Providing Security SLA in Next Generation Data Centers with SPECS: The EMC Case Study

Valentina Casola, Massimiliano Rak, Silvio La Porta, Andrew Byrne

2016

Abstract

Next generation Data Centers (ngDC) are the cloud-based architectures devoted to offering infrastructure services in flexible ways: managing in an integrated way compute, network and storage services. This solution is very attractive from an organisation’s perspective but one of the main challenges to adoption is the perception of loss of security and control over resources that are dynamically acquired in the cloud and that reside on remote providers. For a full adoption, datacenter customers need more guarantees about the security levels provided, creating the need for tools to dynamically negotiate and monitor the security requirements. The SPECS project proposes a platform that offers security features with an as-a-service approach, furthermore it uses Security Service Level Agreements (Security SLA) as a means for establishing a clear statement between customers and providers to define a mutual agreement. This paper presents an industrial experience from EMC that integrates the SPECS Platform and their innovative solutions for ngDC. In particular, the paper will illustrate how it is possible to negotiate, enforce and monitor a Security SLA in a cloud infrastructure offering.

References

  1. Casola, V., Benedictis, A. D., and Rak, M. (2015). Security monitoring in the cloud: An SLA-based approach. In 10th International Conference on Availability, Reliability and Security, ARES 2015, Toulouse, France, August 24-27, 2015, pages 749-755.
  2. Casola, V., Benedictis, A. D., Rak, M., and Villano, U. (2014). Preliminary Design of a Platform-as-aService to Provide Security in Cloud. In CLOSER 2014 - Proceedings of the 4th International Conference on Cloud Computing and Services Science, Barcelona, Spain, April 3-5, 2014., pages 752-757.
  3. Catteddu, D. (2011). Security & resilience in governmental clouds. Technical report, CSA.
  4. CSA (2015). Cloud controls matrix v3.0.
  5. CSCC (2012). The cscc practical guide to cloud service level agreements. Technical report, CSCC.
  6. Davidson, E. A. (2013). The Software-Defined-Data-Center (SDDC): Concept Or Reality? [VMware].
  7. De Benedictis, A., Rak, M., Turtur, M., and Villano, U. (2015). Rest-based sla management for cloud applications. In Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), 2015 IEEE 24th International Conference on, pages 93-98.
  8. Dekker, M. (2012). Critical cloud computing a ciip perspective on cloud computing services. Technical report, ENISA.
  9. EC (2011). Unleashing the potential of cloud computing in europe. Technical report, EC.
  10. FORCE, J. T. and INITIATIVE, T. (2013). Security and privacy controls for federal information systems and organizations. NIST Special Publication, 800:53.
  11. International Organization for Standardization (2014). ISO/IEC NP 19086-1. Information TechnologyCloud computing-Service level agreement (SLA) framework and technology-Part 1: Overview and concepts.
  12. Marimuthu, K., Gopal, D. G., Kanth, K. S., Setty, S., and Tainwala, K. (2014). Scalable and secure data sharing for dynamic groups in cloud. In Advanced Communication Control and Computing Technologies (ICACCCT), 2014 International Conference on, pages 1697-1701. IEEE.
  13. Marnix Dekker, G. H. (2011). Survey and analysis of security parameters in cloud slas across the european public sector.
  14. Morin, C. (2011). Open computing infrastructures for elastic services: contrail approach. In Proceedings of the 5th international workshop on Virtualization technologies in distributed computing, pages 1-2. ACM.
  15. NIST (2013). SP 800-53 Rev 4: Recommended Security and Privacy Controls for Federal Information Systems and Organizations. Technical report, NIST.
  16. Nithiavathy, R. (2013). Data integrity and data dynamics with secure storage service in cloud. In Pattern Recognition, Informatics and Mobile Engineering (PRIME), 2013 International Conference on, pages 125-130. IEEE.
  17. Pannetrat, A., Hogben, G., Katopodis, S., Spanoudakis, G., and Cazorla, C. (2013). D2.1: Security-aware sla specification language and cloud security dependency model. technical report, certification infrastructure for multi-layer cloud services (cumulus).
  18. Pearson, S. (2011). Toward accountability in the cloud. Internet Computing, IEEE, 15(4):64-69.
  19. Rak, M., Suri, N., Luna, J., Petcu, D., Casola, V., and Villano, U. (2013). Security as a service using an slabased approach via specs. In IEEE, editor, Proceedings of IEEE CloudCom Conference 2013.
  20. Rios, E., Iturbe, E., Orue-Echevarria, L., Rak, M., and Casola, V. (2015). Towards self-protective multi-cloud applications - MUSA - a holistic framework to support the security-intelligent lifecycle management of multi-cloud applications. In CLOSER 2015 - Proceedings of the 5th International Conference on Cloud Computing and Services Science, Lisbon, Portugal, 20-22 May, 2015., pages 551-558.
  21. Talpur, S. R., Abdalla, S., and Kechadi, T. (2015). Towards middleware security framework for next generation data centers connectivity. In Science and Information Conference (SAI), 2015, pages 1277-1283. IEEE.
  22. Theilmann, W., Yahyapour, R., and Butler, J. (2008). Multilevel sla management for service-oriented infrastructures. In Proceedings of the 1st European Conference on Towards a Service-Based Internet, ServiceWave 7808, pages 324-335, Berlin, Heidelberg. SpringerVerlag.
Download


Paper Citation


in Harvard Style

Casola V., Rak M., La Porta S. and Byrne A. (2016). Providing Security SLA in Next Generation Data Centers with SPECS: The EMC Case Study . In Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 2: CLOSER, ISBN 978-989-758-182-3, pages 138-145. DOI: 10.5220/0005804301380145


in Bibtex Style

@conference{closer16,
author={Valentina Casola and Massimiliano Rak and Silvio La Porta and Andrew Byrne},
title={Providing Security SLA in Next Generation Data Centers with SPECS: The EMC Case Study},
booktitle={Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 2: CLOSER,},
year={2016},
pages={138-145},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005804301380145},
isbn={978-989-758-182-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 6th International Conference on Cloud Computing and Services Science - Volume 2: CLOSER,
TI - Providing Security SLA in Next Generation Data Centers with SPECS: The EMC Case Study
SN - 978-989-758-182-3
AU - Casola V.
AU - Rak M.
AU - La Porta S.
AU - Byrne A.
PY - 2016
SP - 138
EP - 145
DO - 10.5220/0005804301380145