Article: Expressing cloud security requirements for SLAs in deontic contract languages for cloud brokers Journal: International Journal of Cloud Computing (IJCC) 2014 Vol.3 No.1 pp.69 - 93 Abstract: The uptake of cloud computing is hindered by the fact that current cloud SLAs are not written in machine-readable language, and also fail to cover security requirements. This article considers a cloud brokering model that helps negotiate and establish SLAs between customers and providers. This broker handles security requirements on two different levels: between the customer and the broker, where the requirements are stated in natural language; and between the broker and different cloud providers, where requirements are stated in deontic contract languages. There are several such languages available today with different properties and abstraction levels, from generic container languages to more domain-specific languages for specifying the various details in a contract. In this article, we investigate the suitability of ten deontic contract languages for expressing security requirements in SLAs, and exemplify their use in the cloud brokering model through a practical use case for a video streaming service. Inderscience Publishers - linking academia, business and industry through research

Title: Expressing cloud security requirements for SLAs in deontic contract languages for cloud brokers

Authors: Per Håkon Meland; Karin Bernsmed; Martin Gilje Jaatun; Humberto Nicolás Castejón; Astrid Undheim

Addresses: Department of Software Engineering, Safety and Security, SINTEF ICT, Strindveien 4, N-7465 Trondheim, Norway ' Department of Software Engineering, Safety and Security, SINTEF ICT, Strindveien 4, N-7465 Trondheim, Norway ' Department of Software Engineering, Safety and Security, SINTEF ICT, Strindveien 4, N-7465 Trondheim, Norway ' Telenor Research and Future Studies, Otto Nielsens veg 12, N-7052 Trondheim, Norway ' Telenor Research and Future Studies, Otto Nielsens veg 12, N-7052 Trondheim, Norway

Abstract: The uptake of cloud computing is hindered by the fact that current cloud SLAs are not written in machine-readable language, and also fail to cover security requirements. This article considers a cloud brokering model that helps negotiate and establish SLAs between customers and providers. This broker handles security requirements on two different levels: between the customer and the broker, where the requirements are stated in natural language; and between the broker and different cloud providers, where requirements are stated in deontic contract languages. There are several such languages available today with different properties and abstraction levels, from generic container languages to more domain-specific languages for specifying the various details in a contract. In this article, we investigate the suitability of ten deontic contract languages for expressing security requirements in SLAs, and exemplify their use in the cloud brokering model through a practical use case for a video streaming service.

Keywords: cloud computing; contracts; service level agreements; SLAs; cloud brokering; cloud security requirements; deontic contract languages; cloud brokers; natural language; video streaming services.

DOI: 10.1504/IJCC.2014.058831

International Journal of Cloud Computing, 2014 Vol.3 No.1, pp.69 - 93

Published online: 02 Jul 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Expressing cloud security requirements for SLAs in deontic contract languages for cloud brokers

Keep up-to-date