Skip to main content

Upgrade SecSLA Using Security as a Service Based on Knowledge Graph

  • Conference paper
  • First Online:
Proceedings of the Future Technologies Conference (FTC) 2022, Volume 2 (FTC 2022 2022)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 560))

Included in the following conference series:

  • 674 Accesses

Abstract

Security as a Service (SecaaS) offers security capabilities as a cloud service. It offers the Customers the expertise of specialists in their fields, supports flexible deployment models, allows customers to focus on their business core, and leaves the security to the SecaaS provider. Besides, finding a Cloud Service that guarantees the minimum Security Service Level Agreement (SecSLA) required by the customer may be challenging. Due to the difference in the security objectives between the Cloud Service Provider (CSP) and the Cloud Service Customer (CSC). To enable the customer to use the Cloud Service without giving up security. We propose an approach to upgrade the SecSLA guaranteed by a Cloud Service using a set of SecaaS provided by a third-party CSP. Besides, based on the knowledge graph, we create a service that offers a centralized repository of Cloud Service and SecaaS. It furnishes a GraphQL API (Application Programming Interface) to allow users to search for relevant SecaaS that support their Cloud Services consumed and provide the missing Security Service Level Objective (SSLO) to achieve the minimum SecSLA. To validate our approach, we create a study case with five scenarios and evaluate the response time for each of them. We calculate the overhead of the scenarios that use our approach compared to the other ones.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    ISO/IEC 19086-1:2016 [10]: “documented agreement between the cloud service provider and cloud service customer that governs the covered service(s).”

  2. 2.

    ISO/IEC 19086-1:2016 [10]: “commitment a cloud service provider makes for a specific, quantitative characteristic of a cloud service, where the value follows the interval scale or ratio scale.”

  3. 3.

    ISO/IEC 19086-1:2016 [10]: “commitment a cloud service provider makes for a specific, qualitative characteristic of a cloud service, where the value follows the nominal scale or ordinal scale.”

  4. 4.

    GraphQL: https://graphql.org/.

  5. 5.

    Neo4j: https://neo4j.com/.

  6. 6.

    Docker: https://www.docker.com/.

  7. 7.

    MinIO: https://min.io/.

  8. 8.

    Django framework. https://www.djangoproject.com/.

  9. 9.

    Cryptography library. https://github.com/pyca/cryptography.

References

  1. Taha, A., Trapero, R., Luna, J., Suri, N.: A framework for ranking cloud security services. In: 2017 IEEE International Conference on Services Computing (SCC), pp. 322–329. IEEE, June 2017

    Google Scholar 

  2. Dogra, H., Verma, S., Hubballi, N., Swarnkar, M.: Security service level agreement measurement in cloud: a proof of concept implementation. In: 2017 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), pp. 1–6. IEEE, December 2017

    Google Scholar 

  3. Halabi, T., Bellaiche, M.: Towards quantification and evaluation of security of cloud service providers. J. Inf. Secur. Appl. 33, 55–65 (2017)

    Google Scholar 

  4. Silva, A., Silva, K., Rocha, A., Queiroz, F.: Calculating the trust of providers through the construction weighted Sec-SLA. Futur. Gener. Comput. Syst. 97, 873–886 (2019)

    Article  Google Scholar 

  5. Casola, V., Benedictis, A.D., Modic, J., Rak, M., Villano, U.: Per-service security SLAs for cloud security management: model and implementation. Int. J. Grid Util. Comput. 9(2), 128–138 (2018)

    Article  Google Scholar 

  6. Taha, A., Boukoros, S., Luna, J., Katzenbeisser, S., Suri, N.: QRES: quantitative reasoning on encrypted security SLAs. arXiv preprint arXiv:1804.04426 (2018)

  7. ISO/IEC 17788:2014. https://www.iso.org/obp/ui/#iso:std:iso-iec:17788:ed-1:v1:en

  8. Mell, P., Grance, T.: The NIST definition of cloud computing (2011)

    Google Scholar 

  9. The Security Guidance for Critical Areas of Focus in Cloud Computing v4.0 (“Guidance v4.0”). https://downloads.cloudsecurityalliance.org/assets/research/security-guidance/security-guidance-v4-FINAL.pdf

  10. ISO/IEC19086-1:2016. https://standards.iso.org/ittf/PubliclyAvailableStandards/c067545/_ISO/_IEC/_19086-1/_2016.zip

  11. Consensus Assessment Initiative Questionnaire CAIQ v4. https://cloudsecurityalliance.org/artifacts/star-level-1-security-questionnaire-caiq-v4/

  12. Cloud Security Alliance (CSA). https://cloudsecurityalliance.org/

  13. SP 800–53 Rev 5. https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final

  14. National Institute of Standards and Technology (NIST). https://www.nist.gov/

  15. Amazon Elastic Container Service (Amazon ECS). https://aws.amazon.com/ecs/

  16. Azure Container Instances. https://azure.microsoft.com/en-us/products/container-instances/

  17. Google Cloud Run. https://cloud.google.com/run

  18. https://min.io/product/enterprise-object-storage-encryption

  19. Docker Compose. https://docs.docker.com/compose/

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Abdelfateh Rahmouni .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Rahmouni, A., Oukid, S., Ghebghoub, Y. (2023). Upgrade SecSLA Using Security as a Service Based on Knowledge Graph. In: Arai, K. (eds) Proceedings of the Future Technologies Conference (FTC) 2022, Volume 2. FTC 2022 2022. Lecture Notes in Networks and Systems, vol 560. Springer, Cham. https://doi.org/10.1007/978-3-031-18458-1_33

Download citation

Publish with us

Policies and ethics