Valentina Casola,Alessandra De Benedictis,Madalina Erascu,Jolanda Modic,Massimiliano Rak

DOI: https://doi.org/10.1109/tsc.2016.2540630

IF: 11.019

2017-09-01

IEEE Transactions on Services Computing

Abstract:Dealing with the provisioning of cloud services granted by Security SLAs is a very challenging research topic. At the state of the art, the main related issues involve: (i) representing security features so that they are understandable by both customers and providers and measurable (by means of verifiable security-related Service Level Objectives (SLOs)), (ii) automating the provisioning of security mechanisms able to grant desired security features (by means of a security-driven resource allocation process), and (iii) continuously monitoring the services in order to verify the fulfillment of specified Security SLOs (by means of cloud security monitoring solutions). We propose to face the Security SLA life cycle management with a framework able to enrich cloud applications with security features. In this paper we (i) present a novel Security SLA model and (ii) illustrate a security-driven planning process that can be adopted to determine the (optimum) deployment of security-related software components. Such process takes into account both specific implementation constraints of the security components to be deployed and customers security requirements, and enables the automatic provisioning and configuration of all needed resources. In order to demonstrate the applicability of the approach, we present and discuss a practical application of the model on a real case study.

computer science, information systems, software engineering

Serena Nicolazzo,Antonino Nocera,Witold Pedrycz

2024-01-31

Abstract:A Service Level Agreement (SLA) is a formal contract between a service provider and a consumer, representing a crucial instrument to define, manage, and maintain relationships between these two parties. The SLA's ability to define the Quality of Service (QoS) expectations, standards, and accountability helps to deliver high-quality services and increase client confidence in disparate application domains, such as Cloud computing and the Internet of Things. An open research direction in this context is related to the possible integration of new metrics to address the security and privacy aspects of services, thus providing protection of sensitive information, mitigating risks, and building trust. This survey paper identifies state of the art covering concepts, approaches, and open problems of SLA management with a distinctive and original focus on the recent development of Security SLA (SecSLA). It contributes by carrying out a comprehensive review and covering the gap between the analyses proposed in existing surveys and the most recent literature on this topic, spanning from 2017 to 2023. Moreover, it proposes a novel classification criterium to organize the analysis based on SLA life cycle phases. This original point of view can help both academics and industrial practitioners to understand and properly locate existing contributions in the advancement of the different aspects of SLA technology. The present work highlights the importance of the covered topics and the need for new research improvements to tackle present and demanding challenges.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Ming Jiang,James Byrne,Karsten Molka,Django Armstrong,Karim Djemame,Tom Kirkham

DOI: https://doi.org/10.5220/0004377302070212

2013-01-01

Abstract:Automated control of Cloud Service Level Agreements (SLA) is typically focused on Quality of Service (QoS) management and monitoring of the Cloud Infrastructure in-line with the SLA. Using risk assessments to bridge the needs of the Service Provider and Infrastructure Provider is one way in which the management of the whole Cloud SLA life-cycle can be achieved automatically. In this paper we adapt the QoS based risk approach and combine it with business orientated goal monitoring to improve the business input into the management of SLA from both a Cloud IP and SP perspective. We demonstrate this approach using probability of failure QoS risk linked to economic modelling of cost from the business goals of a SP.

Shengli Zhou,Lifa Wu,Canghong Jin

DOI: https://doi.org/10.1109/cc.2017.8068773

2017-01-01

China Communications

Abstract:A Service Level Agreement（SLA） is a legal contract between any two parties to ensure an adequate Quality of Service（Qo S）. Most research on SLAs has concentrated on protecting the user data through encryption. However, these methods can not supervise a cloud service provider（CSP） directly. In order to address this problem, we propose a privacy-based SLA violation detection model for cloud computing based on Markov decision process theory. This model can recognize and regulate CSP’s actions based on specific requirements of various users. Additionally, the model could make effective evaluation to the credibility of CSP, and can monitor events that user privacy is violated. Experiments and analysis indicate that the violation detection model can achieve good results in both the algorithm’s convergence and prediction effect.

Tom Kirkham,Karim Djemame,Mariam Kiran,Ming Jiang,Django Armstrong,George Kousiouris,George Vafiadis,Athanasia Evangelinou

2012-01-01

Abstract:Increasing emphasis in data protection legislation on the provision of user consent and privacy protection poses a challenge to automated Cloud Computing applications.. Here, the infrastructure is removed from the user and therefore no direct link for consent or user control exists. In such environments assurance and best effort from the Cloud Provider to carry out the users wishes and protect his or her privacy must be achieved. This paper introduces such an approach using legally focused risk assessment management of Service Level Agreements between Cloud Service Providers and Cloud Infrastructure Providers.

Xuan Liu,Feng Xu

DOI: https://doi.org/10.1109/DCABES.2013.32

2013-01-01

Abstract:In recent years, Cloud Computing has been rapidly developed and become more and more popular. In order to convince the users the reliability of the services, Service Level Agreement (SLA) is subscribed between the providers and users. In this paper, a cloud service monitoring system is proposed to surveillance SLA operation and the behaviors of service provider. The monitoring system achieves dynamic monitoring by using Web Services technology.

Zhi Liu,Shijie Sun,Ju Xing,Zhe Fu,Xiaohe Hu,Jianwen Pi,Xiaofeng Yang,Yunsong Lu,Jun Li

DOI: https://doi.org/10.26599/tst.2018.9010062

2018-01-01

Tsinghua Science & Technology

Abstract:With the proliferation of cloud services and development of fine-grained virtualization techniques, the Cloud Management System（CMS） is required to manage multiple resources efficiently for the large-scale, highdensity computing units. Specifically, providing guaranteed networking Service Level Agreement（SLA） has become a challenge. This paper proposes MN-SLA（Modular Networking SLA）, a framework to provide networking SLA and to enable its seamless integration with existing CMSes. Targeting at a modular, general, robust, and efficient design, MN-SLA abstracts general interacting Application Programming Interfaces（APIs） between CMS and SLA subsystem, and it is able to accomplish the integration with minor modifications to CMS. The evaluations based on large scale simulation show that the proposed networking SLA scheduling is promising in terms of resource utilization, being able to accommodate at least 1.4× the number of instances of its competitors.

Jian Wu,Zhimin Huang

DOI: https://doi.org/10.1109/APSCC.2008.216

2008-01-01

Abstract:Service Level Agreements (SLAs) is currently one of the major research topics in Grid Computing. Among many system components for the supporting of SLA-aware Grid-based workflow, the SLA mapping module receives important positions. Optimizing execution ...

Linlin Wu,Rajkumar Buyya

DOI: https://doi.org/10.4018/978-1-60960-794-4.ch001

2012-01-01

Abstract:In recent years, extensive research has been conducted in the area of Service Level Agreement (SLA) for utility computing systems. An SLA is a formal contract used to guarantee that consumers’ service quality expectation can be achieved. In utility computing systems, the level of customer satisfaction is crucial, making SLAs significantly important in these environments. Fundamental issue is the management of SLAs, including SLA autonomy management or trade off among multiple Quality of Service (QoS) parameters. Many SLA languages and frameworks have been developed as solutions; however, there is no overall classification for these extensive works. Therefore, the aim of this chapter is to present a comprehensive survey of how SLAs are created, managed and used in utility computing environment. We discuss existing use cases from Grid and Cloud computing systems to identify the level of SLA realization in state-of-art systems and emerging challenges for future research.

Chuanchang Liu,Zhongwei Li,Junliang Chen,Xiao Lin,Dontang Ma

DOI: https://doi.org/10.1109/icccn.2007.4317997

2007-01-01

Abstract:With the wide application of Web services, its performance has caused the extensive concern and becomes one of the key factors of determining whether it is widely applied further. Based on the idea of differentiating Web services, the paper presents a SLA-based Web services performance guarantee model to improve Web services runtime environment, and expatiates on the key techniques of realizing the model: the request class utility function, the predicting model of response time, the genetic algorithm-based resource allocation and the dynamic weight-based weighted round-robin scheduling algorithm. Experiments prove the model can guarantee the response performance of Web services requests and improve the stability of the system.

Frank S. de Boer,Elena Giachino,Stijn de Gouw,Reiner Hähnle,Einar Broch Johnsen,Cosimo Laneve,Ka I Pun,Gianluigi Zavattaro

DOI: https://doi.org/10.4204/EPTCS.302.1

2019-08-27

Abstract:Service Level Agreements (SLA) are commonly used to specify the quality attributes between cloud service providers and the customers. A violation of SLAs can result in high penalties. To allow the analysis of SLA compliance before the services are deployed, we describe in this paper an approach for SLA-aware deployment of services on the cloud, and illustrate its workflow by means of a case study. The approach is based on formal models combined with static analysis tools and generated runtime monitors. As such, it fits well within a methodology combining software development with information technology operations (DevOps).

Distributed, Parallel, and Cluster Computing,Software Engineering

Xiaochen Liu,Zhiqiang Zhan

DOI: https://doi.org/10.1117/12.2001754

2013-01-01

Abstract:Cloud Computing has become more and more prevalent over the past few years, and we have seen the importance of Infrastructure-as-a-service (IaaS). This kind of service enables scaling of bandwidth, memory, computing power and storage. But the SLA in IaaS also faces complexity and variety. Users also consider the business of the service. To meet the most users requirements, a methodology for designing optimal SLA in IaaS from the business perspectives is proposed. This method is different from the conventional SLA design method, It not only focuses on service provider perspective, also from the customer to carry on the design. This methodology better captures the linkage between service provider and service client by considering minimizing the business loss originated from performance degradation and IT infrastructure failures and maximizing profits for service provider and clients. An optimal design in an IaaS model is provided and an example are analyzed to show this approach obtain higher profit.

Chang Guo,Ying Li,Zhonghai Wu

DOI: https://doi.org/10.1109/ICPADS.2016.0085

2016-01-01

Abstract:One of the major advantages of the cloud storage system is that it simplifies the time-consuming processes of hardware and software provisioning, deployment and distribution for users. Currently there is a tremendous increase in the scale of data generated as well as being consumed by applications on cloud storage systems, but besides availability metrics, few of cloud storage services provide data privacy guarantees in their Service Level Agreements (SLAs), which can be a major concern for the adoption of cloud storage services. The paper firstly proposes an analysis approach for the data privacy, then introduces privacy into the service quality, and defines a service quality evaluation model including privacy, availability, throughput, transfer time and operating cost. At last, a novel data distribution strategy called SLA-DO is presented. The comparison experiment results confirmed that SLA-DO strategy shows better performance in SLAs compliance, resource utilization, security guarantees and multiple cloud environmental adaptability than the data distribution policy adopted in HDFS and OpenStack.

Malu Castellanos,Fabio Casati,Umeshwar Dayal,Ming-Chien Shan

DOI: https://doi.org/10.1007/978-3-540-39845-5_13

2003-01-01

Abstract:For every business, managing the Service Level Agreements (SLAs) stipulated with its customers is a crucial activity. Failing to meet an SLA may lead to contractual penalties and in loss of revenues generated by customers resorting to other providers to obtain the services they need. In this paper we present a framework and an infrastructure for intelligent SLA management, applicable when services are delivered as Web services. The goal of the platform is that of assisting service providers in monitoring SLA violations, in predicting SLA violations before they occur so to try corrective actions, and in analyzing SLA violations to understand their causes and therefore help identify how to improve operations to meet the SLA.

YuYang,ZhaoXin,PengXin,ZhaoWenyun

DOI: https://doi.org/10.3969/j.issn.1000-386x.2014.09.004

2014-01-01

Abstract:Compositeservicesachieveamorecomplicatedbusinessfunctionsthroughthecompositionandinvocationofexistingweb services in internet environment.Due to the distribution and loosely couple characteristics of service-oriented architecture,stable QoS plays an important role in stable business relationship between the two sides of services.Service level agreement (SLA)provides the basis for QoS management for cloud computing context.According to SLA-based QoS management issues in service combinations scene,we propose a dynamic SLA management framework,which fully takes into account the different needs the customers numbers and types dynamically changing in cloud computing environment have on front-end of QoS in service composition.We also propose and implement two management modes:the custom mode and the hierarchical mode,and focus on solving the conflict of the back-end SLA in management process.We achieve the SLA coordination at both front and back ends of the composite services through dynamic planning and selection of composite services binding structure.We realise a prototype system based on the management framework proposed in this paper,and verify the effectiveness of the proposed framework and management modes.

Krzysztof Bocianiak,Tomasz Pawlikowski,Aleksandra Podlasek,Jean-Philippe Wary,Jacek Wierzbowski

DOI: https://doi.org/10.1109/access.2024.3480688

IF: 3.9

2024-10-25

IEEE Access

Abstract:Vertical industries start taking advantage of computing continuum by hosting their applications or using additional services offered by several Cloud Service Providers. Computing continuum has many advantages for Verticals as it allows to fulfil their quality of service requirements and save costs. This could be achieved due to the distributed, heterogenous and dynamic nature of infrastructure of computing continuum and Vertical's application mobility thus its ability to migrate between different environments. However, this can progress only if in parallel to Vertical's application mobility, the security requirements are dynamically managed and met at the required level in each environment. It is particularly important due to new regulations (e.g. Cyber Resilience Act and Network and Information Security Directive - NIS2) which define new critical industries and introduce for them additional security obligations. Noncompliance with these regulations could lead to penalties. Therefore, Verticals will have to fulfil specific security requirements and be able to deliver proof of compliance. In this paper, we propose to address those needs using emerging concept of Security Service Level Agreement. Following that, we propose a novel Security Service Level Agreement Mediator for cloud applications in mobility which negotiates Security Service Level Agreement with Verticals, continuously fulfils it in computing continuum and delivers proofs of compliance. Based on that, we define main challenges for setting up the Security Service Level Agreement Mediator on the basis of considerations presented in this paper.

computer science, information systems,telecommunications,engineering, electrical & electronic

Wenan Tan,Hai Zhu,Jinjing Tan,Yao Zhao,Li Da Xu,Kai Guo

DOI: https://doi.org/10.1080/17517575.2021.1939426

2021-06-13

Enterprise Information Systems

Abstract:<span>The number of service offerings in cloud manufacturing continues to grow, so that service level agreement (SLA) within cloud manufacturing is increasingly used to ensure the coordination of the cross-organisational business processes between the cloud service providers (CSP) and cloud service consumers (CSC). The definition of SLA and monitoring SLA's performance are significant and should be highly valued to ensure the effectiveness and efficiency of business services. At present, the third-party monitoring methods based on service credit are mainly applied in cloud manufacturing environments. There is no effective supervision mechanism to monitor the third party and no efficient punishment mechanism on SLA violation. To address aforementioned issues, this paper proposes a novel Service Level Agreement model by integrating Blockchain and Smart Contract (SLABSC), in which trust issues among CSP, CSC, and the third-party monitoring can be addressed through Blockchain technologies. The method proposed in this paper realises the full functionality of SLABSC and facilitates data security, and it can be used to supervise CSP to provide better services. Experiments results show that the performance of the proposed model is valid and efficient.</span>

computer science, information systems

Lubna Luxmi Dhirani,Thomas Newe

DOI: https://doi.org/10.33166/aetic.2020.05.003

2020-12-20

Annals of Emerging Technologies in Computing

Abstract:Hybrid Cloud Service Level Agreements (SLA) comprises of the legal terms and conditions for the cloud contract. Even though all the service level objectives, metrics and service descriptions are clearly outlined in the cloud SLA contract, sometimes vendors fail to meet the promised services and confusing terms lead to tenant-vendor cloud legal battles. Hybrid Cloud involves two different cloud models (public and private) working together, applications running under the hybrid cloud are subject to different availability sets, functionality and parameters developing SLA complexity and ambiguity. The new manufacturing environment (Industry 4.0 concept) is based on a fully connected, intelligent and automated factory, which will highly be dependent on cloud computing and IoT-based solutions for data analytics, storage and computational needs. In situations where Hybrid cloud services are not defined and managed properly may result in Industrial-IoT data security issues leading to financial and data losses. This paper discusses various aspects of the cloud service level agreement in Industry 4.0 for better understanding and implementation and puts a light on the issues that arise out of imprecise statements.

Yuan Xiaoyong,Li Ying,Jia Tong,Liu Tiancheng,Wu Zhonghai

DOI: https://doi.org/10.1109/COMPSAC.2015.39

2015-01-01

Abstract:Availability is the most essential attribute of qualities of cloud services. Most popular public cloud services claim availability commitments with corresponding penalties in their SLAs. However, lack of clarity in availability commitment and penalty make it hard for consumers to understand the SLAs well and furthermore, to compare different cloud providers under different contexts, which would even become an obstacle for enterprise consumers to embrace public clouds. We present a cloud SLA availability commitment framework including availability calculation and penalty calculation services, and compare SLAs of well-known public IaaS cloud providers with investigation of their merits and defects. We also present a business model for cloud providers to find the optimal penalty degree for their SLAs, which will help in defining availability based SLA of cloud services.

Taher Labidi,Achraf Mtibaa,Walid Gaaloul,Faiez Gargouri

DOI: https://doi.org/10.1002/cpe.5315

2019-05-16

Concurrency and Computation: Practice and Experience

Abstract:<p>Service Level Agreement (SLA) has recently garnered increasing attention in cloud computing due to its capability in the definition and the monitoring of the Quality of Service (QoS). SLA is generally generated following a process of negotiation in which the client chooses a subset of clauses among choices predefined by the provider on a "take it or leave it" basis. However, the heterogeneity between client requests and provider offers may result in inappropriate SLA. In addition, the cloud service context may change over the time, which causes a client requirement adjustment, and therefore, the SLA becomes unsatisfactory. In this paper, we propose a cloud SLA negotiation and re‐negotiation approach. Our aim is to ameliorate the SLA negotiation phase by adding the ability to integrate a semantic mapping between client requests and provider offers to generate a suitable SLA document. Moreover, our approach includes a context‐aware system to adapt the SLA throughout reasoning techniques and automatically ensure the re‐negotiation. We develop a prototype, and we test its performance. The results of a case study also show the efficiency of our approach.</p>