Secure Provisioning of Cloud Services based on SLA Management
SPECS project aims at developing and implementing an open source framework to offer Security-as-a-Service, by relying on the notion of security parameters specified in Service Level Agreements (SLA), and also providing the techniques to systematically manage their life-cycle.
Providing comprehensible and enforceable security assurance by Cloud Service Providers (CSP) is a critical factor to deploy trustworthy Cloud ecosystems.
The SPECS framework will provide techniques and tools for:
a) Enabling a user-centric negotiation of security parameters in Cloud SLA, along with a trade-off evaluation process among users and CSPs, in order to compose and use Cloud services fulfilling a minimum required security level (termed QoSec or Quality of Security in SPECS).
b) Monitoring in real-time the fulfillment of SLAs agreed with one or more CSP. SPECS’ monitoring services also enable notifying both users and CSPs, when a SLAs not being fulfilled (e.g., due to a cyber-attack).
c) Enforcing agreed Cloud SLA in order to keep a sustained QoSec that fulfills the specified security parameters. SPECS’ enforcement framework will also “react and adapt” in real-time to fluctuations in the QoSec by advising/applying the correct countermeasures (e.g., triggering a two-factor authentication mechanism).
The SPECS platform will provide services:
The project is partially funded by European Commission through the FP7-ICT programme and runs in the period 1 November 2013 – 30 April 2016.