Title: Per-service security SLAs for cloud security management: model and implementation

Authors: Valentina Casola; Alessandra De Benedictis; Jolanda Modic; Massimiliano Rak; Umberto Villano

Addresses: Università di Napoli Federico II, DIETI, Napoli, Italy ' Università di Napoli Federico II, DIETI, Napoli, Italy ' XLAB, Ljubljana, Slovenia ' Università della Campania Luigi Vanvitelli, DII, Aversa, Italy ' Università del Sannio, DING, Benevento, Italy

Abstract: In the cloud computing context, Service Level Agreements (SLAs) 'tailored' to specific Cloud Service Customers (CSCs) seem to be still an utopia, and things are even worse as regards the security terms to be guaranteed. In fact, existing cloud SLAs focus only on a few service terms, and Cloud Service Providers (CSPs) mainly provide uniform guarantees for all offered services and for all customers, regardless of any particular service characteristics or of customer-specific needs. This paper presents a framework that enables the adoption of a per-service SLA model, supporting the automatic implementation of cloud security SLAs tailored to the needs of each customer for specific service instances. In particular, the process and the software architecture for per-service SLA implementation are shown. A case study application, related to the provisioning of a secure web container service, is presented and discussed, to demonstrate the feasibility and effectiveness of the proposed solution.

Keywords: cloud security; per-service SLA; security service level agreement.

DOI: 10.1504/IJGUC.2018.091719

International Journal of Grid and Utility Computing, 2018 Vol.9 No.2, pp.128 - 138

Received: 22 Dec 2016
Accepted: 22 Feb 2017
Published online: 14 May 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article