Towards Automated and Optimized Security Orchestration in Cloud SLA

In cloud computing, providers pool their resources and make them available to customers. Next-generation computer scientists are flocking to the cutting-edge field of cloud computing for their research and exploration of uncharted territory. There are still several barriers that cloud service providers must overcome in order to provide cloud services in accordance with service level agreements. Each cloud service provider aspires to achieve maximum performance as per Service Level Agreements (SLAs), and this is especially true when it comes to the delivery of services. A cloud service level agreement (SLA) guarantees that cloud service providers will satisfy the needs of large businesses and offer their clients with a specified list of services. The authors offer a web service level agreement–inspired approach for cloud service agreements. We adopt patterns and antipatterns to symbolize the best and worst practices of OCCI (Open Cloud Computing Interface Standard), REST (Representational State Transfer), and TOSCA (Topology and Orchestration Specification for Cloud Applications) with DevOps solutions, all of which API developers should bear in mind when designing APIs. When using this method, everything pertaining to the cloud service, from creation to deployment to measurement to evaluation to management to termination, may be handled mechanically. When distributing resources to cloud apps, our system takes into account the likelihood of SLA breaches and responds by providing more resources if necessary. We say that for optimal performance, our suggested solution should be used in a private cloud computing setting. As more and more people rely on cloud computing for their day-to-day workloads, there has been a corresponding rise in the need for efficient orchestration and management strategies that foster interoperability

1. Strengthening International Regulation Through Transnational New Governance: Overcoming the Orchestration Deficit. 2. International Regulation without International Government: Improving IO Performance through Orchestration

1. A new kind of international regulatory system is spontaneously arising out of the failure of international 'Old Governance' (i.e., treaties and intergovernmental organizations) to adequately regulate international business. Nongovernmental organizations, business firms, and other actors, singly and in novel combinations, are creating innovative institutions to apply transnational norms to business. These institutions are predominantly private and operate through voluntary standards. The Authors depict the diversity of these new regulatory institutions on the 'Governance Triangle,' according to the roles of different actors in their operations. To analyze this complex system, we adapt the domestic 'New Governance' model of regulation to the international setting. 'Transnational New Governance' potentially provides many benefits of New Governance and is particularly suitable for international regulation because it demands less of states and intergovernmental organizations (IGOs). However, Transnational New Governance does require states and IGOs to act as orchestrators of the international regulatory system, and that system currently suffers from a significant orchestration deficit. If states and IGOs expanded 'directive' and especially 'facilitative' orchestration of the Transnational New Governance system, they could strengthen high-quality private regulatory standards, improve the international regulatory system, and better achieve their own regulatory goals. 2. International organizations (IOs) have been widely criticized as ineffective. Yet scholars and practitioners assessing IO performance frequently focus on traditional modes of governance such as treaties and inter-state dispute-resolution mechanisms. When they observe poor performance, moreover, they often prescribe a strengthening of those same activities. We call this reliance on traditional state-based mechanisms 'International Old Governance' (IOG). A better way to understand and improve IO performance is to consider the full range of ways in which IOs can and do operate - including, increasingly, by reaching out to private actors and institutions, collaborating with them, and supporting and shaping their activities. Such actions are helping to develop an intricate global network of public, private and mixed institutions and norms, partially orchestrated by IOs, that we call 'Transnational New Governance' (TNG). With proper orchestration by IOs, TNG can ameliorate both 'state failure' - the inadequacies of IOG - and 'market failure' - the problems that result when the creation and evolution of norm-setting institutions is highly decentralized. Orchestration thus provides a significant way for IOs to improve their regulatory performance. Some IOs already engage actively with private actors and institutions - we provide a range of illustrations, highlighting the activities of the UN Environment Programme (UNEP). Yet there remains a significant 'orchestration deficit' that provides real opportunities for IOs. We draw on the lessons of existing IO activities to suggest additional possibilities for improving IO performance. -- 1. Ein internationales regulatorisches System neuer Art entsteht derzeit spontan aus dem Versagen der internationalen 'Old Governance' - also der bestehenden internationalen Verträge und Organisationen - dabei, den internationalen Handel angemessen zu regulieren. Nichtregierungsorganisationen, Unternehmen und andere Akteure - allein und in ganz neuen Kombinationen - schaffen sich neue internationale Einrichtungen, um transnationale Normen auf internationale Geschäftstätigkeit anzuwenden. Es geht dabei vornehmlich um private Einrichtungen, die vor allem über freiwillige Standardbefolgung wirken. In diesem Beitrag werden die unterschiedlichen Regulierungseinrichtungen als Teil eines 'Governance Dreiecks' beschreiben und das geschieht vor allem in Blick darauf, welche Rollen die unterschiedlichen Akteure in ihrer Tätigkeit spielen. Um dieses komplexe System zu untersuchen passen wir das innenpolitische Regulierungsmodell der 'New Governance' an den internationalen Rahmen an. Die 'Transnational New Governance' enthält viele Vorteile der 'New Governance' und sie ist für die internationale Regulierung besonders angemessen, weil sie geringere Anforderungen an die Staatenwelt und an die intergouvernementalen Organisationen, die IGOs, stellen. Allerdings ist es für eine wirksame 'Transnational New Governance' weiterhin erforderlich, dass die Staaten und die IGOs das internationale regulatorische System 'orchestrieren'. Das heutige internationale regulatorische System leidet allerdings unter einem Orchestrierungsdefizit. Würden die Staaten und die IGOs die 'anweisende' und 'ermöglichende' Orchestrierungsfunktion des 'Transnational New Governance System' ausbauen, dann stärkten sie die privaten regulatorischen Standards von hoher Qualität, verbesserten das internationale regulatorische System und könnten ihre eigenen regulatorischen Ziele besser verwirklichen. 2. Internationale Organisationen (IOs) werden vielfach ob Ihrer Ineffizienz kritisiert. Allerdings konzentrieren sich Wissenschaftler und Praktiker bei dieser Bewertung der Leistungsfähigkeit von IOs häufig auf Maßstäbe, die den herkömmlichen Formen von Governance - wie internationalen Verträgen und den Mechanismen für die Schlichtung zwischenstaatlicher Konflikte - entlehnt sind. Soweit eine ungenügende Leistung festgestellt wird, empfehlen sie zudem meist, Tätigkeiten der traditionellen Art zu verstärken. Wir bezeichnen dies als ein Sich-Verlassen auf die herkömmlichen staats-basierten Mechanismen, als 'International Old Governance' (IOG). Man versteht die IOs besser und verbessert ihre Leistungsfähigkeit aber der Situation weitaus angemessener, wenn man die gesamte Vielfalt wirklicher und möglicher IO-Tätigkeiten in den Blick nimmt: Das umfasst vor allem, dass die IOs private Akteure und Organisationen einbeziehen, mit ihnen zusammenarbeiten, ihre Aktivitäten stützen, sie formen und ihnen Richtung geben. Diese Tätigkeiten schaffen ein fein gesponnenes globales Netzwerk von öffentlichen, privaten und gemischten Organisationen und Normen, das seinerseits teilweise durch die IOs orchestriert wird. Dieses Netzwerk bezeichnen wir als 'Transnational New Governance' (TNG). Wenn die Orchestrierung durch IOs gut funktioniert kann sie auch Staatsversagen (state failure) abmildern - also hier die Inadäquanzen von 'International Organization Governance' - und ebenso kann sie Marktversagen ausgleichen, also die Probleme, die sich ergeben wenn Herausbildung und Schaffung normgebender Einrichtungen höchst dezentralisiert verläuft. Über die Orchestrierung können die IOs auch die Leistungsfähigkeit ihrer Regulierungen erhöhen. Einige IOs sind schon jetzt stark zusammen mit privaten Akteuren und Einrichtungen unterwegs; in diesem Beitrag mustern wir das Spektrum solcher Aktivitäten. Wir betonen dabei die Unternehmungen des UN Environment Programme (UNEP), des Umweltprogramms der VN. Allerdings verbleibt ein erhebliches 'Orchestrierungsdefizit', das für die IOs zugleich Herausforderung und Chance ist. Wir stützten uns auf den Erfahrungsschatz der vorgefundenen IO-Aktivitäten, um den Möglichkeitsraum der IOs für die Zukunft auszumessen und Maßnahmen zur Verbesserung der Leistungsfähigkeit von IOs anzuregen.

From Ad-Hoc Data Analytics to DataOps

The collection of high-quality data provides a key competitive advantage to companies in their decision-making process. It helps to understand customer behavior and enables the usage and deployment of new technologies based on machine learning. However, the process from collecting the data, to clean and process it to be used by data scientists and applications is often manual, non-optimized and error-prone. This increases the time that the data takes to deliver value for the business. To reduce this time companies are looking into automation and validation of the data processes. Data processes are the operational side of data analytic workflow.DataOps, a recently coined term by data scientists, data analysts and data engineers refer to a general process aimed to shorten the end-to-end data analytic life-cycle time by introducing automation in the data collection, validation, and verification process. Despite its increasing popularity among practitioners, research on this topic has been limited and does not provide a clear definition for the term or how a data analytic process evolves from ad-hoc data collection to fully automated data analytics as envisioned by DataOps.This research provides three main contributions. First, utilizing multi-vocal literature we provide a definition and a scope for the general process referred to as DataOps. Second, based on a case study with a large mobile telecommunication organization, we analyze how multiple data analytic teams evolve their infrastructure and processes towards DataOps. Also, we provide a stairway showing the different stages of the evolution process. With this evolution model, companies can identify the stage which they belong to and also, can try to move to the next stage by overcoming the challenges they encounter in the current stage

Towards a reflexive turn in the governance of global environmental expertise the cases of the IPCC and the IPBES

The role and design of global expert organizations such as the Intergovernmental Panel on Climate Change (IPCC) or the Intergovernmental Platform on Biodiversity and Ecosystem Services (IPBES) needs rethinking. Acknowledging that a one-size-fits-all model does not exist, we suggest a reflexive turn that implies treating the governance of expertise as a matter of political contestation

A novel approach for security function graph configuration and deployment

Network virtualization increased the versatility in enforcing security protection, by easing the development of new security function implementations. However, the drawback of this opportunity is that a security provider, in charge of configuring and deploying a security function graph, has to choose the best virtual security functions among a pool so large that makes manual decisions unfeasible. In light of this problem, the paper proposes a novel approach for synthesizing virtual security services by introducing the functionality abstraction. This new level of abstraction allows to work in the virtual level without considering the different function implementations, with the objective to postpone the function selection jointly with the deployment, after the configuration of the virtual graph. This novelty enables to optimize the function selection when the pool of available functions is very large. A framework supporting this approach has been implemented and it showed adequate scalability for the requirements of modern virtual networks

Machine Learning to Improve Security Operations Centers

Since the onset of the internet, the world has embraced this new technology and used it to collectively advance Humanity. Companies have followed the trend from the physical to the digital world, taking with them all their associated value. In order to safeguard this value, security needed to evolve, with enterprises employing departments of highly trained professionals. Nevertheless, the ever increasing amount of information in need of evaluation by these professionals requires the deployment of automation techniques, aiding in data analysis and bulk task processing, to reduce detection time and as such improve mitigation. This work proposes a novel tool designed to help in attack detection and alert aggregation, by leveraging machine learning techniques. The proposed solution is described in full and showcased using real data from an example implementation.Desde o aparecimento da internet, esta nova tecnologia tem sido usada para avançar a Humanidade. O mercado seguiu as tendências, passando do mundo físico para o digital e levando consigo todo o seu valor associado. De forma a salvaguardar este valor, a segurança precisou de se adaptar, com empresas a dedicarem departamentos inteiros com esse objetivo. No entanto, a quantidade cada vez mais elevada de informação a analisar exige o desenvolvimento de técnicas automáticas de processamento de dados e execução de tarefas em massa, para diminuir o tempo de deteção de ataques permitindo uma mitigação mais ágil dos mesmos. Este trabalho propõe uma ferramenta projetada para ajudar na deteção de ataques e agregação de alertas, usando técnicas de inteligência artificial. A solução proposta é descrita na íntegra e apresentada usando dados reais aplicados a uma implementação de exemplo

Musical expression and embodiment: Fear, threat, and danger in the music of The Lord of the Rings

The Arts: 3rd Place (The Ohio State University Edward F. Hayes Graduate Research Forum)Research in psychology and music cognition suggests several ways in which music might portray fear. First, I review the empirical literature on the acoustical features of fear-related sound, which is focused primarily on embodied expressions of fear. Next, I catalogue the ways in which these finding might predict the use of specific musical techniques. I analyze music from scenes from the film The Fellowship of the Ring that involve the Black Riders, which act as symbols of fear, and find that in writing the music for these scenes, composer Howard Shore did use the techniques as predicted by my interpretation of the empirical literature. I also compare the use of these techniques in scary v. non-scary scenes and find that they are used relatively often in scary scenes but rarely in non-scary scenes.No embarg

Study and analysis of woman.life.song by Judith Weir

The song cycle, woman.life.song, by Judith Weir, is a unique composition because it was a collaborative effort written by women about women’s lives. With financial backing from Henry Kravis, Jessye Norman commissioned the composition in 1997 for a Carnegie Hall performance in 2000. She enlisted authors Maya Angelou, Toni Morrison and Clarissa Pinkola Estés to write new poems based on stages of a woman’s life: childhood, love, puberty, loss, maturity. Acclaimed Scottish female composer Judith Weir set these texts to music. The songs of the cycle are, in order, “On Youth” (Angelou), “Breasts!! Song of the Innocent Wild Child” (Estés), “The Edge” (Morrison), “Eve Remembering” (Morrison), “Mothership: When A Good Mother Sails from This World: Stave I and Stave II” (Estés), and “On Maturity” (Angelou). Despite the fame of the collaborators, this work has only had six public performances since its debut in March of 2000. There are also no public recordings of the work, although there are at least two recordings owned by the publisher that are available by special permission. The purpose of this dissertation is to bring more public awareness of this song cycle and to encourage more performances. The dissertation includes information about the origin and performance history of the song cycle, a musical analysis of the work with a focus on the distinct compositional technique related to, and organized according to, the texts by the three authors, and a study of the compositional elements Weir uses to unify the cycle as a whole. An assessment of the cycle’s success as a composition is included in the conclusion along with an enumeration of possible reasons why the work has not been performed more often. The appendix includes a transcript of an email interview with Weir

Autonomous Incident Response

Trabalho de Projeto de Mestrado, Segurança Informática, 2022, Universidade de Lisboa, Faculdade de CiênciasInformation security is a must-have for any organization willing to stay relevant and grow, it plays an important role as a business enabler, be it from a regulatory perspective or a reputation perspective. Having people, process, and technology to solve the ever growing number of security incidents as fast as possible and with the least amount of impact is a challenge for small and big companies. To address this challenge, companies started investing in Security Orchestration, Automation, and Response (SOAR) [39, 68, 70]. Security orchestration is the planning, integration, cooperation, and coordination of the activities of security tools and experts to produce and automate required actions in response to any security incident across multiple technology paradigms [40]. In other words, the use of SOAR is a way to translate the manual procedures followed by the security analysts into automated actions, making the process faster and scalable while saving on human resources budget. This project proposes a low-cost cloud native SOAR platform that is based on serverless computing, presenting the underlying details of its design. The performance of the proposed solution was evaluated through 364 real-world incidents related to 11 use cases in a large multinational enterprise. The results show that the solution is able to decrease the duration of the tasks by an average of 98.81% while having an operating expense of less than $65/month. Prior to the SOAR, it took the analyst 75.84 hours to perform manual tasks related to the 11 use cases. Additionally, an estimated 450 hours of the analyst’s time would be used to run the Update threat intelligence database use case. After the SOAR, the same tasks were automatically ran in 31.2 minutes and the Update threat intelligence database use case ran 9.000 times in 5.3 hours