Show simple item record

AuthorZhang, H.
AuthorYe, L.
AuthorShi, J.
AuthorDu, X.
AuthorGuizani, Mohsen
Available date2015-11-05T13:23:47Z
Publication Date2014
Publication NameSecurity and Communication Networks
ResourceWiley Online Library
CitationZhang, H., Ye, L., Shi, J., Du, X. and Guizani, M. (2014), Verifying cloud service-level agreement by a third-party auditor. Security and Communication Networks, 7: 492�502.
ISSN1939-0122
URIhttp://dx.doi.org/10.1002/sec.740
URIhttp://hdl.handle.net/10576/3759
AbstractIn this paper, we study the important issue of verifying service-level agreement (SLA) with an untrusted cloud and present an SLA verification framework that utilizes a third-party auditor (TPA). A cloud provides users with elastic computing and storage resources in a pay-as-you-go way. An SLA between the cloud and a user is a contract that specifies the computing resources and performances that the cloud should provide to the user. A cloud service provider (CSP) has incentives to cheat on the SLA, for example, providing a user with less central processing unit and memory resources than specified in the SLA, which allows the CSP to support more users and make more profits. A malicious CSP can easily disrupt the existing SLA monitoring/verification techniques by interfering with the monitoring/measurement process. A TPA resolves the trust dilemma between a CSP and its users. Under the TPA framework and the untrusted-cloud threat model, we design two effective testing algorithms that can detect an SLA violation of the virtual machine memory size. Using real experiments, we demonstrate that our algorithms can detect cloud cheating on a virtual machine's memory size (i.e., SLA violations). Furthermore, we show that our testing algorithms can defend various attacks from a malicious CSP, which tries to hide an SLA violation.
SponsorChina National Basic Research Program. Grant Numbers: 2011CB302605, 2007CB311101
SponsorChina National High Technology Research and Development Program. Grant Numbers: 2010AA012504, 2011AA010705
SponsorUS National Science Foundation. Grant Numbers: CNS-0963578, CNS-1002974, CNS-1022552, CNS-1065444
SponsorUS Army Research Office. Grant Number: W911NF-08-1-0334
Languageen
PublisherJohn Wiley & Sons, Ltd.
Subjectservice-level agreement
verification
security
cloud computing
TitleVerifying cloud service-level agreement by a third-party auditor
TypeArticle
Issue Number3
Volume Number7
dc.accessType Abstract Only


Files in this item

FilesSizeFormatView

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record