TY - GEN

T1 - Negotiating and brokering Cloud resources based on Security Level Agreements

AU - Luna, J.

AU - Vateva-Gurova, T.

AU - Suri, Neeraj

AU - Rak, M.

AU - Liccardo, L.

PY - 2013

Y1 - 2013

N2 - Cloud users often motivate their choice of Cloud Service Provider (CSP) based on requirements related with the offered Service Level Agreements (SLA) and costs. Unfortunately, while security has started to play an important role in the decision of using the Cloud, it is quite uncommon for CSPs to specify the security levels associated with their services. This often results in users without the means (i.e., tools and semantics) to negotiate their security requirements with CSPs, in order to choose the one that best suits their needs. However, the recent industrial efforts on specification of Cloud security parameters in SLAs, also known as "Security Level Agreements" or SecLAs is a positive development. In this paper we propose a practical approach to enable the user-centric negotiation and brokering of Cloud resources, based on both the common semantic established by the use of SecLAs and, its quantitative evaluation. The contributed techniques and architecture are the result of jointly applying the security metrology-related techniques being developed by the EU FP7 project ABC4Trust and, the framework for SLA-based negotiation and Cloud resource brokering proposed by the EU FP7 mOSAIC project. The proposed negotiation approach is both feasible and well-suited for Cloud Federations, as demonstrated in this paper with a real-world case study. The presented scenario shows the negotiation of a user's security requirements with respect to a set of CSPs SecLAs, using both the information available in the Cloud Security Alliance's "Security, Trust & Assurance Registry" (CSA STAR) and the WS-Agreement standard.

AB - Cloud users often motivate their choice of Cloud Service Provider (CSP) based on requirements related with the offered Service Level Agreements (SLA) and costs. Unfortunately, while security has started to play an important role in the decision of using the Cloud, it is quite uncommon for CSPs to specify the security levels associated with their services. This often results in users without the means (i.e., tools and semantics) to negotiate their security requirements with CSPs, in order to choose the one that best suits their needs. However, the recent industrial efforts on specification of Cloud security parameters in SLAs, also known as "Security Level Agreements" or SecLAs is a positive development. In this paper we propose a practical approach to enable the user-centric negotiation and brokering of Cloud resources, based on both the common semantic established by the use of SecLAs and, its quantitative evaluation. The contributed techniques and architecture are the result of jointly applying the security metrology-related techniques being developed by the EU FP7 project ABC4Trust and, the framework for SLA-based negotiation and Cloud resource brokering proposed by the EU FP7 mOSAIC project. The proposed negotiation approach is both feasible and well-suited for Cloud Federations, as demonstrated in this paper with a real-world case study. The presented scenario shows the negotiation of a user's security requirements with respect to a set of CSPs SecLAs, using both the information available in the Cloud Security Alliance's "Security, Trust & Assurance Registry" (CSA STAR) and the WS-Agreement standard.

KW - Cloud security

KW - Resource brokering

KW - Security Level Agreements

KW - Security metrics

KW - Security negotiation

KW - Cloud securities

KW - Security level agreements

KW - Cloud computing

KW - Semantics

U2 - 10.5220/0004500505330541

DO - 10.5220/0004500505330541

M3 - Conference contribution/Paper

SN - 9789898565525

SP - 533

EP - 541

BT - Proceedings of the 3rd International Conference on Cloud Computing and Services Science - Volume 1

PB - SciTePress

ER -