25,298 research outputs found
On a Catalogue of Metrics for Evaluating Commercial Cloud Services
Given the continually increasing amount of commercial Cloud services in the
market, evaluation of different services plays a significant role in
cost-benefit analysis or decision making for choosing Cloud Computing. In
particular, employing suitable metrics is essential in evaluation
implementations. However, to the best of our knowledge, there is not any
systematic discussion about metrics for evaluating Cloud services. By using the
method of Systematic Literature Review (SLR), we have collected the de facto
metrics adopted in the existing Cloud services evaluation work. The collected
metrics were arranged following different Cloud service features to be
evaluated, which essentially constructed an evaluation metrics catalogue, as
shown in this paper. This metrics catalogue can be used to facilitate the
future practice and research in the area of Cloud services evaluation.
Moreover, considering metrics selection is a prerequisite of benchmark
selection in evaluation implementations, this work also supplements the
existing research in benchmarking the commercial Cloud services.Comment: 10 pages, Proceedings of the 13th ACM/IEEE International Conference
on Grid Computing (Grid 2012), pp. 164-173, Beijing, China, September 20-23,
201
Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems
Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security
assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security
mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps
framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include
the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any)
and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security
level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received
funding from the European Union’s Horizon 2020 research
and innovation programme under grant agreement No 644429
and No 780351, MUSA project and ENACT project,
respectively. We would also like to acknowledge all the
members of the MUSA Consortium and ENACT Consortium
for their valuable help
Recommended from our members
Opinion Model Based Security Reputation Enabling Cloud Broker Architecture
Determining Training Needs for Cloud Infrastructure Investigations using I-STRIDE
As more businesses and users adopt cloud computing services, security
vulnerabilities will be increasingly found and exploited. There are many
technological and political challenges where investigation of potentially
criminal incidents in the cloud are concerned. Security experts, however, must
still be able to acquire and analyze data in a methodical, rigorous and
forensically sound manner. This work applies the STRIDE asset-based risk
assessment method to cloud computing infrastructure for the purpose of
identifying and assessing an organization's ability to respond to and
investigate breaches in cloud computing environments. An extension to the
STRIDE risk assessment model is proposed to help organizations quickly respond
to incidents while ensuring acquisition and integrity of the largest amount of
digital evidence possible. Further, the proposed model allows organizations to
assess the needs and capacity of their incident responders before an incident
occurs.Comment: 13 pages, 3 figures, 3 tables, 5th International Conference on
Digital Forensics and Cyber Crime; Digital Forensics and Cyber Crime, pp.
223-236, 201
- …