Cloud security, due to the lack of control over leased resources, is considered one of the main inhibitors to a wider adoption of the cloud paradigm. Recently, Security Service Level Agreements (Security SLAs), contracts among cloud service providers, and cloud service customers stating the granted level of security, appear to be the main way to address such an issue. Security (continuous) monitoring is one of the needs that must be technically solved to offer effective Security SLAs: cloud customers need a simple and effective way to measure the security level and to verify that grants are being respected. In this chapter, we outline the problems related to monitoring security in the cloud, and illustrate a Security SLA-based monitoring approach. Moreover, we provide concrete examples related to offering services protected against Denial of Service (DoS) attacks and provided with continuous scanning and management of existing software vulnerabilities. The presented examples rely on the adoption of the innovative SPECS framework. This framework, developed in the context of the FP7-ICT programme project SPECS, aims at offering Security-as-a-Service using an SLA-based approach.

Monitoring Data Security in the Cloud: A Security SLA-Based Approach

Rak M.
;
2017

Abstract

Cloud security, due to the lack of control over leased resources, is considered one of the main inhibitors to a wider adoption of the cloud paradigm. Recently, Security Service Level Agreements (Security SLAs), contracts among cloud service providers, and cloud service customers stating the granted level of security, appear to be the main way to address such an issue. Security (continuous) monitoring is one of the needs that must be technically solved to offer effective Security SLAs: cloud customers need a simple and effective way to measure the security level and to verify that grants are being respected. In this chapter, we outline the problems related to monitoring security in the cloud, and illustrate a Security SLA-based monitoring approach. Moreover, we provide concrete examples related to offering services protected against Denial of Service (DoS) attacks and provided with continuous scanning and management of existing software vulnerabilities. The presented examples rely on the adoption of the innovative SPECS framework. This framework, developed in the context of the FP7-ICT programme project SPECS, aims at offering Security-as-a-Service using an SLA-based approach.
2017
Casola, V.; De Benedictis, A.; Rak, M.; Villano, U.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11591/452189
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? ND
social impact