SLA Monitoring

In IT the term monitoring is an overloaded one. Most of the monitoring techniques that already exist are focused on the monitoring of performance indicators, as shown by Keller et al. in [1], Grabner, Ganglia, and Nagios. DeSVi [2], [3] include SLAaware functionalities. Monitoring has also become relevant in the cloud context (for example, the Amazon’s CloudWatch.

The mOSAIC project focuses on missing monitoring capabilities in this case for multi cloud environments. If we focus on security monitoring, we can see that there is no consensus about what security monitoring should cover and for what. Approaches in the area of continuous monitoring for detection of intrusion and malicious attacks for Web Service Providers or Cloud environment are presented by Brower in [4], Lazarevic et al. [5] and Spanoudakis et al. [6].

SPECS is trying to assess a monitoring infrastructure for security parameters included in a security SLA, thus detecting violations and promoting enforcement activities to improve security. Security monitoring can be deployed across all capabilities, and users, not only the providers that own that responsibility. This is case of federated clouds (Clayman et al. [7]) where the monitoring infrastructure developed adapts automatically to changes in the monitoring capabilities that are available in service based systems running on clouds, following dynamic SLA monitoring checks (Foster et al. [8], [9]). The Lattice monitoring system [10] provides also support for monitoring dynamically changing cloud federations.

Finally, NIST’s SCAP specifications and Cloud Security Alliance’s Cloud Trust Protocol provide interfaces for extracting monitoring data from clouds. In the case of the CTP, the status is still under working group.

[1] A. Keller and H. Ludwig. "The WSLA framework: Specifying and monitoring service level agreements for web services," Journal of Network and Systems Management, vol. 11, no. 1 pp. 57-81, 2003.

[2] V. C. Emeakaroha, R. N. Calheiros, M. A. S. Netto, I. Brandic, and C. A. F. De Rose, "DeSVi: An Architecture for Detecting SLA Violations in Cloud Computing Infrastructures" 2nd Intl ICST Conference on Cloud Computing (CloudComp 2010), 2010.

[3] V. C. Emeakaroha, M. A. S. Netto, R. N. Calheiros, I. Brandic, R. Buyya, and C. A. F. De Rose, "Towards autonomic detection of SLA violations in Cloud infrastructures," Future Generation Comp. Syst, vol. 28, no. 7, pp. 1017-1029, 2012

[4] J. Brower, "The security Onion Cloud Client - Network Security Monitoring for the Cloud," The SANS Institute, Tech. Report, 2013.

[5] A. Lazarevic, V. Kumar, J. Srivastava. "Intrusion detection: a survey," Managing cyber-threats: issues approaches & challenges, Springer, pp. 19-78, 2005.

[6] G. Spanoudakis, K. Mahbub, "Non intrusive monitoring of service based systems," Int. Journal of Cooperative Inform. Systems, vol. 15, no. 3, pp. 325-358, 2006.

[7] S. Clayman et al., "Monitoring Service Clouds in the Future Internet," In Towards the Future Internet - Emerging Trends from European Research, G. Tselentis et al. IOS Press: Amsterdam, The Netherlands, 2010. pp. 115 – 126.

[8] H. Foster, G. Spanoudakis, "SMaRT: A Workbench for Reporting the Monitorability of Services from SLAs,", 3rd International Workshop on Principles of Engineering of Service-Oriented Systems, 2011, pp. 36-42. D2.2 Requirements emerging from a state-of-the-art analysis – Final Report Page 95

[9] H. Foster, G. Spanoudakis, "Advanced Service Monitoring Configurations with SLA Decomposition and Selection," 26th ACM Symposium Applied Computing – Track on Service Oriented Architecture and Programming, 2011, pp. 1582-1589.

[10] W. Gilani et al., "SLA-aware Service Management, " Deliverable DA3.a, M38, FP7 SLA@SOI Project, 2011.