基于sla的安全云应用程序开发:SPECS框架

2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC) Pub Date : 2015-09-21 DOI:10.1109/SYNASC.2015.59

V. Casola, Alessandra De Benedictis, M. Rak, Umberto Villano

{"title":"基于sla的安全云应用程序开发:SPECS框架","authors":"V. Casola, Alessandra De Benedictis, M. Rak, Umberto Villano","doi":"10.1109/SYNASC.2015.59","DOIUrl":null,"url":null,"abstract":"The perception of lack of control over resources deployed in the cloud may represent one of the critical factors for an organization to decide to cloudify or not their own services. Furthermore, in spite of the idea of offering security-as-a-service, the development of secure cloud applications requires security skills that can slow down the adoption of the cloud for nonexpert users. In the recent years, the concept of Security Service Level Agreements (Security SLA) is assuming a key role in the provisioning of cloud resources. This paper presents the SPECS framework, which enables the development of secure cloud applications covered by a Security SLA. The SPECS framework offers APIs to manage the whole Security SLA life cycle and provides all the functionalities needed to automatize the enforcement of proper security mechanisms and to monitor userdefined security features. The development process of SPECS applications offering security-enhanced services is illustrated, presenting as a real-world case study the provisioning of a secure web server.","PeriodicalId":6488,"journal":{"name":"2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)","volume":"23 1","pages":"337-344"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"22","resultStr":"{\"title\":\"SLA-Based Secure Cloud Application Development: The SPECS Framework\",\"authors\":\"V. Casola, Alessandra De Benedictis, M. Rak, Umberto Villano\",\"doi\":\"10.1109/SYNASC.2015.59\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The perception of lack of control over resources deployed in the cloud may represent one of the critical factors for an organization to decide to cloudify or not their own services. Furthermore, in spite of the idea of offering security-as-a-service, the development of secure cloud applications requires security skills that can slow down the adoption of the cloud for nonexpert users. In the recent years, the concept of Security Service Level Agreements (Security SLA) is assuming a key role in the provisioning of cloud resources. This paper presents the SPECS framework, which enables the development of secure cloud applications covered by a Security SLA. The SPECS framework offers APIs to manage the whole Security SLA life cycle and provides all the functionalities needed to automatize the enforcement of proper security mechanisms and to monitor userdefined security features. The development process of SPECS applications offering security-enhanced services is illustrated, presenting as a real-world case study the provisioning of a secure web server.\",\"PeriodicalId\":6488,\"journal\":{\"name\":\"2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)\",\"volume\":\"23 1\",\"pages\":\"337-344\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"22\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SYNASC.2015.59\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SYNASC.2015.59","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 22

摘要

对部署在云中的资源缺乏控制的感觉可能是组织决定是否将自己的服务云化的关键因素之一。此外，尽管有提供安全即服务的想法，但安全云应用程序的开发需要安全技能，这可能会减慢非专业用户采用云的速度。近年来，安全服务水平协议(Security Service Level Agreements，简称SLA)的概念在云资源的供应中扮演着重要的角色。本文介绍了SPECS框架，它支持开发安全SLA所涵盖的安全云应用程序。SPECS框架提供了管理整个Security SLA生命周期的api，并提供了自动化执行适当安全机制和监视用户定义的安全特性所需的所有功能。本文阐述了提供安全增强服务的SPECS应用程序的开发过程，并以提供安全web服务器的实际案例研究的形式进行了展示。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

SLA-Based Secure Cloud Application Development: The SPECS Framework

The perception of lack of control over resources deployed in the cloud may represent one of the critical factors for an organization to decide to cloudify or not their own services. Furthermore, in spite of the idea of offering security-as-a-service, the development of secure cloud applications requires security skills that can slow down the adoption of the cloud for nonexpert users. In the recent years, the concept of Security Service Level Agreements (Security SLA) is assuming a key role in the provisioning of cloud resources. This paper presents the SPECS framework, which enables the development of secure cloud applications covered by a Security SLA. The SPECS framework offers APIs to manage the whole Security SLA life cycle and provides all the functionalities needed to automatize the enforcement of proper security mechanisms and to monitor userdefined security features. The development process of SPECS applications offering security-enhanced services is illustrated, presenting as a real-world case study the provisioning of a secure web server.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)

自引率

0.00%

发文量