Formalization of SLAs for Cloud Forensic Readiness
|Title:||Formalization of SLAs for Cloud Forensic Readiness||Authors:||De Marco, Lucia
|Permanent link:||http://hdl.handle.net/10197/6112||Date:||Oct-2014||Online since:||2014-10-25T03:00:10Z||Abstract:||Cloud Computing is one of the most pervasive ICT changes of the last few years. Usually, Clouds offer a variety of Services, which are accessible over the Internet. These Services are regulated by some contracts called Service Level Agreements between Service providers and customers. The SLAs have already been introduced in Service Oriented Architectures in situations where some computing services need to be structured and regulated. In an SLA, the constraints of use, the duties and responsibilities of the parties involved, the charges and the service levels to guarantee, etc., are clearly stated by dedicated clauses. Despite the efforts made in systems security and the standardisation of SLAs, Cloud Services continues to suffer from various cybercriminal attacks, and unfortunately this phenomenon is likely to escalate within the next few years. It becomes urgent to take some countermeasures against these illegal practices to increase both the customer trust and quality of services of such new technologies. One of the alternatives for this phenomenon is to provide an efficient cloud Forensic Readiness System (FRS) to prevent and alert the provider and/or customer of any suspect attacks or strange behaviour. Much attention has been given to FRSs and they have certainly moved from simple log files and monitoring to very sophisticated components involving both human experts and computer analysis tools. In this paper we study the effect of SLAs on FRSs. As SLAs may be different from one jurisdiction to another we believe that FRSs should also comply with jurisdiction for more efficiency and speed of isolating and resolving forensic cases. Therefore, we propose an FRS that takes into account automatically SLAs and issue warnings and alerts to its users (providers and consumers) based on the jurisdiction and the nature of security breach and attacks. These SLAs are presented to the system as a set of rules (clauses). This will also prevent illegal data transfers and communications among different jurisdictions. Part of this paper will be dedicated to the formalisation of these SLAs and study its consequences on the FRS architecture and functioning. The rest of the paper will be dedicated to the design and development of the FRS reference architecture integrating the proposed SLA formal model.||Funding Details:||Science Foundation Ireland||Type of material:||Conference Publication||Copyright (published version):||2014 the Author||Keywords:||Machine Learning & Statistics; Cloud forensic readiness system; Service Level Agreements; SLA formal specification; Cloud security; Cyber crimes||Language:||en||Status of Item:||Peer reviewed||Conference Details:||2nd International Conference on Cloud Security Management (ICCSM 2014), Reading, UK, 23-24 October, 2014||ISBN:||978-1-910309-64-3|
|Appears in Collections:||Computer Science Research Collection|
Insight Research Collection
Show full item record
Page view(s) 20114
This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.