Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - C'MON
T2 - Monitoring the compliance of cloud services to contracted properties
AU - Alboghdady, S.
AU - Winter, S.
AU - Taha, A.
AU - Zhang, H.
AU - Suri, Neeraj
PY - 2017/8/29
Y1 - 2017/8/29
N2 - The usage of computing resources "as a service" makes cloud computing an attractive solution for enterprises with fluctuating needs for information processing. As security aspects play an important role when cloud computing is applied for business-critical tasks, security service level agreements (secSLAs) have been proposed to specify the security properties of a provided cloud service. While a number of approaches for service providers exist to assess the compliance of their services to the corresponding secSLAs, there is virtually no support for customers to detect if the services they use comply to the specified security levels. To close this gap, we propose C'mon, an approach to continuously monitor the compliance of cloud services to secSLAs. Our evaluation of C'mon shows its ability to identify violations of contracted security properties in an IaaS setting with very low performance overheads. © 2017 ACM.
AB - The usage of computing resources "as a service" makes cloud computing an attractive solution for enterprises with fluctuating needs for information processing. As security aspects play an important role when cloud computing is applied for business-critical tasks, security service level agreements (secSLAs) have been proposed to specify the security properties of a provided cloud service. While a number of approaches for service providers exist to assess the compliance of their services to the corresponding secSLAs, there is virtually no support for customers to detect if the services they use comply to the specified security levels. To close this gap, we propose C'mon, an approach to continuously monitor the compliance of cloud services to secSLAs. Our evaluation of C'mon shows its ability to identify violations of contracted security properties in an IaaS setting with very low performance overheads. © 2017 ACM.
KW - Cloud computing
KW - Compliance
KW - Monitoring
KW - Security
KW - Distributed database systems
KW - Attractive solutions
KW - Computing resource
KW - Security aspects
KW - Security properties
KW - Security services
KW - Service provider
KW - Web services
U2 - 10.1145/3098954.3098967
DO - 10.1145/3098954.3098967
M3 - Conference contribution/Paper
SN - 9781450352574
SP - 6
BT - ARES '17 Proceedings of the 12th International Conference on Availability, Reliability and Security
PB - ACM
ER -