Automatically Enforcing Security SLAs in the Cloud

Casola, Valentina; Benedictis, Alessandra De; Eraşcu, Mădălina; Modic, Jolanda; Rak, Massimiliano

doi:10.1109/tsc.2016.2540630

Cited by 38 publications

(17 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• resilience to attacks and failures, by introducing redundancy and diversity techniques, and • protection from unauthorized and potentially dangerous accesses, by integrating proper intrusion detection tools. We extended its formulation from [5] by including hardware requirements for its components and by formulating the mapping task (assignment of components to VMs) as a constrained optimization problem aiming to minimize the overall cost.…”

Section: Motivating Case Studiesmentioning

confidence: 99%

Influence of Variables Encoding and Symmetry Breaking on the Performance of Optimization Modulo Theories Tools Applied to Cloud Resource Selection

Eraşcu¹,

Micota²,

Zaharie³

Kalpa Publications in Computing

Self Cite

View full text Add to dashboard Cite

The problem of Cloud resource provisioning for component-based applications is very important. It consists in the allocation of virtual machines (VMs) from various Cloud Providers (CPs), to a set of applications such that the constraints induced by the inter- actions between components and by the components hardware/software requirements are satisfied and the performance objectives are optimized (e.g. costs are minimized). It can be formulated as a constrained optimization problem and tackled by state-of-the-art optimization modulo theories (OMT) tools. The performance of the OMT tools is highly dependent on the way the problem is formalized as this determines the size of the search space. In the case when the number of VMs offers is large, a naive encoding which does not exploit the symmetries of the underlying problem leads to a huge search space making the optimization problem intractable. We overcame this issue by reducing the search space by using: (1) a heuristic which exploits the particularities of the application by detect- ing cliques in the conflict graph of the application components fixing all components of the clique with the largest number of component instances, and (2) a lex-leader method for breaking variable symmetry where the canonical solution fulfills an order based on either the number of components deployed on VMs, or on the VMs price. As the result, the running time of the optimization problem improves considerably and the optimization problem scales up to hundreds of VM offers. We also observed that by combining the heuristic with the lex-leader method we obtained better computational results than by using them separately, suggesting the fact that symmetry breaking constraints have the advantage of interacting well with the search heuristic being used.

show abstract

Section: Motivating Case Studiesmentioning

confidence: 99%

Influence of Variables Encoding and Symmetry Breaking on the Performance of Optimization Modulo Theories Tools Applied to Cloud Resource Selection

Eraşcu¹,

Micota²,

Zaharie³

Kalpa Publications in Computing

Self Cite

View full text Add to dashboard Cite

show abstract

“…In the context of the SPECS project, authors in Casola et al have extended WS‐Agreement to propose a model of Security SLA, allowing for the representation of security‐related concepts in a machine‐readable format. The Security SLA model includes 2 parts.…”

Section: Security Issues In Saas Managementmentioning

confidence: 99%

Security‐aware SaaS placement using swarm intelligence

Mezni

Sellami

Kouki³

2018

J Software Evolu Process

View full text Add to dashboard Cite

Cloud computing has emerged as a new powerful service delivery model to cope with resource challenges and to offer various on-demand services (eg, software, storage, network, etc.). Software as a Service (SaaS) is one of the most popular service models. To meet the increasing demands of users, SaaS can be offered in a composite form. Although this approach offers some advantages like flexibility and reusability, it raises a question about how to manage composite SaaS in the distributed and the highly dynamic cloud environment. In this paper, we address one of the major SaaS resource management issues referred to as SaaS placement problem. As existing efforts only focus on SaaS placement problem from the perspective of resources utilization to optimize SaaS performance and minimize resource usage, in this paper, we also incorporate security concerns in SaaS placement strategy. In fact, security risk is one of the major factors influencing the efficiency of the composite SaaS. We adopt a multi-swarm variant of particle swarm optimization to propose a security-aware SaaS placement method. Also, a cooperative learning strategy is hybridized to the placement algorithm, which makes information of best candidate servers be used more effectively to generate better placement plan. Experiments show that our solution outperforms existing SaaS placement approaches.

show abstract

“…Thus, Halkidis et al [69] have presented security enforcement at the design phase to prevent the systems from known categorised attacks that may generate the security faults. Casola et al [121] have presented a security SLA model by security SLA lifecycle management with a framework.…”

Section: Security and Privacymentioning

confidence: 99%

Fault analysis of service‐oriented systems: a systematic literature review

Bhandari

Gupta

2018

IET softw.

View full text Add to dashboard Cite

Due to the increasing scale and complexity of service-oriented systems (SOSs) understanding fault and its recovery mechanism is a tedious task so there is a strong demand for a summary of the SOSs fault analysis knowledge that can assist further developers and researchers to plan appropriate action and guidelines for SOSs development. The objective of this systematic literature review (SLR) is to summarise the current state-of-the-art of fault analysis in SOSs. The authors have used the predefined SLR method employing a manual search of 11 highly reputed international journals and three conference proceedings. The categorisation and organisation were done according to the research questions regarding approaches, fault types, current issues and challenges and tools of fault analysis on SOSs. After applying selection criteria, this SLR includes 123 papers published between January 2008 and April 2017, 65 papers address SOSs-fault handling approaches, 35 papers report SOS-specific faults and 51 papers address SOS issues, challenges, and testing and 17 papers are of tooling. They have discussed the main approaches, techniques, concepts, contributions and research methods used for fault analysis of SOSs. Through the paper, a comprehensive review work has been presented that provides empirical evidence for establishing future research agendas.

show abstract

Automatically Enforcing Security SLAs in the Cloud

Cited by 38 publications

References 13 publications

Influence of Variables Encoding and Symmetry Breaking on the Performance of Optimization Modulo Theories Tools Applied to Cloud Resource Selection

Influence of Variables Encoding and Symmetry Breaking on the Performance of Optimization Modulo Theories Tools Applied to Cloud Resource Selection

Security‐aware SaaS placement using swarm intelligence

Fault analysis of service‐oriented systems: a systematic literature review

Contact Info

Product

Resources

About