Security SLA in Next Generation Data Centers, the SPECS Approach

  • Massimiliano Rak
  • Valentina CasolaEmail author
  • Silvio La Porta
  • Andrew Byrne
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 740)


Next generation Data Centers (ngDC) provide a significant evolution how storage resources can be provisioned. They are cloud-based architectures offering flexible IT infrastructure and services through the virtualization of resources: managing in an integrated way compute, network and storage resources. Despite the multitude of benefits available when leveraging a Cloud infrastructure, wide scale Cloud adoption for sensitive or critical business applications still faces resistance. One of the key limiting factors holding back larger adoption of Cloud services is trust. To cope with this, datacenter customers need more guarantees about the security levels provided, creating the need for tools to dynamically negotiate and monitor the security requirements. The SPECS project proposes a platform that offers security features with an as-a-service approach, furthermore it uses Security Service Level Agreements (Security SLA) as a means for establishing a clear statement between customers and providers to define a mutual agreement. This paper presents an industrial use case from EMC that integrates the SPECS Platform with their innovative solutions for the ngDC. In particular, the paper illustrates how it is possible to negotiate, enforce and monitor a Security SLA in a cloud infrastructure offering.


Cloud ngDC Cloud security Security SLA 



This research is partially supported by the EC FP7 project SPECS (Grant Agreement no. 610795).


  1. 1.
    Casola, V., De Benedictis, A., Rak, M., Villano, U.: Preliminary design of a platform-as-a-service to provide security in cloud. In: Proceedings of the 4th International Conference on Cloud Computing and Services Science, CLOSER 2014, Barcelona, Spain, 3–5 April 2014, pp. 752–757 (2014)Google Scholar
  2. 2.
    Casola, V., De Benedictis, A., Rak, M.: Security monitoring in the cloud: an SLA-based approach. In: 10th International Conference on Availability, Reliability and Security, ARES 2015, Toulouse, France, 24–27 August 2015, pp. 749–755 (2015)Google Scholar
  3. 3.
    Catteddu, D.: Security and resilience in governmental clouds. Technical report CSA (2011)Google Scholar
  4. 4.
  5. 5.
    CSCC: The CSCC practical guide to cloud service level agreements. Technical report, CSCC (2012)Google Scholar
  6. 6.
    Davidson, E.A.: The Software-Defined-Data-Center (SDDC): concept or reality? [VMware] (2013). r-sddc-concept-or-reality-vmware/
  7. 7.
    De Benedictis, A., Rak, M., Turtur, M., Villano, U.: Rest-based SLA management for cloud applications. In: 2015 IEEE 24th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), pp. 93–98, June 2015Google Scholar
  8. 8.
    Dekker, M.: Critical cloud computing a CIIP perspective on cloud computing services. Technical report, ENISA (2012)Google Scholar
  9. 9.
    EC: Unleashing the potential of cloud computing in Europe. Technical report, EC (2011)Google Scholar
  10. 10.
    Force, J.T., Initiative, T.: Security and privacy controls for federal information systems and organizations. NIST Spec. Publ. 800, 53 (2013)Google Scholar
  11. 11.
    ISO: ISO/IEC NP 19086–1, Information Technology-Cloud computing-Service level agreement (SLA) framework and technology-Part 1: Overview and concepts (2014)Google Scholar
  12. 12.
    Marimuthu, K., Gopal, D.G., Kanth, K.S., Setty, S., Tainwala, K.: Scalable and secure data sharing for dynamic groups in cloud. In: 2014 International Conference on. Advanced Communication Control and Computing Technologies (ICACCCT), pp. 1697–1701. IEEE (2014)Google Scholar
  13. 13.
    Dekker, G.H.M.: Survey and analysis of security parameters in cloud slas across the European public sector (2011).
  14. 14.
    Morin, C.: Open computing infrastructures for elastic services: contrail approach. In: Proceedings of the 5th International Workshop on Virtualization Technologies in Distributed Computing, pp. 1–2. ACM (2011)Google Scholar
  15. 15.
    NIST: SP 800–53 Rev 4: Recommended Security and Privacy Controls for Federal Information Systems and Organizations. Technical report, NIST (2013)Google Scholar
  16. 16.
    Nithiavathy, R.: Data integrity and data dynamics with secure storage service in cloud. In: 2013 International Conference on Pattern Recognition, Informatics and Mobile Engineering (PRIME), pp. 125–130. IEEE (2013)Google Scholar
  17. 17.
    Pannetrat, A., Hogben, G., Katopodis, S., Spanoudakis, G., Cazorla, C.: D2.1: security-aware SLA specification language and cloud security dependency model. Technical report, certification infrastructure for multi-layer cloud services (cumulus) (2013)Google Scholar
  18. 18.
    Pearson, S.: Toward accountability in the cloud. IEEE Internet Comput. 15(4), 64–69 (2011)CrossRefGoogle Scholar
  19. 19.
    Rak, M., Ficco, M., Battista, E., Casola, V., Mazzocca, N.: Developing secure cloud applications. Scalable Comput. Pract. Exp. 15(1), 49–62 (2014)Google Scholar
  20. 20.
    Rak, M., Suri, N., Luna, J., Petcu, D., Casola, V., Villano, U.: Security as a service using an SLA-based approach via specs. In: IEEE Proceedings of IEEE CloudCom Conference 2013 (2013)Google Scholar
  21. 21.
    Rios, E., Iturbe, E., Orue-Echevarria, L., Rak, M., Casola, V.: Towards self-protective multi-cloud applications - MUSA - a holistic framework to support the security-intelligent lifecycle management of multi-cloud applications. In: CLOSER 2015 - Proceedings of the 5th International Conference on Cloud Computing and Services Science, Lisbon, Portugal, 20–22 May 2015, pp. 551–558 (2015)Google Scholar
  22. 22.
    Talpur, S.R., Abdalla, S., Kechadi, T.: Towards middleware security framework for next generation data centers connectivity. In: Science and Information Conference (SAI), pp. 1277–1283. IEEE (2015)Google Scholar
  23. 23.
    Theilmann, W., Yahyapour, R., Butler, J.: Multi-level SLA management for service-oriented infrastructures. In: Mähönen, P., Pohl, K., Priol, T. (eds.) ServiceWave 2008. LNCS, vol. 5377, pp. 324–335. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-89897-9_28 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Massimiliano Rak
    • 1
  • Valentina Casola
    • 2
    Email author
  • Silvio La Porta
    • 3
  • Andrew Byrne
    • 3
  1. 1.Dipartimento di Ingegneria dell’InformazioneSeconda Università di NapoliAversaItaly
  2. 2.Dipartimento di Ingegneria Elettrica e Tecnologie dell’InformazioneUniversità di Napoli Federico IINapoliItaly
  3. 3.EMC Ireland COE InnovationCorkIreland

Personalised recommendations