1. Platform
    • Defines the requirement for a Shared Platform for offering “Security as a Service” based on Service Level Agreements. Such platform should be able to support the different aspects of SLA life cycle (negotiation, monitoring, and enforcement) and enrich provider offerings with security-oriented service when user needs cannot be granted by provider themselves.
    • Propose the design of such platform, in terms of cloud services which consumes resources acquired by independent providers. This means that the platform is distributed, cloud-based and
    • Defines Interaction Protocols among the different Platform modules and components, in order to enable their independent design and development.
    • Implements a shared platform
    • Offers examples of integrated use of the proposed solution
  2. Negotiation
    • Elicits the technical and non-technical requirements that enable the user-centric negotiation of Cloud resources from a SLA perspective.
    • Proposes the underlying, rigorous techniques aimed to systematically negotiate Cloud SLAs. Proposed techniques will include e.g., the quantitative evaluation of SLAs (taking into account the uncertainty associated with security quantification).
    • Contributes with a reference architecture (i.e., building blocks, protocols and interfaces) to deploy the proposed Cloud SLA negotiation techniques.
    • Implements the contributed negotiation component, which will be integrated afterwards in WP1 with SPECS’ monitoring and enforcement components.
  3. Monitoring
    • Identifies the requirements for monitoring the fulfillment of service level agreements in what concerns the SPECS measures of interest
    • Evaluates the appropriateness of the state-of-the-art services for SPECS monitoring
    • Proposes innovative monitoring services
    • Provides proof-of-concept open-source monitoring services
  4. Enforcement
    • Checks the availability of security features and provide this information to the Negotiation mechanism, determining the possibility of the SLA fulfillment.
    • Checks the running software stack, services for the Monitoring mechanisms, determining, if the SLA is actually fulfilled.
    • Provide the requested security features for the deployment of application/service, negotiated during the Negotiation stage.
  5. Use cases
    • User and service provider monitoring and incident response.
    • CSP automated enforcement capabilities.
    • User-centric security negotiation in next-generation data centers
  6. Dissemination, standardization and exploitation
    • Promotes to the according target groups the progress of the SPECS projects and communicate the SLAs framework.
    • Involves relevant stakeholders during the whole phase of the project. Stakeholders impacted from SPECS project are: Cloud Service Providers, Cloud developers and Cloud End-Users.
    • Ensures that publicity about SPECS focuses on the efficiencies it brings to the cloud community and benefits that can result.
    • Analyzes current and emerging standardization initiatives and examine how the SPECS project can collaborate with them.
    • Ensures the framework’s adoption from the market as an innovative tool.
    • Sets dissemination and exploitation impact measures for progress monitoring.
  7. Management
    • Ensures the timely execution of the workplan.
    • Ensures the quality control and knowledge management.
    • Ensure the proper communication towards stakeholders.