Security SLA Based Monitoring in Clouds

Kaaniche, Nesrine; Mohamed, Mohamed; Laurent, Maryline; Ludwig, Heiko

doi:10.1109/ieee.edge.2017.20

Cited by 15 publications

(8 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The challenge of including security services in SLAs has been a subject of study before the advent of cloud. With the development of clouds there has been different attempts to include security terms in cloud SLAs [4,5,13,17,20].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

SLA definition for network intrusion detection systems in IaaS clouds

Wonjiga¹,

Rilling

Morin

2021

Proceedings of the 36th Annual ACM Symposium on Applied Computing

View full text Add to dashboard Cite

Migrating to the cloud results in losing full control of the physical infrastructure as the cloud service provider (CSP) is responsible for managing the infrastructure including its security. To solve the trust issue that this raises, CSPs provide tenants with guarantees through Service Level Agreements (SLA). However no such SLA addresses the security monitoring aspect of tenants' information systems. Moreover, security monitoring services should be configured according to the tenant's specific requirements. In this paper, we propose a method allowing CSPs to define SLAs providing each tenant with guarantees about the performance of a security monitoring probe, specifically a Network Intrusion Detection System (NIDS), configured according to the tenant's requirements. This method is based on an enhanced cloud SLA language and an efficient SLA template preparation method allowing a CSP to estimate the performance of an NIDS for any possible set of tenant's requirements at reasonable costs. Experimental evaluations show the feasibility of our approach.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Kaaniche et al [13] presented security SLA monitoring mechanisms. They extend a language called rSLA and its runtime service, named Sec-rSLA, to support the description of security requirements.…”

Section: Related Workmentioning

confidence: 99%

SLA definition for network intrusion detection systems in IaaS clouds

Wonjiga¹,

Rilling

Morin

2021

Proceedings of the 36th Annual ACM Symposium on Applied Computing

View full text Add to dashboard Cite

show abstract

“…A minority of works addressed transparency, a.k.a. auditing concerns, which have been emphasized by recent regulations and laws [210,211,216,217]. For instance, in [210], Camenisch et al introduce a controlled yet privacy preserving exchange of distributed data scheme, such that each data owner is able to conduct an accurate auditing relying on a public logging system.…”

Section: Privacy-sensitive Auditing Toolsmentioning

confidence: 99%

“…Indeed, very limited works have presented interesting results to achieve a good trade-off. Indeed, recent advances in cryptographic systems have to be applied while considering both efficiency and effectiveness [233,234,235,236,237,217].…”

Section: Privacy-sensitive Data Collection and Inferencementioning

confidence: 99%

Privacy enhancing technologies for solving the privacy-personalization paradox: Taxonomy and survey

Kaaniche

Laurent

Belguith

2020

Journal of Network and Computer Applications

Self Cite

View full text Add to dashboard Cite

Personal data are often collected and processed in a decentralized fashion, within different contexts. For instance, with the emergence of distributed applications, several providers are usually correlating their records, and providing personalized services to their clients. Collected data include geographical and indoor positions of users, their movement patterns as well as sensor-acquired data that may reveal users' physical conditions, habits and interests. Consequently, this may lead to undesired consequences such as unsolicited advertisement and even to discrimination and stalking. To mitigate privacy threats, several techniques emerged, referred to as Privacy Enhancing Technologies, PETs for short. On one hand, the increasing pressure on service providers to protect users' privacy resulted in PETs being adopted. One the other hand, service providers have built their business model on personalized services, e.g. targeted ads and news. The objective of the paper is then to identify which of the PETs have the potential to satisfy both usually divergent -economical and ethical -purposes. This paper identifies a taxonomy classifying eight categories of PETs into three groups, and for better clarity, it considers three categories of personalized services. After defining and presenting the main features of PETs with illustrative examples, the paper points out which PETs best fit each personalized service category. Then, it discusses some of the inter-disciplinary privacy challenges that may slow down the adoption of these techniques, namely: technical, social, legal and economic concerns. Finally, it provides recommendations and highlights several research directions.

show abstract

“…SLA Monitoring -Service Level Agreements (SLAs) are widely used to describe the agreements between customers and service providers regarding the quality of the provided services [11]. To measure the providers compliance to the SLA, monitoring tools should be setup to collect specific metrics that can quantify the Quality of Service (QoS).…”

Section: Motivating Applications and Requirementsmentioning

confidence: 99%

Coop-DAAB: Cooperative Attribute Based Data Aggregation for Internet of Things Applications

Belguith

Kaaniche

Mohamed

et al. 2018

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

The deployment of IoT devices is gaining an expanding interest in our daily life. Indeed, IoT networks consist in interconnecting several smart and resource constrained devices to enable advanced services. Security management in IoT is a big challenge as personal data are shared by a huge number of distributed services and devices. In this paper, we propose a Cooperative Data Aggregation solution based on a novel use of Attribute Based signcryption scheme (Coop-DAAB). Coop-DAAB consists in distributing data signcryption operation between different participating entities (i.e., IoT devices). Indeed, each IoT device encrypts and signs in only one step the collected data with respect to a selected sub-predicate of a general access predicate before forwarding to an aggregating entity. This latter is able to aggregate and decrypt collected data if a sufficient number of IoT devices cooperates without learning any personal information about each participating device. Thanks to the use of an attribute based signcryption scheme, authenticity of data collected by IoT devices is proved while protecting them from any unauthorized access.

show abstract

Security SLA Based Monitoring in Clouds

Cited by 15 publications

References 18 publications

SLA definition for network intrusion detection systems in IaaS clouds

SLA definition for network intrusion detection systems in IaaS clouds

Privacy enhancing technologies for solving the privacy-personalization paradox: Taxonomy and survey

Coop-DAAB: Cooperative Attribute Based Data Aggregation for Internet of Things Applications

Contact Info

Product

Resources

About