Cloud monitoring and, above all, security monitoring, is of fundamental importance for both providers and consumers. The availability of effective security metrics and related monitoring tools would not only improve the trust of consumers in acquired services and the control of providers over their infrastructures, but it would also enable the adoption of security-oriented Service Level Agreements stating formal guarantees about measurable security parameters. In this paper, we discuss a Security SLA model including the concepts needed to formalize security metrics and security-oriented Service Level Objectives in compliance with existing standards, and present a novel Security Metric Catalogue collecting several metrics that can be used to monitor the level of security provided by a cloud or multi-cloud application.
A security metric catalogue for cloud applications
Rak, Massimiliano;
2017
Abstract
Cloud monitoring and, above all, security monitoring, is of fundamental importance for both providers and consumers. The availability of effective security metrics and related monitoring tools would not only improve the trust of consumers in acquired services and the control of providers over their infrastructures, but it would also enable the adoption of security-oriented Service Level Agreements stating formal guarantees about measurable security parameters. In this paper, we discuss a Security SLA model including the concepts needed to formalize security metrics and security-oriented Service Level Objectives in compliance with existing standards, and present a novel Security Metric Catalogue collecting several metrics that can be used to monitor the level of security provided by a cloud or multi-cloud application.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.