Skip to main content
Springer Nature Link
Log in

Security SLA in Next Generation Data Centers, the SPECS Approach

  • Conference paper
  • First Online:
Cloud Computing and Services Science (CLOSER 2016)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 740))

Included in the following conference series:

  • 738 Accesses

Abstract

Next generation Data Centers (ngDC) provide a significant evolution how storage resources can be provisioned. They are cloud-based architectures offering flexible IT infrastructure and services through the virtualization of resources: managing in an integrated way compute, network and storage resources. Despite the multitude of benefits available when leveraging a Cloud infrastructure, wide scale Cloud adoption for sensitive or critical business applications still faces resistance. One of the key limiting factors holding back larger adoption of Cloud services is trust. To cope with this, datacenter customers need more guarantees about the security levels provided, creating the need for tools to dynamically negotiate and monitor the security requirements. The SPECS project proposes a platform that offers security features with an as-a-service approach, furthermore it uses Security Service Level Agreements (Security SLA) as a means for establishing a clear statement between customers and providers to define a mutual agreement. This paper presents an industrial use case from EMC that integrates the SPECS Platform with their innovative solutions for the ngDC. In particular, the paper illustrates how it is possible to negotiate, enforce and monitor a Security SLA in a cloud infrastructure offering.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    http://www.specs-project.eu/.

  2. 2.

    https://www.vmware.com/it/products/vsphere.

  3. 3.

    http://www.emc.com/vipr.

  4. 4.

    https://www.chef.io/chef/.

  5. 5.

    https://community.emc.com/docs/DOC-19629.

  6. 6.

    https://www.vmware.com/products/vsphere-hypervisor.

  7. 7.

    https://github.com/CoprHD.

  8. 8.

    https://www.emc.com/collateral/data-sheet/h11750-emc-vipr-software-defined-storage-ds.pdf.

  9. 9.

    https://support.emc.com/downloads/32034_ViPR.

  10. 10.

    http://www.optimis-project.eu/.

  11. 11.

    http://www.sla-ready.eu/.

  12. 12.

    http://slalom-project.eu/.

  13. 13.

    http://resonance.noise.gatech.edu/.

  14. 14.

    http://frenetic-lang.org/pyretic/.

References

  1. Casola, V., De Benedictis, A., Rak, M., Villano, U.: Preliminary design of a platform-as-a-service to provide security in cloud. In: Proceedings of the 4th International Conference on Cloud Computing and Services Science, CLOSER 2014, Barcelona, Spain, 3–5 April 2014, pp. 752–757 (2014)

    Google Scholar 

  2. Casola, V., De Benedictis, A., Rak, M.: Security monitoring in the cloud: an SLA-based approach. In: 10th International Conference on Availability, Reliability and Security, ARES 2015, Toulouse, France, 24–27 August 2015, pp. 749–755 (2015)

    Google Scholar 

  3. Catteddu, D.: Security and resilience in governmental clouds. Technical report CSA (2011)

    Google Scholar 

  4. CSA: Cloud controls matrix v3.0 (2015). https://cloudsecurityalliance.org/download/cloud-controls-matrix-v3/

  5. CSCC: The CSCC practical guide to cloud service level agreements. Technical report, CSCC (2012)

    Google Scholar 

  6. Davidson, E.A.: The Software-Defined-Data-Center (SDDC): concept or reality? [VMware] (2013). http://blogs.softchoice.com/advisor/ssn/the-software-defined-data-cente r-sddc-concept-or-reality-vmware/

  7. De Benedictis, A., Rak, M., Turtur, M., Villano, U.: Rest-based SLA management for cloud applications. In: 2015 IEEE 24th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), pp. 93–98, June 2015

    Google Scholar 

  8. Dekker, M.: Critical cloud computing a CIIP perspective on cloud computing services. Technical report, ENISA (2012)

    Google Scholar 

  9. EC: Unleashing the potential of cloud computing in Europe. Technical report, EC (2011)

    Google Scholar 

  10. Force, J.T., Initiative, T.: Security and privacy controls for federal information systems and organizations. NIST Spec. Publ. 800, 53 (2013)

    Google Scholar 

  11. ISO: ISO/IEC NP 19086–1, Information Technology-Cloud computing-Service level agreement (SLA) framework and technology-Part 1: Overview and concepts (2014)

    Google Scholar 

  12. Marimuthu, K., Gopal, D.G., Kanth, K.S., Setty, S., Tainwala, K.: Scalable and secure data sharing for dynamic groups in cloud. In: 2014 International Conference on. Advanced Communication Control and Computing Technologies (ICACCCT), pp. 1697–1701. IEEE (2014)

    Google Scholar 

  13. Dekker, G.H.M.: Survey and analysis of security parameters in cloud slas across the European public sector (2011). http://www.enisa.europa.eu

  14. Morin, C.: Open computing infrastructures for elastic services: contrail approach. In: Proceedings of the 5th International Workshop on Virtualization Technologies in Distributed Computing, pp. 1–2. ACM (2011)

    Google Scholar 

  15. NIST: SP 800–53 Rev 4: Recommended Security and Privacy Controls for Federal Information Systems and Organizations. Technical report, NIST (2013)

    Google Scholar 

  16. Nithiavathy, R.: Data integrity and data dynamics with secure storage service in cloud. In: 2013 International Conference on Pattern Recognition, Informatics and Mobile Engineering (PRIME), pp. 125–130. IEEE (2013)

    Google Scholar 

  17. Pannetrat, A., Hogben, G., Katopodis, S., Spanoudakis, G., Cazorla, C.: D2.1: security-aware SLA specification language and cloud security dependency model. Technical report, certification infrastructure for multi-layer cloud services (cumulus) (2013)

    Google Scholar 

  18. Pearson, S.: Toward accountability in the cloud. IEEE Internet Comput. 15(4), 64–69 (2011)

    Article  Google Scholar 

  19. Rak, M., Ficco, M., Battista, E., Casola, V., Mazzocca, N.: Developing secure cloud applications. Scalable Comput. Pract. Exp. 15(1), 49–62 (2014)

    Google Scholar 

  20. Rak, M., Suri, N., Luna, J., Petcu, D., Casola, V., Villano, U.: Security as a service using an SLA-based approach via specs. In: IEEE Proceedings of IEEE CloudCom Conference 2013 (2013)

    Google Scholar 

  21. Rios, E., Iturbe, E., Orue-Echevarria, L., Rak, M., Casola, V.: Towards self-protective multi-cloud applications - MUSA - a holistic framework to support the security-intelligent lifecycle management of multi-cloud applications. In: CLOSER 2015 - Proceedings of the 5th International Conference on Cloud Computing and Services Science, Lisbon, Portugal, 20–22 May 2015, pp. 551–558 (2015)

    Google Scholar 

  22. Talpur, S.R., Abdalla, S., Kechadi, T.: Towards middleware security framework for next generation data centers connectivity. In: Science and Information Conference (SAI), pp. 1277–1283. IEEE (2015)

    Google Scholar 

  23. Theilmann, W., Yahyapour, R., Butler, J.: Multi-level SLA management for service-oriented infrastructures. In: Mähönen, P., Pohl, K., Priol, T. (eds.) ServiceWave 2008. LNCS, vol. 5377, pp. 324–335. Springer, Heidelberg (2008). doi:10.1007/978-3-540-89897-9_28

    Chapter  Google Scholar 

Download references

Acknowledgements

This research is partially supported by the EC FP7 project SPECS (Grant Agreement no. 610795).

Author information

Authors and Affiliations

  1. Dipartimento di Ingegneria dell’Informazione, Seconda Università di Napoli, Aversa, Italy

    Massimiliano Rak

  2. Dipartimento di Ingegneria Elettrica e Tecnologie dell’Informazione, Università di Napoli Federico II, Napoli, Italy

    Valentina Casola

  3. EMC Ireland COE Innovation, Cork, Ireland

    Silvio La Porta & Andrew Byrne

Authors
  1. Massimiliano Rak
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Valentina Casola
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Silvio La Porta
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Andrew Byrne
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Valentina Casola .

Editor information

Editors and Affiliations

  1. Dublin City University, Dublin, Ireland

    Markus Helfert

  2. Columbia University, New York, New York, USA

    Donald Ferguson

  3. Escola d’Enginyeria, Bellaterra, Barcelona, Spain

    Victor Méndez Muñoz

  4. Departamento de Engenharia Informática, Universidade de Coimbra, Coimbra, Portugal

    Jorge Cardoso

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Rak, M., Casola, V., La Porta, S., Byrne, A. (2017). Security SLA in Next Generation Data Centers, the SPECS Approach. In: Helfert, M., Ferguson, D., Méndez Muñoz, V., Cardoso, J. (eds) Cloud Computing and Services Science. CLOSER 2016. Communications in Computer and Information Science, vol 740. Springer, Cham. https://doi.org/10.1007/978-3-319-62594-2_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-62594-2_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-62593-5

  • Online ISBN: 978-3-319-62594-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics