SLA-based risk analysis in cloud computing environments

The cloud computing has been evolved in recent years which led many customers to utilize the cloud computing technologies. The research work in this area has spread due to many issues that have coincided with the vast growth of the cloud computing technologies. On the other hand, the cloud security concern has become one of the important issues that cloud computing introduces. One of the main components of cloud services is the service level agreement (SLA) that works as a contractual document between the cloud providers and their customers and states some metrics and parameters that must be enforced by the cloud providers or consumers. Despite various issues of the SLA in cloud computing, there is one issue that has not been discussed frequently in cloud computing security, which is the SLA in term of risk management. This research tends to perform SLA-based risk analysis in cloud computing environments. Moreover, it evaluates different SLA parameters such the risk factor, the response time factor, and the service cost factor. This paper also designates the importance of considering risk management as an SLA parameter in the negotiation stage between the provider and the consumer. However, it looks for the relation between those SLA metrics and risk factor associated with the cloud services

Integrating SLAs into IT risk management in public service organizations

Risk management is an important process for public service organizations to maintain a high quality of service. However, many organizations are not satisfied with the result from risk handling. This paper proposes changes to a risk management model by integrating service level agreements into it. This makes responsibilities more clear to all parties involved in risk management. This paper also introduces a method to represent relations between risks and services and between services and activities. This method improves forward and backward traceability. It helps to assess the result of risk management by assessing the fulfillment of services. An example is given to illustrate the use of this model and the benefits from the trace mechanism