the security offerings and the evaluation of the security policy over an orchestration of cloud services.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Notes

  1. 1.

    https://cloudsecurityalliance.org/star/#_registry.

  2. 2.

    http://www.cloud28plus.com/.

  3. 3.

    The process is in course and we have analyzed about 300 of them.

  4. 4.

    Note that only some of the MACM relationships are reported in this paper.

References

  1. Casola, V., De Benedictis, A., Rak, M., Villano, U.: Preliminary design of a platform-as-a-service to provide security in cloud. In: CLOSER - Proceedings of the 4th International Conference on Cloud Computing and Services Science, Barcelona, Spain, 3–5 April, pp. 752–757 (2014)

    Google Scholar 

  2. SLA Ready Consortium: The SLA ready project web site (2015). http://www.sla-ready.eu/

  3. Casola, V., De Benedictis, A., Modic, J., Rak, M., Villano, U.: Per-service security SLA: a new model for security management in clouds. In: 2016 IEEE 25th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), pp. 83–88, June 2016

    Google Scholar 

  4. Bishop, D.M.: What is computer security? IEEE Secur. Priv. 1, 67–69 (2003). University of California

    Article  Google Scholar 

  5. Casola, V., De Benedictis, A., Rak, M., Modic, J., Erascu, M.: Automatically enforcing security SLAs in the cloud. IEEE Trans. Serv. Comput. (2016, preprints)

    Google Scholar 

  6. Andreieux, A.: Web services agreement specification (2007). https://www.ogf.org/documents/GFD.107.pdf

  7. NIST: SP 800-53 Rev 4: recommended security and privacy controls for federal information systems and organizations. National Institute of Standards and Technology, Technical report (2013). http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf

  8. Liu, H., Bu, F., Cai, H.: SLA-based service composition model with semantic support. In: IEEE Asia-Pacific Services Computing Conference (2012)

    Google Scholar 

  9. Zappatore, M., Longo, A., Bochicchio, M.A.: SLA composition in service networks. In: Proceedings of the 30th Annual ACM Symposium on Applied Computing - SAC 2015, pp. 1219–1224. ACM Press, New York (2015). http://dl.acm.org/citation.cfm?doid=2695664.2699490

  10. Bennani, N., Guegan, C., Musicante, M., Solar, G.: SLA-guided data integration on cloud environments. In: IEEE International Conference on Cloud Computing, CLOUD, pp. 934–935 (2014). http://www.scopus.com/inward/record.url?eid=2-s2.0-84919799134&partnerID=40&md5=ca5042e7d0fe0b96389d1cc764acd78c

  11. Bennani, N., Ghedira-Guegan, C., Vargas-Solar, G., Musicante, M.A.: Towards a secure database integration using SLA in a multi-cloud context. Constraint no. 2 (2015)

    Google Scholar 

  12. Satoh, F., Tokuda, T.: Security policy composition for composite services. In: 2008 Eighth International Conference on Web Engineering, pp. 86–97. IEEE, July 2008. http://ieeexplore.ieee.org/document/4577872/

  13. Satoh, F., Tokuda, T.: Security policy composition for composite web services. IEEE Trans. Serv. Comput. 4(4), 314–327 (2011). http://ieeexplore.ieee.org/document/5560635/

    Article  Google Scholar 

  14. Lee, A.J., Boyer, J.P., Olson, L.E., Gunter, C.A.: Defeasible security policy composition for web services. In: Proceedings of the Fourth ACM Workshop on Formal Methods in Security - FMSE 2006, pp. 45–54 (2006). http://portal.acm.org/citation.cfm?doid=1180337.1180342

  15. Errico, M.D., Malmignati, F., Andreotti, G.F.: A platform for secure and trustworthy service composition, pp. 67–72 (2014)

    Google Scholar 

  16. Zhou, B., Llewellyn-Jones, D., Shi, Q., Asim, M., Merabti, M., Lamb, D.: A compose language-based framework for secure service composition. In: 2012 International Conference on Cyber Security, SocialInformatics, pp. 195–202. IEEE, December 2012. http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=6542544ieeexplore.ieee.org/document/6542544/

  17. Dell’Amico, M., Serme, G., Idrees, M.S., de Olivera, A.S., Roudier, Y.: HiPoLDS: a security policy language for distributed systems. In: Askoxylakis, I., Pöhls, H.C., Posegga, J. (eds.) WISTP 2012. LNCS, vol. 7322, pp. 97–112. Springer, Heidelberg (2012). doi:10.1007/978-3-642-30955-7_10

    Google Scholar 

  18. Pham, N., Riguidel, M.: Security assurance aggregation for IT infrastructures. In: ICSNC, pp. 37–39 (2007)

    Google Scholar 

Download references

Acknowledgment

This research is partially supported by the grant H2020-ICT-07-2014-644429 (MUSA). The author would like to thank Marco Toscano, whose work during the master degree thesis was partially reused in this paper.

Author information

Authors and Affiliations

  1. Department of Industrial and Information Engineering, Universitá della Campania Luigi Vanvitelli, via Roma 29, 81031, Aversa, Caserta, Italy

    Massimiliano Rak

Authors
  1. Massimiliano Rak
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Massimiliano Rak .

Editor information

Editors and Affiliations

  1. Hong Kong Polytechnic University, Hong Kong, Hong Kong

    Man Ho Allen Au

  2. University of Salerno, Fisciano, Italy

    Arcangelo Castiglione

  3. University of Texas at San Antonio, San Antonio, Texas, USA

    Kim-Kwang Raymond Choo

  4. University of Salerno, Fisciano, Italy

    Francesco Palmieri

  5. Providence University, Taichung City, Taiwan

    Kuan-Ching Li

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Rak, M. (2017). Security Assurance of (Multi-)Cloud Application with Security SLA Composition. In: Au, M., Castiglione, A., Choo, KK., Palmieri, F., Li, KC. (eds) Green, Pervasive, and Cloud Computing. GPC 2017. Lecture Notes in Computer Science(), vol 10232. Springer, Cham. https://doi.org/10.1007/978-3-319-57186-7_57

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-57186-7_57

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-57185-0

  • Online ISBN: 978-3-319-57186-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation