Cloud Computing represents both a technology for using distributed computing infrastructures in a more efficient way, and a business model for renting computing services and resources. It is an opportunity for customers to reduce costs and increase efficiency. Moreover, it gives to small and medium enterprises the possibility of using services and technologies that were prerogative of large ones, by paying only for the used resources and avoiding unnecessary investment. The possibility of dynamically acquire and use resources and services on the base of a pay-by-use model, implies an incredible flexibility in terms of management, which is otherwise often hard to address. In this paper, we propose an approach to to build up SLA-oriented Cloud applications, which enable a Cloud provider to offer service customized on the customer security needing. In particular, by using a Cloud-oriented API derived from the mOSAIC project, the developer can implement security features that can be offered by the Cloud provider within their Service Level Agreement. In particular, we focus on providing an intrusion tolerance service to grant an application service availability even when the host system is under attack.
SLA-Oriented Security Provisioning for Cloud Computing
FICCO, Massimo;
2013-01-01
Abstract
Cloud Computing represents both a technology for using distributed computing infrastructures in a more efficient way, and a business model for renting computing services and resources. It is an opportunity for customers to reduce costs and increase efficiency. Moreover, it gives to small and medium enterprises the possibility of using services and technologies that were prerogative of large ones, by paying only for the used resources and avoiding unnecessary investment. The possibility of dynamically acquire and use resources and services on the base of a pay-by-use model, implies an incredible flexibility in terms of management, which is otherwise often hard to address. In this paper, we propose an approach to to build up SLA-oriented Cloud applications, which enable a Cloud provider to offer service customized on the customer security needing. In particular, by using a Cloud-oriented API derived from the mOSAIC project, the developer can implement security features that can be offered by the Cloud provider within their Service Level Agreement. In particular, we focus on providing an intrusion tolerance service to grant an application service availability even when the host system is under attack.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.