Abstract
The increasing number of cloud service providers (CSP) is creating opportunities for multi-cloud deployments, where components are deployed across different CSP, instead of within a single CSP. Selecting the right set of CSP for a deployment then becomes a key step in the deployment process. This paper argues that deployment should take security into account when selecting CSP. This paper makes two contributions in this direction. First the paper describes how industrial standard security control frameworks may be integrated into the deployment process to select CSP that provide sufficient levels of security. It also argues that ability to monitor CSP security should also be considered. The paper then describes how security requirements may be modelled as constraints on deployment objectives to find optimal deployment plans. The importance of using cloud security standards as a basis for reasoning on required and provided security features is discussed.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Cloud Control Matrix (2011), http://www.cloudsecurityalliance.org/cm.html
Cloud Security Alliance. The Security, Trust & Assurance Registry (STAR), https://cloudsecurityalliance.org/star/ (last access: 2014)
Dekker, M., Hogben, G.: Survey and analysis of security parameters in cloud SLAs across the European public sector (2011), http://www.enisa.europa.eu/
NIST, Cloud Computing: Cloud Service Metrics Description (RATAX) (2014)
SPECS home page, http://specs-project.eu/ (last access: 2014)
CUMULUS project home page, http://www.cumulus-project.eu (last access: 2014)
PASSAGE project home page, http://www.passage-project.eu/ (last access: 2014)
Cloud computing, http://en.wikipedia.org/wiki/Cloud_computing#Multicloud
Multi cloud, http://en.wikipedia.org/wiki/Multicloud
Brenner, J.: ISO 27001: Risk management and compliance. Risk Management 54(1), 24 (2007)
Industry, Payment Card. Data security standard. Requirements and Security Assessment Procedures, Version 3 (2013)
Choco Solver, http://www.emn.fr/z-info/choco-solver/
NIST, Cloud Computing: Cloud Service Metrics Description (RATAX). Working document (2014)
Garcia, J.L., Vateva-Gurova, T., Suri, N., Rak, M., Liccardo, L.: Negotiating and Brokering Cloud Resources based on Security Level Agreements. In: CLOSER, pp. 533–541. SciTePress (2013)
Pannetrat, A., Hogben, G., et al.: D2.1 Security-aware SLA specification language and Cloud security dependency model., CUMULUS project deliverable (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Massonet, P., Luna, J., Pannetrat, A., Trapero, R. (2015). Idea: Optimising Multi-Cloud Deployments with Security Controls as Constraints. In: Piessens, F., Caballero, J., Bielova, N. (eds) Engineering Secure Software and Systems. ESSoS 2015. Lecture Notes in Computer Science, vol 8978. Springer, Cham. https://doi.org/10.1007/978-3-319-15618-7_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-15618-7_8
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-15617-0
Online ISBN: 978-3-319-15618-7
eBook Packages: Computer ScienceComputer Science (R0)