SLA-Based Continuous Security Assurance in Multi-Cloud DevOps

Multi-cloud applications, i.e. those that are deployed over multiple independent Cloud providers, pose a number of challenges to the security-aware development and operation. Security assurance in such applications is hard due to the lack of insights of security controls ap- plied by Cloud providers and the need of controlling the security levels of all the components and layers at a time. This paper presents the MUSA approach to Service Level Agreement (SLA)-based continuous security assurance in multi-cloud applications. The paper details the proposed model for capturing the security controls in the o ered application Se- curity SLA and the approach to continuously monitor and asses the controls at operation phase. This new approach enables to easily align development security requirements with controls monitored at operation as well as early react at operation to any possible security incident or SLA violation.The MUSA project leading to this paper has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No. 644429

Intelligent Agents for Automated Cloud Computing Negotiation

Presently, cloud providers offer “off-the-shelf” Service Level Agreements (SLA), on a “take it or leave it” basis. This paper, alternatively, proposes customized SLAs. An automated negotiation is needed to establish customized SLAs between service providers and consumers with no previous knowledge of each other. Traditional negotiations between humans are often fraught with difficulty. Thus, in this work, the use of intelligent agents to represent cloud providers and consumers is advocated. Rubinstein’s Alternating Offers Protocol offers a suitable technical solution for this challenging problem. The purpose of this paper is to apply the state-of-the-art in negotiation automated algorithms/agents within a described Cloud Computing SLA framework, and to evaluate the most appropriate negotiation approach based on many criteria

Generic Methods for Adaptive Management of Service Level Agreements in Cloud Computing

The adoption of cloud computing to build and deliver application services has been nothing less than phenomenal. Service oriented systems are being built using disparate sources composed of web services, replicable datastores, messaging, monitoring and analytics functions and more. Clouds augment these systems with advanced features such as high availability, customer affinity and autoscaling on a fair pay-per-use cost model. The challenge lies in using the utility paradigm of cloud beyond its current exploit. Major trends show that multi-domain synergies are creating added-value service propositions. This raises two questions on autonomic behaviors, which are specifically ad- dressed by this thesis. The first question deals with mechanism design that brings the customer and provider(s) together in the procurement process. The purpose is that considering customer requirements for quality of service and other non functional properties, service dependencies need to be efficiently resolved and legally stipulated. The second question deals with effective management of cloud infrastructures such that commitments to customers are fulfilled and the infrastructure is optimally operated in accordance with provider policies. This thesis finds motivation in Service Level Agreements (SLAs) to answer these questions. The role of SLAs is explored as instruments to build and maintain trust in an economy where services are increasingly interdependent. The thesis takes a wholesome approach and develops generic methods to automate SLA lifecycle management, by identifying and solving relevant research problems. The methods afford adaptiveness in changing business landscape and can be localized through policy based controls. A thematic vision that emerges from this work is that business models, services and the delivery technology are in- dependent concepts that can be finely knitted together by SLAs. Experimental evaluations support the message of this thesis, that exploiting SLAs as foundations for market innovation and infrastructure governance indeed holds win-win opportunities for both cloud customers and cloud providers

Sla Management in a Collaborative Network Of Federated Clouds: The Cloudland

Cloud services have always promised to be available, flexible, and speedy. However, not a single Cloud provider can deliver such promises to their distinctly demanding customers. Cloud providers have a constrained geographical presence, and are willing to invest in infrastructure only when it is profitable to them. Cloud federation is a concept that collectively combines segregated Cloud services to create an extended pool of resources for Clouds to competently deliver their promised level of services. This dissertation is concerned with studying the governing aspects related to the federation of Clouds through collaborative networking. The main objective of this dissertation is to define a framework for a Cloud network that considers balancing the trade-offs among customers’ various quality of service (QoS) requirements, as well as providers\u27 resources utilization. We propose a network of federated Clouds, CloudLend, that creates a platform for Cloud providers to collaborate, and for customers to expand their service selections. We also define and specify a service level agreement (SLA) management model in order to govern and administer the relationships established between different Cloud services in CloudLend. We define a multi-level SLA specification model to annotate and describe QoS terms, in addition to a game theory-based automated SLA negotiation model that supports both customers and providers in negotiating SLA terms, and guiding them towards signing a contract. We also define an adaptive agent-based SLA monitoring model which identifies the root causes of SLA violations, and impartially distributes any updates and changes in established SLAs to all relevant entities. Formal verification proved that our proposed framework assures customers with maximum optimized guarantees to their QoS requirements, in addition to supporting Cloud providers to make informed resource utilization decisions. Additionally, simulation results demonstrate the effectiveness of our SLA management model. Our proposed Cloud Lend network and its SLA management model paves the way to resource sharing among different Cloud providers, which allows for the providers’ lock-in constraints to be broken, allowing effortless migration of customers’ applications across different providers whenever is needed

09131 Abstracts Collection -- Service Level Agreements in Grids

From 22.03. to 27.03.09, the Dagstuhl Seminar 09131 ``Service Level Agreements in Grids \u27\u27 was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available