Home > Research > Publications & Outputs > A novel approach to manage cloud security SLA i...
View graph of relations

A novel approach to manage cloud security SLA incidents

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Published

Standard

A novel approach to manage cloud security SLA incidents. / Trapero, R.; Modic, J.; Stopar, M. et al.
In: Future Generation Computer Systems, Vol. 72, 01.07.2017, p. 193-205.

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Harvard

Trapero, R, Modic, J, Stopar, M, Taha, A & Suri, N 2017, 'A novel approach to manage cloud security SLA incidents', Future Generation Computer Systems, vol. 72, pp. 193-205. https://doi.org/10.1016/j.future.2016.06.004

APA

Trapero, R., Modic, J., Stopar, M., Taha, A., & Suri, N. (2017). A novel approach to manage cloud security SLA incidents. Future Generation Computer Systems, 72, 193-205. https://doi.org/10.1016/j.future.2016.06.004

Vancouver

Trapero R, Modic J, Stopar M, Taha A, Suri N. A novel approach to manage cloud security SLA incidents. Future Generation Computer Systems. 2017 Jul 1;72:193-205. Epub 2017 Jun 14. doi: 10.1016/j.future.2016.06.004

Author

Trapero, R. ; Modic, J. ; Stopar, M. et al. / A novel approach to manage cloud security SLA incidents. In: Future Generation Computer Systems. 2017 ; Vol. 72. pp. 193-205.

Bibtex

@article{0b19cd6bcc2d46d4a907091739da7eb5,
title = "A novel approach to manage cloud security SLA incidents",
abstract = "Cloud computing is increasingly playing an important role in the service provisioning domain given the economic and technological benefits it offers. The popularity of cloud services is increasing but so are their customers{\textquoteright} concerns about security assurance and transparency of the Cloud Service Providers (CSPs). This is especially relevant in the case of critical services that are progressively moving to the cloud. Examples include the integrated European air traffic control system or public administrations through the governmental clouds. Recent efforts aim to specify security in cloud by using security service level agreements (secSLAs). However, the paucity of approaches to actually control the fulfillment of secSLAs and to react in case of security breaches, often results in distrust in cloud services. In this paper, we present a solution to monitor and enforce the fulfillment of secSLAs. Our framework is able to (a) detect occurrences that lead to unfulfillment of commitments, and (b) also provide mitigation to the harmful events that may or do compromise the validity of secSLAs. {\textcopyright} 2016 Elsevier B.V.",
keywords = "Cloud computing, Cloud security, Security SLAs, SLA monitoring, SLA remediation, Distributed database systems, Public administration, Quality of service, Traffic control, Web services, Cloud securities, Cloud service providers, Critical service, Security assurance, Security breaches, Security services, Service provisioning, Air traffic control",
author = "R. Trapero and J. Modic and M. Stopar and A. Taha and Neeraj Suri",
year = "2017",
month = jul,
day = "1",
doi = "10.1016/j.future.2016.06.004",
language = "English",
volume = "72",
pages = "193--205",
journal = "Future Generation Computer Systems",
issn = "0167-739X",
publisher = "Elsevier",

}

RIS

TY - JOUR

T1 - A novel approach to manage cloud security SLA incidents

AU - Trapero, R.

AU - Modic, J.

AU - Stopar, M.

AU - Taha, A.

AU - Suri, Neeraj

PY - 2017/7/1

Y1 - 2017/7/1

N2 - Cloud computing is increasingly playing an important role in the service provisioning domain given the economic and technological benefits it offers. The popularity of cloud services is increasing but so are their customers’ concerns about security assurance and transparency of the Cloud Service Providers (CSPs). This is especially relevant in the case of critical services that are progressively moving to the cloud. Examples include the integrated European air traffic control system or public administrations through the governmental clouds. Recent efforts aim to specify security in cloud by using security service level agreements (secSLAs). However, the paucity of approaches to actually control the fulfillment of secSLAs and to react in case of security breaches, often results in distrust in cloud services. In this paper, we present a solution to monitor and enforce the fulfillment of secSLAs. Our framework is able to (a) detect occurrences that lead to unfulfillment of commitments, and (b) also provide mitigation to the harmful events that may or do compromise the validity of secSLAs. © 2016 Elsevier B.V.

AB - Cloud computing is increasingly playing an important role in the service provisioning domain given the economic and technological benefits it offers. The popularity of cloud services is increasing but so are their customers’ concerns about security assurance and transparency of the Cloud Service Providers (CSPs). This is especially relevant in the case of critical services that are progressively moving to the cloud. Examples include the integrated European air traffic control system or public administrations through the governmental clouds. Recent efforts aim to specify security in cloud by using security service level agreements (secSLAs). However, the paucity of approaches to actually control the fulfillment of secSLAs and to react in case of security breaches, often results in distrust in cloud services. In this paper, we present a solution to monitor and enforce the fulfillment of secSLAs. Our framework is able to (a) detect occurrences that lead to unfulfillment of commitments, and (b) also provide mitigation to the harmful events that may or do compromise the validity of secSLAs. © 2016 Elsevier B.V.

KW - Cloud computing

KW - Cloud security

KW - Security SLAs

KW - SLA monitoring

KW - SLA remediation

KW - Distributed database systems

KW - Public administration

KW - Quality of service

KW - Traffic control

KW - Web services

KW - Cloud securities

KW - Cloud service providers

KW - Critical service

KW - Security assurance

KW - Security breaches

KW - Security services

KW - Service provisioning

KW - Air traffic control

U2 - 10.1016/j.future.2016.06.004

DO - 10.1016/j.future.2016.06.004

M3 - Journal article

VL - 72

SP - 193

EP - 205

JO - Future Generation Computer Systems

JF - Future Generation Computer Systems

SN - 0167-739X

ER -