PDF(1222 KB)
A behavior-aware SLA-based framework for guaranteeing the security conformance of cloud service
Xiaochen LIU, Chunhe XIA, Tianbo WANG, Li ZHONG, Xiaojian LI
PDF(1222 KB)
PDF(1222 KB)
A behavior-aware SLA-based framework for guaranteeing the security conformance of cloud service
As cloud computing technology turning to mature, cloud services have become a trust-based service. Users’ distrust of the security and performance of cloud services will hinder the rapid deployment and development of cloud services. So cloud service providers (CSPs) urgently need a way to prove that the infrastructure and the behavior of cloud services they provided can be trusted. The challenge here is how to construct a novel framework that can effective verify the security conformance of cloud services, which focuses on fine-grained descriptions of cloud service behavior and security service level aggreements (SLAs). In this paper, we propose a novel approach to verify cloud service security conformance, which reduces the description gap between the CSP and users through modeling cloud service behavior and security SLA, these models enable a systematic integration of security constraints and service behavior into cloud while using UPPAAL to check the performance and security conformance. The proposed approach is validated through case study and experimentswith real cloud service based on Open- Stack, which illustrates CloudSec approach effectiveness and can be applied on realistic cloud scenario.
security conformance / security SLA / cloud behavior modeling
| [1] |
Krutz R L, Vines R D, Brunette G. Cloud Security: A Comprehensive Guide to Secure Cloud Computing. Indianapolis: Wiley, 2010
|
| [2] |
Singh A, Chatterjee K. Cloud security issues and challenges: a survey. Journal of Network and Computer Applications, 2017, 79: 88–115
CrossRef
Google scholar
|
| [3] |
Lomuscio A, Penczek W, Solanki M, Szreter M. Runtime monitoring of contract regulated web services. Fundamenta Informaticae, 2011, 111(3): 339–355
CrossRef
Google scholar
|
| [4] |
Van der Aalst W, Adriansyah A, van Dongen B. Replaying history on process models for conformance checking and performance analysis. Wiley Interdisciplinary Reviews Data Mining and Knowledge Discovery, 2012, 2(2): 182–192
CrossRef
Google scholar
|
| [5] |
Van der Aalst W M P, Dumas M, Ouyang C, Rozinat A, Verbeek E. Conformance checking of service behavior. ACM Transactions on Internet Technology, 2008, 8(3): 1–30
CrossRef
Google scholar
|
| [6] |
García-Banuelos L, Van Beest N R T P, Dumas M, La Rosa M, Mertens W. Complete and interpretable conformance checking of business processes. IEEE Transactions on Software Engineering, 2015, PP(99): 1–1
|
| [7] |
Kai J, Miao H, Zhao K, Zhou J, Gao H. A platform for analyzing behaviors of service-oriented application based on the probabilistic model checking. International Journal of Software Innovation, 2015, 3(2): 24–38
CrossRef
Google scholar
|
| [8] |
Kikuchi S, Aoki T. Evaluation of operational vulnerability in cloud service management using model checking. In: Proceedings of IEEE International Symposium on Service Oriented System Engineering. 2013, 37–48
CrossRef
Google scholar
|
| [9] |
Moreno G A, Camara J, Garlan D, Schmerl B. Proactive self-adaptation under uncertainty: a probabilistic model checking approach. In: Proceedings of Joint Meeting on Foundations of Software Engineering. 2015, 1–12
CrossRef
Google scholar
|
| [10] |
Leemans S J J, Fahland D, Van der Aalst W M P. Scalable process discovery and conformance checking. Software and Systems Modeling, 2018, 17(2): 1–33
CrossRef
Google scholar
|
| [11] |
Liu D, Zic J. Cloud#: a specification language for modeling cloud. In: Proceedings of IEEE International Conference on Cloud Computing. 2011, 533–540
CrossRef
Google scholar
|
| [12] |
Uriarte R B, Tiezzi F, Nicola R D. SLAC: a formal servicelevel- agreement language for cloud computing. In: Proceedings of IEEE/ACMInternational Conference on Utility and Cloud Computing. 2014, 419–426
CrossRef
Google scholar
|
| [13] |
Bergmayr A, Wimmer M, Kappel G, Grossniklaus M. Cloud modeling languages by example. In: Proceedings of IEEE International Conference on Service-oriented Computing and Applications. 2014, 137–146
CrossRef
Google scholar
|
| [14] |
Cicotti G, Coppolino L, D’Antonio S, Romano L. Runtime model checking for SLA compliance monitoring and QoS prediction. JoWUA, 2015, 6(2): 4–20
|
| [15] |
Awad A, Decker G, Weske M. Efficient compliance checking using BPMN-Q and temporal logic. In: Proceedings of International Conference on Business Process Management. 2008, 326–341
CrossRef
Google scholar
|
| [16] |
Hendre A, Joshi K P. A semantic approach to cloud security and compliance. In: Proceedings of IEEE International Conference on Cloud Computing. 2015, 1081–1084
CrossRef
Google scholar
|
| [17] |
Khadraoui A, Feltus C. Service specification and service compliance: how to consider the responsibility dimension? Journal of Service Science Research, 2012, 4(1): 123–142
CrossRef
Google scholar
|
| [18] |
Madi T, Majumdar S, Wang Y, Pourzandi M, Debbabi M, Jarraya Y, Wang L. Auditing security compliance of the virtualized infrastructure in the cloud: application to openstack. In: Proceedings of the 6th ACM Conference on Data and Application Security and Privacy. 2016, 195–206
|
| [19] |
Darvas D, Majzik I, Vinuela E B. Conformance checking for programmable logic controller programs and specifications. In: Proceedings of the 11th IEEE Symposium on Industrial Embedded Systems. 2016, 1–8
CrossRef
Google scholar
|
| [20] |
Roehm H, Oehlerking J, Woehrle M, Althoff M. Reachset conformance testing of hybrid automata. In: Proceedings of the 19th International Conference on Hybrid Systems: Computation and Control. 2016, 277–286
CrossRef
Google scholar
|
| [21] |
Viriyasitavat W, Da Xu L, Viriyasitavat W. Compliance checking for requirement-oriented service workflow interoperations. IEEE Transactions on Industrial Informatics, 2014, 10(2): 1469–1477
CrossRef
Google scholar
|
/
| 〈 |
|
〉 |
AI Summary
