Towards a Proof-based SLA Management Framework - The SPECS Approach
Miha Stopar, Jolanda Modic, Dana Petcu, Massimiliano Rak
2016
Abstract
We present a framework that allows monitoring of the cloud-based applications and environments to verify fulfilment of Service Level Agreements (SLAs), to analyse and remediate detectable security breaches that compromise the validity of SLAs related to storage services. In particular, we describe a system to facilitate identification of the root cause of each violation of integrity, write-serializability and read-freshness properties. Such a system enables executing remediation actions specifically planned for detectable security incidents. The system is activated in an automated way on top of storage services, according to an SLA, which can be negotiated with customers.
References
- Addis, B., Ardagna, D., Panicucci, B., Zhang, L., 2010. Autonomic management of cloud service centers with availability guarantees. In CLOUD'10, Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing, IEEE.
- Albeshri, A., Boyd, C., Gonzáles Nieto, J., 2014. Enhanced GeoProof: Improved geographic assurance for data in the cloud. International Journal of Information Security 13(2):191-198.
- Arcieri T., 2013. What's wrong with in-browser cryptography. http://tonyarcieri.com/whats-wrongwith-webcrypto.
- Ateniese, G., Burns, R., Curtmola, R., Herring, J., 2007. Provable data possession at untrusted stores. In CCS'07, Proceedings of the 14th ACM Conference on Computer and Communications Security, ACM.
- Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z., Song, D., 2011. Remote data checking using provable data possessions. Transactions in Information and System Security 14(1):1-34, ACM.
- Badidi, E., 2013. A cloud service broker for SLA-based SaaS provisioning. In Proceedings of the 2013 International Conference on Information Society, IEEE.
- Bonvin, N., Papaioannou, T. G., Aberer, K., 2011. Autonomic SLA-driven provisioning for cloud applications. In CCGRID'11, Proceedings of the 2011 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, IEEE.
- Bowers, K. D., Juels, A., Oprea, A., 2009. Proofs of Retrievability: Theory and implementation. In CCSW'09, Proceedings of the 2009 ACM Workshop on Cloud Computing Security, ACM.
- Brandic, I., Emeakaroha, V. C., Maurer, M., Dustard, S., Acs, S., Kertesz, A., Kecskemeti, G., 2010. LAYSI: A layered approach for SLA-violation propagation in self-manageable cloud infrastructures. In COMPSACW'10, Proceedings of the 2010 IEEE 34th Annual Computer Software and Applications Conference Workshop, IEEE.
- Brickell, E. F., Camenisch, J., Chen, L., 2004. Direct anonymous attestation. In CCS'04, Proceedings of the 11th ACM Conference on Computer and Communications Security, ACM.
- Chef, 2008. Chef Software web site. https://www.chef.io/.
- Cloud Standards Customer Council, 2015. Practical guide to cloud service agreement version 2.0.
- Emeakaroha, V. C., Netto, M. A. S., Calheiros, R. N., Brandic, I., Buyya, R., De Rose, C. A. F., 2012. Towards autonomic detection of SLA violations in cloud infrastructure. Future Generation Computer Systems 28(7):1017-1029.
- Erway, C. C., Küpcü, A., Papamanthou, C., Tamassia, R., 2015. Dynamic provable data possession. Transactions on Information and System Security, 17(4):1-29, ACM.
- European Commission, 2014. Cloud service level agreement standardisation guidelines, C-SIG SLA 2014.
- Feng, J., Chen, Y., Summerville, D., Ku, W. S., Su, Z., 2011. Enhancing cloud storage security against rollback attacks with a new fair multiparty nonrepudiation protocol. In CCNC'11, Proceedings of the IEEE Consumer Communications and Networking Conference, IEEE.
- Halevi, S., Harnik, D., Pinkas, B., Shulman-Peleg, A., 2011. Proofs of ownership in remote storage systems. In CCS'11, Proceedings of the 18th ACM Conference on Computer and Communications Security, ACM.
- ISO/IEC, 2014. Information technology -- Cloud computing -- Service level agreement (SLA) framework and technology (Draft), ISO/IEC 19086.
- Juels, A., Kaliski Jr., B. S., 2007. PORs: Proofs of retrievability for large files. In CCS'07, Proceedings of the 14th ACM Conference on Computer and Communications Security, ACM.
- Kaaniche, N., El Moustaine, E., Laurent, M., 2014. A Novel zero-knowledge scheme for proof of data possession in cloud storage applications. In CCGrid'14, Proceedings of 14th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, IEEE/AMC.
- Katz-Bassett, E., John, P. J., Ksishnamurthy, A., Wetherall, D., Anderson, T., Chawathe, Y., 2006. Towards IP geoolocation using delay and topology measurements. In IMC'06, Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, ACM.
- Leitner, P., Michlmayr, A., Rosenberg, F., Dustard, S., 2010. Monitoring, prediction and pevention of SLA violations in composite services. In ICWS'10, Proceedings of the 2010 IEEE International Conference on Web Services, IEEE.
- mOSAIC, 2010. The mOSAIC project web site. http://www.mosaic-cloud.eu.
- Popa, R. A., Lorch, J. R., Molnar, D., Wang, H. J., Zhuang, L., 2011. Enabling security in cloud storage SLAs with CloudProof. In USENIX ATC'11, 2011 USENIX Annual Technical Conference.
- Pulls, T., Peeters, R., Wouters, K., 2013. Distributed Privacy-Preserving Transparency Logging. In WPES'13, Proceedings of the 12th ACM workshop on privacy in the electronic society, ACM.
- Rak, M., Villano, U., Casola, V., De Benedictis, A., 2015. SLA-based secure Cloud Application Development: the SPECS Framework, In Proceedings of the 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing.
- Sahai, A., Machiraju, V., Sayal, M., van Moorsel, A. P. A., Casati, F., 2002. Automated SLA monitoring for web services. In DSOM'02, Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications, Springer-Verlag.
- Shacham, H., Waters, B., 2013. Compact Proofs of Retrievability. Journal of Cryptology, 26(3):42-483.
- SLA@SOI, 2009. The SLA@SOI project web site. http://sla-at-soi.eu.
- SPECS, 2013 The SPECS project web site. http://www.specs-project.eu/.
- SPECS Team, 2015. SPECS Team Bitbucket account. https://bitbucket.org/specs-team/.
- Watson, G. J., Safavi-Naini, R., Locasto, M. E., Narayan, S., 2012. LoSt: Location based storage. In CCSW'12, Proceedings of the 2012 ACM Workshop on Cloud Computing and Security Workshop, ACM.
Paper Citation
in Harvard Style
Stopar M., Modic J., Petcu D. and Rak M. (2016). Towards a Proof-based SLA Management Framework - The SPECS Approach . In Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 2: CLOSER, ISBN 978-989-758-182-3, pages 240-248. DOI: 10.5220/0005771302400248
in Bibtex Style
@conference{closer16,
author={Miha Stopar and Jolanda Modic and Dana Petcu and Massimiliano Rak},
title={Towards a Proof-based SLA Management Framework - The SPECS Approach},
booktitle={Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 2: CLOSER,},
year={2016},
pages={240-248},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005771302400248},
isbn={978-989-758-182-3},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 2: CLOSER,
TI - Towards a Proof-based SLA Management Framework - The SPECS Approach
SN - 978-989-758-182-3
AU - Stopar M.
AU - Modic J.
AU - Petcu D.
AU - Rak M.
PY - 2016
SP - 240
EP - 248
DO - 10.5220/0005771302400248