Security service level agreement measurement in cloud: A proof of concept implementation

Abstract

Security concerns of cloud computing mainly originate from outsourced data and computation on which data owners do not have full control. Recent works in both industry and academia documented these concerns well and described both technical and non-technical measures to address these concerns. Many of the suggestions to address security concerns are in the form of physical audits by experts and certifications from standard groups for compliance. Unlike the performance measurement in cloud, security measurement is not matured and except solutions which address these concerns in part, there is no comprehensive mechanism which looks everything user wants to know about cloud. This paper introduces a notion of service level agreement from security perspective and proposes to monitor the cloud environment for run time compliance. Monitoring is done by a third party on end user's behalf by collecting credible evidence in the form of events, logs and measurement snapshots. Through this collected evidence the third party can answer to user security concerns stated in the form of SLA for compliance. We do a proof-of-concept implementation of security measurement with few sample service level agreements. © 2017 IEEE.