Abstract
Cloud monitoring and, above all, security monitoring, is of fundamental importance for both providers and consumers. The availability of effective security metrics and related monitoring tools would not only improve the trust of consumers in acquired services and the control of providers over their infrastructures, but it would also enable the adoption of security-oriented Service Level Agreements stating formal guarantees about measurable security parameters.
In this paper, we discuss a Security SLA model including the concepts needed to formalize security metrics and security-oriented Service Level Objectives in compliance with existing standards, and present a novel Security Metric Catalogue collecting several metrics that can be used to monitor the level of security provided by a cloud or multi-cloud application.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
A4Cloud project web site (2017). http://www.a4cloud.eu/
MUSA project web site (2017). http://www.musa-project.eu
SPECS project web site (2017). http://www.specs-project.eu
A4Cloud Consortium: Deliverable D: 35.1: Metrics for Accountability. (2013). http://www.a4cloud.eu/sites/default/files/D35.1%20Metrics%20for%20accountability.pdf
Andrieux, A., Czajkowski, K., Dan, A., Keahey, K., Ludwig, H., Nakata, T., Pruyne, J., Rofrano, J., Tuecke, S., Xu, M.: Web services agreement specification (WS-Agreement). In: Global Grid Forum. The Global Grid Forum (GGF) (2004)
Casola, V., De Benedictis, A., Rak, M.: On the Adoption of Security SLAs in the Cloud. In: Felici, M., Fernández-Gago, C. (eds.) A4Cloud 2014. LNCS, vol. 8937, pp. 45–62. Springer, Cham (2015). doi:10.1007/978-3-319-17199-9_2
Casola, V., De Benedictis, A., Rak, M.: Security monitoring in the cloud: an SLA-based approach. In: 2015 10th International Conference on Availability, Reliability and Security (ARES), pp. 749–755 (2015). doi:10.1109/ARES.2015.74(2015)
Casola, V., De Benedictis, A., Rak, M., Modic, J., Erascu, M.: Automatically enforcing security slas in the cloud. IEEE Trans. Serv. Comput. PP(99), 1 (2016). doi:10.1109/TSC.2016.2540630
Casola, V., De Benedictis, A., Rak, M., Villano, U.: Preliminary design of a platform-as-a-service to provide security in cloud. In: CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science, Barcelona, Spain, 3–5 April 2014, pp. 752–757 (2014)
Center for Internet Security: The CIS Security Metrics v1.1.0. (2010). https://benchmarks.cisecurity.org/tools2/metrics/cis_security_metrics_v1.1.0.pdf
Cloud Security Alliance: Cloud Control Matrix v3.0. https://cloudsecurityalliance.org/download/cloud-controls-matrix-v3/
Cloud Security Alliance: The Treacherous Twelve, Cloud Computing Top Threats in 2016 (2016). https://cloudsecurityalliance.org/download/the-treacherous-twelve-cloud-computing-top-threats-in-2016/
International Organization for Standardization: ISO/IEC CD 19086–2. Information Technology - Cloud computing - Service level agreement (SLA) framework - Part 2: Metric Model (2017). https://www.iso.org/standard/67546.html
MUSA Consortium: Deliverable D2.1: Initial Sbd methods for multi-cloud applications (2016). http://www.tut.fi/musa-project/wp-content/uploads/2017/02/MUSA-D2.1-Initial-SbD-methods-for-multi-cloud-applications.pdf
National Institute of Standards and Technology: NIST Special Publication 800–55 Rev1. Performance measurement guide for information security (2008). http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-55r1.pdf
National Institute of Standards and Technology: NIST SP-800-53: Recommended Security Controls for Federal Information Systems (2013)
SPECS Consortium: Deliverable D4.3.2: Implementation of the enforcement SLA components - Intermediary (2015). http://www.specs-project.eu/publications/public-deliverables/d4-3-2/
SPECS Consortium: The SPECS Security Metric Catalogue (2017). http://apps.specs-project.eu/specs-app-security_metric_catalogue/
Jansen, W.: NIST Interagency/Internal Report (NISTIR) - 7564. Directions in Security Metrics Research (2009). http://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7564.pdf
Acknowledgment
This research is partially supported by the grant FP7-ICT-2013-11-610795 (SPECS) and H2020-ICT-07-2014-644429 (MUSA).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Casola, V., De Benedictis, A., Rak, M., Villano, U. (2018). A Security Metric Catalogue for Cloud Applications. In: Barolli, L., Terzo, O. (eds) Complex, Intelligent, and Software Intensive Systems. CISIS 2017. Advances in Intelligent Systems and Computing, vol 611. Springer, Cham. https://doi.org/10.1007/978-3-319-61566-0_81
Download citation
DOI: https://doi.org/10.1007/978-3-319-61566-0_81
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-61565-3
Online ISBN: 978-3-319-61566-0
eBook Packages: EngineeringEngineering (R0)