A Methodology For Management Of Cloud Computing Using Security Criteria

Coordenação de Aperfeiçoamento de Pessoal de Nível Superior (CAPES)Desirable requirements of cloud computing are to avoid wasting underused resources and increasing response time due to shortage of resources. We notice that recent literature in the field prioritizes the administration of resource provisioning and the allocation algorithms for an energy-efficient management of cloud computing environments. Security metrics can be seen as tools for providing information about the security status of a certain environment. With that in mind, we tackle the management of cloud computing security by using GQM methodology to develop a cloud computing security metrics hierarchy. The main goal of the proposed hierarchy is to produce a security index that describes the security level accomplished by an evaluated cloud computing environment. In a second step, this security index is used to compute an allocation index that helps in setting management priorities with a security bias. We also present a methodology for cloud computing management using security as a criterion. © 2012 IEEE.4954CAPES,CGI.br,EMCCoordenação de Aperfeiçoamento de Pessoal de Nível Superior (CAPES)Mell, P., Grance, T., (2011) The Nist Definition of Cloud Computing, , http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145. pdflastaccessin28/11/2011, MayVaquero, L.M., Rodero-Merino, L., Caceres, J., Lindner, M., A break in the clouds: Towards a cloud definition (2009) ACM SIGCOMM Computer Communication Review, 39 (1), pp. 50-55. , JanuaryCSA (2009) Security Guidance for Critical Areas of Focus in Cloud Computing, Cloud Security Alliance. V2.1. Cloud Security Alliance, , http://www.cloudsecurityalliance.org/guidance/csaguide.v2.1.pdfUnderstanding cloud computing vulnerabilities (2010) IEEE Security and PrivacyYounge, A.J., Von Laszewski, G., Wang, L., Lopez-Alarcon, S., Carithers, W., Efficient resource management for cloud computing environments (2010) IEEE, , 978-1-4244-7614-5/10Landwehr, C., Computer security (2001) International Journal of Information Security, 1, pp. 3-13Iso/iec 27000-information technology-security techniques-information security management systems-requirements (2009) International Organization for Standartization, , ISO/IEC(2010) IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data, , McGraw-Hill OsborneHerrmann, D.S., (2007) Complete Guide to Security and Privacy Metrics, , iSBN: 0-8493-5402-1,. Auerbach PublicationsFoster, I., Zhao, Y., Raicu, I., Shiyong, L., Cloud computing and grid computing 360-degree compared (2008) Grid Computing Environments Workshop, pp. 1-10. , ser. GCE '08, November 2008Buyya, R., Garg, S.K., Calheiros, R.N., Sla-oriented resource provisioning for cloud computing: Challenges, architecture, and solutions (2011) Proceedings of the 2011 IEEE, International Conference on Cloud and Service Computing, , (CSC 2011, IEEE Press, USA)Lamin, F.R., Westphall, C.B., De Chaves, S.A., Sla perspective in security management for cloud computing (2010) Sixth International Conference on Networking and Services, pp. 212-217. , ser. ICNS'10. IEEE Computer Society, MarchRighi, R.R., Pellissari, F.R., Westphall, C.B., Sec-sla: Specification and validation of metrics for service level agreements oriented to security (2004) IV Workshop in Computer Security System. Porto Alegre, pp. 199-210. , RS: SBCMana, A., Pujol, G., Towards formal specification of abstract security properties (2008) The Third International Conference on Availability, Reliability and Security (ARES 08)-IEEE, pp. 80-87Krautsevich, L., Martinelli, F., Yautsiukhin, A., Formal approach to security metrics.: What does (2010) Proceedings of the Fourth European Conference on Software Architecture-ECSA '10, pp. 162-169. , Companion VolumeFoley, S.N., Bistarelli, S., O'sullivan, B., Herbert, J., Swart, G., Multilevel security and quality of protection (2006) QUALITY of PROTECTION-Security Measurements and Metrics, Ser., 23 (PART 3), pp. 93-105. , Springer USSavola, R.M., Towards a security metrics taxonomy for the information and communication technology industry (2007) International Conference on Software Engineering Advances (ICSEA)-IEEE, p. 60Towards a taxonomy for information security metrics (2007) Proceeding QoP '07 Proceedings of the 2007 ACM Workshop on Quality of Protection-ACM, pp. 28-30A security metrics taxonomization model for software-intensive systems (2009) Journal of Information Processing Systems, 5, p. 197Halonen, P., Hatonen, K., (2010) Towards Holistic Security Management Through Coherent Measuring, pp. 155-161Rebollo, O., Mellado, D., Fernndez-Medina, E., A systematic review of information security governance frameworks in the cloud computing environment (2012) Journal of Universal Computer Science, 18, pp. 798-815Zhang, Y., Huang, G., Liu, X., Mei, H., Integrating resource consumption and allocation for infrastructure resources on-demand (2010) IEEE 3rd International Conference on Cloud ComputingYazr, Y.O., Matthews, C., Farahbod, R., Neville, S., Guitouni, A., Ganti, S., Coady, Y., Dynamic resource allocation in computing clouds using distributed multiple criteria decision analysis (2010) 3rd International Conference on Cloud Computing-IEEE, pp. 91-98. , 978-0-7695-4130-3/10Walsh, W.E., Tesauro, G., Kephart, J.O., Das, R., Utility functions in autonomic systems in icac 04 proceedings of the first international conference on autonomic computing (2004) IEEE Computer Society, p. 7077Hermenier, F., Lorca, X., Menaud, J.M., Muller, G., Lawall, J., Entropy: A consolidation manager for clusters, in vee09: Proceedings of the 2009 (2009) ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, p. 4150Arshad, J., Townend, P., Xu, J., Quantification of security for compute intensive workloads in clouds (2009) 15th International Conference on Parallel and Distributed Systems-IEEEBasili, V., Caldiera, G., Rombach, H.D., (1994) The Goal Question Metric Approac