Home > Research > Publications & Outputs > SecLA-based negotiation and brokering of cloud ...

Research

Associated organisational units

Links

Text available via DOI:

Keywords

View graph of relations

SecLA-based negotiation and brokering of cloud resources

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNChapter

Published

Standard

SecLA-based negotiation and brokering of cloud resources. / Luna, J.; Vateva-Gurova, T.; Suri, Neeraj et al.
Cloud Computing and Services Science: Third International Conference, CLOSER 2013, Aachen, Germany, May 8-10, 2013, Revised Selected Papers. Vol. 453 Springer-Verlag, 2014. p. 1-18.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNChapter

Harvard

Luna, J, Vateva-Gurova, T, Suri, N, Rak, M & De Benedictis, A 2014, SecLA-based negotiation and brokering of cloud resources. in Cloud Computing and Services Science: Third International Conference, CLOSER 2013, Aachen, Germany, May 8-10, 2013, Revised Selected Papers. vol. 453, Springer-Verlag, pp. 1-18. https://doi.org/10.1007/978-3-319-11561-0

APA

Luna, J., Vateva-Gurova, T., Suri, N., Rak, M., & De Benedictis, A. (2014). SecLA-based negotiation and brokering of cloud resources. In Cloud Computing and Services Science: Third International Conference, CLOSER 2013, Aachen, Germany, May 8-10, 2013, Revised Selected Papers (Vol. 453, pp. 1-18). Springer-Verlag. https://doi.org/10.1007/978-3-319-11561-0

Vancouver

Luna J, Vateva-Gurova T, Suri N, Rak M, De Benedictis A. SecLA-based negotiation and brokering of cloud resources. In Cloud Computing and Services Science: Third International Conference, CLOSER 2013, Aachen, Germany, May 8-10, 2013, Revised Selected Papers. Vol. 453. Springer-Verlag. 2014. p. 1-18 doi: 10.1007/978-3-319-11561-0

Author

Luna, J. ; Vateva-Gurova, T. ; Suri, Neeraj et al. / SecLA-based negotiation and brokering of cloud resources. Cloud Computing and Services Science: Third International Conference, CLOSER 2013, Aachen, Germany, May 8-10, 2013, Revised Selected Papers. Vol. 453 Springer-Verlag, 2014. pp. 1-18

Bibtex

@inbook{4ad05f34531d4736bc174b335b4da500,
title = "SecLA-based negotiation and brokering of cloud resources",
abstract = "As the popularity of Cloud computing has grown during the last years, the choice of Cloud Service Provider (CSP) has become an important issue from user{\textquoteright}s perspective. Although the Cloud users are more and more concerned about their security in the Cloud and might have some specific security requirements, currently this choice is based on requirements related to the offered Service Level Agreements (SLA) and costs. Most of the CSPs do not provide user- understandable information regarding the security levels associated with their services, and in this way impede the users to negotiate their security requirements. In other words, the users do not have the technical means in terms of tools and semantics to choose the CSP that best suits their security demands. Industrial efforts on specification of Cloud security parameters in SLAs, also known as “Security Level Agreements” or SecLAs represent the initial steps towards solving this problem. The aim of this paper is to propose a practical approach that enables user-centric negotiation and brokering of Cloud resources. The proposed methodology relies on both the notion of SecLAs for establishing a common semantic between the CSPs and the users, and on a quantitative approach to evaluate the security levels associated with the specific SecLAs. This work is a result of the joint effort spent on the security metrologyrelated techniques being developed by the EU FP7 projects ABC4Trust/ SPECS and, the framework for SLA-based negotiation and Cloud resource brokering proposed by the EU FP7 mOSAIC project. The feasibility of the proposed negotiation approach and its applicability for Cloud Federations is demonstrated in the paper with a real-world case study considering a scenario presented in the FP7 project SPECS. The presented scenario shows the negotiation of a user{\textquoteright}s security requirements with respect to a set of CSPs SecLAs, using both the information available in the Cloud Security Alliance{\textquoteright}s “Security, Trust & Assurance Registry” (CSA STAR) and the WS-Agreement standard. {\textcopyright} Springer International Publishing Switzerland 2014.",
keywords = "Cloud security, Resource brokering, Security level agreements, Security metrics, Security negotiation, Cloud computing, Outsourcing, Cloud securities, Semantics",
author = "J. Luna and T. Vateva-Gurova and Neeraj Suri and M. Rak and {De Benedictis}, A.",
year = "2014",
doi = "10.1007/978-3-319-11561-0",
language = "English",
isbn = "9783319115603",
volume = "453",
pages = "1--18",
booktitle = "Cloud Computing and Services Science",
publisher = "Springer-Verlag",

}

RIS

TY - CHAP

T1 - SecLA-based negotiation and brokering of cloud resources

AU - Luna, J.

AU - Vateva-Gurova, T.

AU - Suri, Neeraj

AU - Rak, M.

AU - De Benedictis, A.

PY - 2014

Y1 - 2014

N2 - As the popularity of Cloud computing has grown during the last years, the choice of Cloud Service Provider (CSP) has become an important issue from user’s perspective. Although the Cloud users are more and more concerned about their security in the Cloud and might have some specific security requirements, currently this choice is based on requirements related to the offered Service Level Agreements (SLA) and costs. Most of the CSPs do not provide user- understandable information regarding the security levels associated with their services, and in this way impede the users to negotiate their security requirements. In other words, the users do not have the technical means in terms of tools and semantics to choose the CSP that best suits their security demands. Industrial efforts on specification of Cloud security parameters in SLAs, also known as “Security Level Agreements” or SecLAs represent the initial steps towards solving this problem. The aim of this paper is to propose a practical approach that enables user-centric negotiation and brokering of Cloud resources. The proposed methodology relies on both the notion of SecLAs for establishing a common semantic between the CSPs and the users, and on a quantitative approach to evaluate the security levels associated with the specific SecLAs. This work is a result of the joint effort spent on the security metrologyrelated techniques being developed by the EU FP7 projects ABC4Trust/ SPECS and, the framework for SLA-based negotiation and Cloud resource brokering proposed by the EU FP7 mOSAIC project. The feasibility of the proposed negotiation approach and its applicability for Cloud Federations is demonstrated in the paper with a real-world case study considering a scenario presented in the FP7 project SPECS. The presented scenario shows the negotiation of a user’s security requirements with respect to a set of CSPs SecLAs, using both the information available in the Cloud Security Alliance’s “Security, Trust & Assurance Registry” (CSA STAR) and the WS-Agreement standard. © Springer International Publishing Switzerland 2014.

AB - As the popularity of Cloud computing has grown during the last years, the choice of Cloud Service Provider (CSP) has become an important issue from user’s perspective. Although the Cloud users are more and more concerned about their security in the Cloud and might have some specific security requirements, currently this choice is based on requirements related to the offered Service Level Agreements (SLA) and costs. Most of the CSPs do not provide user- understandable information regarding the security levels associated with their services, and in this way impede the users to negotiate their security requirements. In other words, the users do not have the technical means in terms of tools and semantics to choose the CSP that best suits their security demands. Industrial efforts on specification of Cloud security parameters in SLAs, also known as “Security Level Agreements” or SecLAs represent the initial steps towards solving this problem. The aim of this paper is to propose a practical approach that enables user-centric negotiation and brokering of Cloud resources. The proposed methodology relies on both the notion of SecLAs for establishing a common semantic between the CSPs and the users, and on a quantitative approach to evaluate the security levels associated with the specific SecLAs. This work is a result of the joint effort spent on the security metrologyrelated techniques being developed by the EU FP7 projects ABC4Trust/ SPECS and, the framework for SLA-based negotiation and Cloud resource brokering proposed by the EU FP7 mOSAIC project. The feasibility of the proposed negotiation approach and its applicability for Cloud Federations is demonstrated in the paper with a real-world case study considering a scenario presented in the FP7 project SPECS. The presented scenario shows the negotiation of a user’s security requirements with respect to a set of CSPs SecLAs, using both the information available in the Cloud Security Alliance’s “Security, Trust & Assurance Registry” (CSA STAR) and the WS-Agreement standard. © Springer International Publishing Switzerland 2014.

KW - Cloud security

KW - Resource brokering

KW - Security level agreements

KW - Security metrics

KW - Security negotiation

KW - Cloud computing

KW - Outsourcing

KW - Cloud securities

KW - Semantics

U2 - 10.1007/978-3-319-11561-0

DO - 10.1007/978-3-319-11561-0

M3 - Chapter

SN - 9783319115603

VL - 453

SP - 1

EP - 18

BT - Cloud Computing and Services Science

PB - Springer-Verlag

ER -