Per-service security SLAs for cloud security management: model and implementation

Abstract

In the cloud computing context, Service Level Agreements (SLAs) 'tailored' to specific Cloud Service Customers (CSCs) seem to be still an utopia, and things are even worse as regards the security terms to be guaranteed. In fact, existing cloud SLAs focus only on a few service terms, and Cloud Service Providers (CSPs) mainly provide uniform guarantees for all offered services and for all customers, regardless of any particular service characteristics or of customer-specific needs. This paper presents a framework that enables the adoption of a per-service SLA model, supporting the automatic implementation of cloud security SLAs tailored to the needs of each customer for specific service instances. In particular, the process and the software architecture for per-service SLA implementation are shown. A case study application, related to the provisioning of a secure web container service, is presented and discussed, to demonstrate the feasibility and effectiveness of the proposed solution.