Skip to main content
Springer Nature Link
Log in

SLA-Oriented Security Provisioning for Cloud Computing

  • Conference paper
Cloud Computing and Services Science (CLOSER 2012)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 367))

Included in the following conference series:

Abstract

Cloud Computing represents both a technology for using distributed computing infrastructures in a more efficient way, and a business model for renting computing services and resources. It is an opportunity for customers to reduce costs and increase efficiency. Moreover, it gives to small and medium enterprises the possibility of using services and technologies that were prerogative of large ones, by paying only for the used resources and avoiding unnecessary investment. The possibility of dynamically acquire and use resources and services on the base of a pay-by-use model, implies an incredible flexibility in terms of management, which is otherwise often hard to address. In this paper, we propose an approach to to build up SLA-oriented Cloud applications, which enable a Cloud provider to offer service customized on the customer security needing. In particular, by using a Cloud-oriented API derived from the mOSAIC project, the developer can implement security features that can be offered by the Cloud provider within their Service Level Agreement. In particular, we focus on providing an intrusion tolerance service to grant an application service availability even when the host system is under attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Westphall, C.B., Lamin, F.R.: SLA Perspective in Security Management for Cloud Computing. In: Proc. of the Int. Conf. on Networking and Services, pp. 212–217 (2010)

    Google Scholar 

  2. Cheng, F., Meinel, C.: Intrusion Detection in the Cloud. In: Proc. of the IEEE Int. Conf. on Dependable, Autonomic and Secure Computing, pp. 729–734 (December 2009)

    Google Scholar 

  3. mOSAIC: Open Source API and platform for multiple Clouds (2010), http://www.mosaic-cloud.eu

  4. Rak, M., Venticinque, S., Aversa, R., Di Martino, B.: User Centric Service Level Management in mOSAIC Application. In: Proc. of the Europar 2011 Workshop, pp. 106–115. IEEE CS Press (2011)

    Google Scholar 

  5. Kouznetsov, P., Haeberlen, A., Druschel, P.: The case for Byzantine fault detection. In: Proc. of the 2nd Workshop on Hot Topics in System Dependability, pp. 5–10 (2006)

    Google Scholar 

  6. Neves, N.F., Sousa, P., Verissimo, P.: Proactive resilience through architectural hybridization. In: Proc. of the ACM Symp. on Applied Computing (SAC 2006), pp. 686–690 (2006)

    Google Scholar 

  7. Mista, R., Bakken, D., Dyreron, C., Franz, A., Medidi, M.: Mrfusion: A programmable data fusion middleware subsystem with a tunable statistical profiling service. In: Proc. of the Int. Conference on Dependable Systems and Network (DSN 2002), pp. 273–278 (2002)

    Google Scholar 

  8. Ficco, M., Rak, M.: Intrusion tolerance of stealth DoS attacks to web services. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IFIP AICT, vol. 376, pp. 579–584. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  9. Coppolino, L., D’Antonio, S., Esposito, M., Romano, L.: Exploiting diversity and correlation to improve the performance of intrusion detection systems. In: Proc. of the Int. Conf. on Network and Service Security, pp. 24–26 (2009)

    Google Scholar 

  10. Ficco, M., Romano, L.: A generic intrusion detection and diagnoser system based on complex event processing. In: Proc. of the 1st International Conference on Data Compression, Communication, and Processing (CCP 2011), pp. 285–292 (2011)

    Google Scholar 

  11. Heimbigner., D., Knight, J., Wolf, A.: The willow architecture: Comprehensive survivability for large-scale distributed applications. In: Proc. of the Intrusion Tolerant System Workshop, pp. 71–78 (2002)

    Google Scholar 

  12. Squid: an open source fully-featured HTTP/1.0 proxy (2012), http://www.squid-cache.org

  13. Ganglia, a scalable distributed monitoring system for high-performance computing systems (2012), http://ganglia.sourceforge.net

  14. Ficco, M., Rak, M.: Intrusion tolerant approach for denial of service attacks to web services. In: Proc. of the 1st Int. Conf. on Data Compression, Communications and Processing (CCP 2011), pp. 285–292. IEEE CS Press (2011)

    Google Scholar 

  15. TPC Benchmark W (TPC-W), a transactional web benchmark (2012), http://www.tpc.org/tpcw/

  16. Ficco, M., Rak, M.: Intrusion tolerance in cloud applications: The mOSAIC approach. In: Proc. of the 6th International Conference on Complex, Intelligent, and Software Intensive Systems, CISIS 2012, pp. 170–176 (2012)

    Google Scholar 

  17. Rak, M., Liccardo, L., Aversa, R.: A SLA-based Interface for Security Management in Cloud and GRID Integrations. In: Proc. of the 7th International Conference on Information Assurance and Security (IAS). IEEE Press (2011)

    Google Scholar 

  18. Karjoth, G., Pfitzmann, B., Schunter, M., Waidner, M.: Service-oriented Assurance, Comprehensive Security by Explicit Assurances. In: Quality of Protection, vol. 23, pp. 13–24. Springer (2006)

    Google Scholar 

  19. Smith, M., Schmidt, M., Fallenbeck, N., Schridde, C., Freisleben, B.: Optimising Security Configurations with Service Level Agreements. In: Proc. of the 7th Int. Conf. on Optimization: Techniques and Applications (ICOTA 2007), pp. 367–381. IEEE Press (2007)

    Google Scholar 

  20. Brandic, I., Music, D., Dustdar, S., Venugopal, S., Buyya, R.: Advanced QoS methods for Grid workflows based on meta-negotiations and SLA-mappings. In: Proc. of the 3th Workshop on Workflows in Support of Large Scale Science (2008)

    Google Scholar 

  21. Ficco, M., Rak, M., Di Martino, B.: An intrusion detection framework for supporting SLA assessment in cloud computing. In: Proc. of the 4th Int. Conf. on Computational Aspects of Social Networks (CASoN), pp. 244–249. IEEE CS Press (November 2012)

    Google Scholar 

  22. Palmieri, F., Fiore, U., Castiglione, A.: Automatic security assessment for next generation wireless mobile networks. In: Mobile Information Systems, vol. 7(3), pp. 217–239. IOS Press (2011)

    Google Scholar 

  23. Ficco, M., Venticinque, S., Di Martino, B.: mOSAIC-Based intrusion detection framework for cloud computing. In: Meersman, R., et al. (eds.) OTM 2012, Part II. LNCS, vol. 7566, pp. 628–644. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Ingegneria Industriale e dell’Informazione, Second University of Naples (SUN), Via Roma 29, 81031, Aversa, Italy

    Massimo Ficco & Massimiliano Rak

Authors
  1. Massimo Ficco
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Massimiliano Rak
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Empire State College, Long Island Center, State University of New York, 11788, NY, U.S.A.

    Ivan I. Ivanov

  2. University of Twente, Enschede, The Netherlands

    Marten van Sinderen

  3. Institute of Architecture of Application Systems, University of Stuttgart, Universittsstraße 38, 70569, Stuttgart, Germany

    Frank Leymann

  4. CTS, Charlotte, NC, USA

    Tony Shan

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this paper

Cite this paper

Ficco, M., Rak, M. (2013). SLA-Oriented Security Provisioning for Cloud Computing. In: Ivanov, I.I., van Sinderen, M., Leymann, F., Shan, T. (eds) Cloud Computing and Services Science. CLOSER 2012. Communications in Computer and Information Science, vol 367. Springer, Cham. https://doi.org/10.1007/978-3-319-04519-1_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-04519-1_15

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-04518-4

  • Online ISBN: 978-3-319-04519-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics