Please wait a minute...
Frontiers of Computer Science

ISSN 2095-2228

ISSN 2095-2236(Online)

CN 10-1014/TP

Postal Subscription Code 80-970

2018 Impact Factor: 1.129

Front. Comput. Sci.    2020, Vol. 14 Issue (6) : 146808    https://doi.org/10.1007/s11704-019-9130-0
RESEARCH ARTICLE
A behavior-aware SLA-based framework for guaranteeing the security conformance of cloud service
Xiaochen LIU1, Chunhe XIA1,2, Tianbo WANG1,3, Li ZHONG1, Xiaojian LI2()
1. Beijing Key Laboratory of Network Technology, School of Computer Science and Engineering, Beihang University, Beijing 100191, China
2. School of Computer Science and Information Technology, Guangxi Normal University, Guilin 541004, China
3. School of Cyber Science and Technology, Beihang University, Beijing 100191, China
 Download: PDF(1222 KB)  
 Export: BibTeX | EndNote | Reference Manager | ProCite | RefWorks
Abstract

As cloud computing technology turning to mature, cloud services have become a trust-based service. Users’ distrust of the security and performance of cloud services will hinder the rapid deployment and development of cloud services. So cloud service providers (CSPs) urgently need a way to prove that the infrastructure and the behavior of cloud services they provided can be trusted. The challenge here is how to construct a novel framework that can effective verify the security conformance of cloud services, which focuses on fine-grained descriptions of cloud service behavior and security service level aggreements (SLAs). In this paper, we propose a novel approach to verify cloud service security conformance, which reduces the description gap between the CSP and users through modeling cloud service behavior and security SLA, these models enable a systematic integration of security constraints and service behavior into cloud while using UPPAAL to check the performance and security conformance. The proposed approach is validated through case study and experimentswith real cloud service based on Open- Stack, which illustrates CloudSec approach effectiveness and can be applied on realistic cloud scenario.

Keywords security conformance      security SLA      cloud behavior modeling     
Corresponding Author(s): Xiaojian LI   
Just Accepted Date: 25 February 2020   Issue Date: 26 May 2020
 Cite this article:   
Xiaochen LIU,Chunhe XIA,Tianbo WANG, et al. A behavior-aware SLA-based framework for guaranteeing the security conformance of cloud service[J]. Front. Comput. Sci., 2020, 14(6): 146808.
 URL:  
https://academic.hep.com.cn/fcs/EN/10.1007/s11704-019-9130-0
https://academic.hep.com.cn/fcs/EN/Y2020/V14/I6/146808
1 R L Krutz, R D Vines, G Brunette. Cloud Security: A Comprehensive Guide to Secure Cloud Computing. Indianapolis: Wiley, 2010
2 A Singh, K Chatterjee. Cloud security issues and challenges: a survey. Journal of Network and Computer Applications, 2017, 79: 88–115
https://doi.org/10.1016/j.jnca.2016.11.027
3 A Lomuscio, W Penczek, M Solanki, M Szreter. Runtime monitoring of contract regulated web services. Fundamenta Informaticae, 2011, 111(3): 339–355
https://doi.org/10.3233/FI-2011-566
4 W Van der Aalst, A Adriansyah, B van Dongen. Replaying history on process models for conformance checking and performance analysis. Wiley Interdisciplinary Reviews Data Mining and Knowledge Discovery, 2012, 2(2): 182–192
https://doi.org/10.1002/widm.1045
5 W M P Van der Aalst, M Dumas, C Ouyang, A Rozinat, E Verbeek. Conformance checking of service behavior. ACM Transactions on Internet Technology, 2008, 8(3): 1–30
https://doi.org/10.1145/1361186.1361189
6 L García-Banuelos, N R T P Van Beest, M Dumas, M La Rosa, W Mertens. Complete and interpretable conformance checking of business processes. IEEE Transactions on Software Engineering, 2015, PP(99): 1–1
7 J Kai, H Miao, K Zhao, J Zhou, H Gao. A platform for analyzing behaviors of service-oriented application based on the probabilistic model checking. International Journal of Software Innovation, 2015, 3(2): 24–38
https://doi.org/10.4018/ijsi.2015040104
8 S Kikuchi, T Aoki. Evaluation of operational vulnerability in cloud service management using model checking. In: Proceedings of IEEE International Symposium on Service Oriented System Engineering. 2013, 37–48
https://doi.org/10.1109/SOSE.2013.31
9 G A Moreno, J Camara, D Garlan, B Schmerl. Proactive self-adaptation under uncertainty: a probabilistic model checking approach. In: Proceedings of Joint Meeting on Foundations of Software Engineering. 2015, 1–12
https://doi.org/10.1145/2786805.2786853
10 S J J Leemans, D Fahland, W M P Van der Aalst. Scalable process discovery and conformance checking. Software and Systems Modeling, 2018, 17(2): 1–33
https://doi.org/10.1007/s10270-016-0545-x
11 D Liu, J Zic. Cloud#: a specification language for modeling cloud. In: Proceedings of IEEE International Conference on Cloud Computing. 2011, 533–540
https://doi.org/10.1109/CLOUD.2011.18
12 R B Uriarte, F Tiezzi, R D Nicola. SLAC: a formal servicelevel- agreement language for cloud computing. In: Proceedings of IEEE/ACMInternational Conference on Utility and Cloud Computing. 2014, 419–426
https://doi.org/10.1109/UCC.2014.53
13 A Bergmayr, M Wimmer, G Kappel, M Grossniklaus. Cloud modeling languages by example. In: Proceedings of IEEE International Conference on Service-oriented Computing and Applications. 2014, 137–146
https://doi.org/10.1109/SOCA.2014.56
14 G Cicotti, L Coppolino, S D’Antonio, L Romano. Runtime model checking for SLA compliance monitoring and QoS prediction. JoWUA, 2015, 6(2): 4–20
15 A Awad, G Decker, M Weske. Efficient compliance checking using BPMN-Q and temporal logic. In: Proceedings of International Conference on Business Process Management. 2008, 326–341
https://doi.org/10.1007/978-3-540-85758-7_24
16 A Hendre, K P Joshi. A semantic approach to cloud security and compliance. In: Proceedings of IEEE International Conference on Cloud Computing. 2015, 1081–1084
https://doi.org/10.1109/CLOUD.2015.157
17 A Khadraoui, C Feltus. Service specification and service compliance: how to consider the responsibility dimension? Journal of Service Science Research, 2012, 4(1): 123–142
https://doi.org/10.1007/s12927-012-0005-2
18 T Madi, S Majumdar, Y Wang, M Pourzandi, M Debbabi, Y Jarraya, L Wang. Auditing security compliance of the virtualized infrastructure in the cloud: application to openstack. In: Proceedings of the 6th ACM Conference on Data and Application Security and Privacy. 2016, 195–206
19 D Darvas, I Majzik, E B Vinuela. Conformance checking for programmable logic controller programs and specifications. In: Proceedings of the 11th IEEE Symposium on Industrial Embedded Systems. 2016, 1–8
https://doi.org/10.1109/SIES.2016.7509409
20 H Roehm, J Oehlerking, M Woehrle, M Althoff. Reachset conformance testing of hybrid automata. In: Proceedings of the 19th International Conference on Hybrid Systems: Computation and Control. 2016, 277–286
https://doi.org/10.1145/2883817.2883828
21 W Viriyasitavat, L Da Xu, W Viriyasitavat. Compliance checking for requirement-oriented service workflow interoperations. IEEE Transactions on Industrial Informatics, 2014, 10(2): 1469–1477
https://doi.org/10.1109/TII.2014.2301132
[1] Article highlights Download
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed