Skip to main content
SpringerLink
Log in

Frameworks to Develop SLA Based Security Metrics in Cloud Environment

  • Chapter
  • First Online:
Cloud Computing for Optimization: Foundations, Applications, and Challenges

Part of the book series: Studies in Big Data ((SBD,volume 39))

  • 1473 Accesses

Abstract

Cloud computing, the growing technology which most of the small as well as large organizations adopt to maintain IT as it is a very cost effective organization should consider the business risk associated with cloud computing all of which are still not resolved. The risk can be categorized in several issues like privacy, security, legal risks. To solve these types of severe risks, organization might make and develop SLA for the establishment of an agreement between the customer and the cloud providers. This chapter provides a survey on the various frameworks to develop SLA based security metrics. Various security attributes and possible threats are having also been discussed in this chapter.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. R. Barga et al. Cloud computing architecture and application programming: DISC’09 tutorial, half day, in ACM Sigact News 40.2 (22 Sept 2009), pp. 94–95

    Article  Google Scholar 

  2. B.R. Kandukuri, A. Rakshit, Cloud security issues, in IEEE International Conference on Services Computing, SCC’09 (IEEE, 2009)

    Google Scholar 

  3. I.S. Hayes, Metrics for IT outsourcing services level agreements (2004), www.Clarity-consulting.com/metricsarticle.Htm

  4. E. Chew et al., Performance measurement guide for information security. Special Publication (NIST SP)-800-55 Rev 1 (2008)

    Google Scholar 

  5. J. Huang, D.M. Nicol, Trust mechanisms for cloud computing. J. Cloud Comput. Adv. Syst. Appl. 2(1), 9 (2013)

    Article  Google Scholar 

  6. V. Casola et al., SLA-based secure cloud application development. Scalable Comput. Pract. Exp. 17(4), 271–284 (2016)

    Google Scholar 

  7. M. Rak et al., Security as a service using a SLA-based approach via SPECS, in 2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom) (IEEE, 2013), pp. 1–6

    Google Scholar 

  8. J. Feng, Yu. Chen, Pu. Liu, Bridging the missing link of cloud data storage security in AWS, in Consumer Communications and Networking Conference (Ksons) (2010), pp. 1–2

    Google Scholar 

  9. M. Alhamad, T. Dillon, E. Chang, Conceptual SLA framework for cloud computing, in 2010 4th IEEE International Conference on Digital Ecosystems and Technologies (DEST) (IEEE, 2010), pp. 606–610

    Google Scholar 

  10. R. Van Solingen et al., Goal Question Metric (GQM) approach, in Encyclopedia of Software Engineering, ed. by J.J. Marciniak (Wiley Interscience, New York, 2002). Online version

    Google Scholar 

  11. G.B. Tanna et al., Information assurance metric development framework for electronic bill presentment and payment systems using transaction and workflow analysis. Decis. Support Syst. 41(1), 242–261 (2005)

    Article  Google Scholar 

  12. De Chaves, S. Aparecida, C.B. Westphall, F.R. Lamin, SLA perspective in security management for cloud computing, in 2010 Sixth International Conference on Networking and Services (ICNS) (IEEE, 2010)

    Google Scholar 

  13. M.A.T. Rojas et al., Inclusion of security requirements in SLA lifecycle management for cloud computing, in IEEE 2nd Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE) (IEEE, 2015), pp. 7–12

    Google Scholar 

  14. T. Klaus, Security metrics-replacing fear, uncertainty, and doubt (2008), pp. 62–63

    Article  Google Scholar 

  15. W. Jansen, Directions Research in Security Metrics (Diane Publishing, 2010)

    Google Scholar 

  16. E. Kahraman, Evaluating IT security performance with quantifiable metrics, Master’s thesis, DSV SU/KTH (2005)

    Google Scholar 

  17. J. Wei et al., Managing security in a cloud environment, in Proceedings were Encapsulated ACM 2009 Workshop On Cloud Computing Security (K ACM, 2009), pp. 91–96

    Google Scholar 

  18. Kaiping Xue, Peilin Hong, A dynamic secure group sharing framework in public cloud computing. IEEE Trans. Cloud Comput. 2(4), 459–470 (2014)

    Article  Google Scholar 

  19. V.R. Thakare, K.J. Singh, Users’ Security Requirements Architectural Framework (USRAF) for emerging markets in cloud computing, in 2015 IEEE International Conference on Cloud Computing in Emerging Markets (CCEM) (IEEE, 2015), pp. 74–80

    Google Scholar 

  20. A. Aieh et al., Deoxyribonucleic acid (DNA) for a shared secret key cryptosystem with Diffie–Hellman key sharing technique, in 2015 Third International Conference on Computer, Communication, Control and Information Technology (C3IT) (IEEE, 2015), pp. 1–6

    Google Scholar 

  21. C. Martin, M. Refai, A policy-based metrics framework for information security performance measurement, in 2nd IEEE/IFIP International Workshop on Business-Driven IT Management, 2007. BDIM’07 (IEEE, 2007), pp. 94–101

    Google Scholar 

  22. C. Martin, M. Refai, Service-Oriented Approach to Visualize IT Security Performance Metrics Trust Management (2007), pp. 403–406

    Google Scholar 

  23. S. Chandra, R.A. Khan, Software security metric identification framework (SSM), in Proceedings of the International Conference on Advances in Computing, Communication and Control (ACM, 2009), pp. 725–731

    Google Scholar 

  24. E. Al-Shaer, L. Khan, M.S. Ahmed, A comprehensive objective network security metric framework for proactive security configuration, in Proceedings of the 4th Annual Workshop on Cyber Security and Information Intelligence Research: Developing Strategies to Meet the Cyber Security and Information Intelligence Challenges Ahead (ACM, 2008), p. 42

    Google Scholar 

  25. B. Von Solms, Information security governance: COBIT or ISO 17799 or both? Comput. Secur. 24(2), 99–104 (2005)

    Article  Google Scholar 

  26. A. Da Veiga, J.H.P. Eloff, An information security governance framework. Inf. Syst. Manag. 24(4), 361–372 (2007)

    Article  Google Scholar 

  27. H. Ludwig et al., Web service level agreement (WSLA) language specification, IBM Corporation (2003), pp. 815–824

    Google Scholar 

  28. F. Zhu, H. Li, J. Lu, A service level agreement framework of cloud computing based on the Cloud Bank model, in 2012 IEEE International Conference on Computer Science and Automation Engineering (CSAE) (IEEE, 2012), pp. 255–259

    Google Scholar 

  29. L. Zhao, S. Sherif, L. Anna, A framework for consumer-centric SLA management of cloud-hosted databases. IEEE Trans. Serv. Comput. 8(4), 534–549 (2015)

    Article  Google Scholar 

  30. M. Almorsy, J. Grundy, A.S. Ibrahim, Collaboration-based cloud computing security management framework, in 2011 IEEE International Conference on Cloud Computing (CLOUD) (IEEE, 2011) pp. 364–371

    Google Scholar 

  31. Y. Chi et al., SLA-tree: a framework for efficiently supporting SLA-based decisions in cloud computing, in Proceedings were incompletely International L4th Conference On Extending Database Technology (K ACM, 2011), pp. 129–140

    Google Scholar 

  32. A.M. Hammadi, O. Hussain, A framework for SLA assurance in cloud computing, in 2012 26th International Conference on Advanced Information Networking and Applications Workshops (WAINA) (IEEE, 2012), pp. 393–398

    Google Scholar 

  33. S.K. Garg, S. Versteeg, R. Buyya, A framework for ranking of cloud computing services. Futur. Gener. Comput. Syst. 29(4), 1012–1023 (2013)

    Article  Google Scholar 

  34. R. Trapero et al., A novel approach to manage cloud security SLA incidents. Futur. Gener. Comput. Syst. 72, 193–205 (2017)

    Article  Google Scholar 

  35. V. Casola et al., Security-by-design in clouds: a security-SLA based methodology to build secure cloud applications. Procedia Comput. Sci. 97, 53–62 (2016)

    Article  Google Scholar 

  36. C.P. Pfleeger, S.L. Pfleeger, Security in Computing. Prentice Hall Professional Technical Reference (2002)

    Google Scholar 

  37. T. Jena, Disaster recovery services in intercloud using genetic algorithm load balancer. Int. J. Electr. Comput. Eng. 6(4), 18–28 (2016)

    Google Scholar 

  38. A. Aich, A. Sen, S.R. Dash, A survey on cloud environment security risk and remedy, in 2015 International Conference on Computational Intelligence and Networks (CINE) (IEEE, 2015), pp. 192–193

    Google Scholar 

  39. M. K. Iskander et al., Enforcing policy and data consistency of cloud transactions, in 2011 31st International Conference on Distributed Computing Systems Workshops (ICDCSW) (IEEE, 2011), pp. 253–262

    Google Scholar 

  40. S.C. Payne, A guide to security metrics. SANS Institute Information Security Reading Room (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. KIIT University, Bhubaneswar, India

    Satya Ranjan Dash, Alo Sen, Pranab Kumar Bharimalla & Bhabani Shankar Prasad Mishra

Authors
  1. Satya Ranjan Dash
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alo Sen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Pranab Kumar Bharimalla
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bhabani Shankar Prasad Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Satya Ranjan Dash .

Editor information

Editors and Affiliations

  1. School of Computer Engineering, KIIT University, Bhubaneswar, Odisha, India

    Bhabani Shankar Prasad Mishra

  2. School of Computer Engineering, KIIT University, Bhubaneswar, Odisha, India

    Himansu Das

  3. Department of Information and Communication Technology , Fakir Mohan University, Balasore, Odisha, India

    Satchidananda Dehuri

  4. School of Computer Engineering, KIIT University, Bhubaneswar, Odisha, India

    Alok Kumar Jagadev

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Dash, S.R., Sen, A., Bharimalla, P.K., Mishra, B.S.P. (2018). Frameworks to Develop SLA Based Security Metrics in Cloud Environment. In: Mishra, B., Das, H., Dehuri, S., Jagadev, A. (eds) Cloud Computing for Optimization: Foundations, Applications, and Challenges. Studies in Big Data, vol 39. Springer, Cham. https://doi.org/10.1007/978-3-319-73676-1_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-73676-1_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-73675-4

  • Online ISBN: 978-3-319-73676-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation