Bulut Servisleri ve Bulut Güvenliği için Ontoloji Tabanlı Hizmet Düzeyi Sözleşmeleri

Bulut bilişim, günümüzdeki en önemli teknolojik gelişim ve dönüşümlerinden biri olarak kabul edilmektedir. Bu teknolojinin gelişmesi ile veri tabanı servislerinin, sunucu ve depolama hizmetlerinin yönetimi ve kullanımı kolaylaşmış ve daha düşük maliyetler ile gerçekleştirilebilir bir hale gelmiştir. Son kullanıcılardan büyük ölçekli işletmelere kadar geniş bir kullanıcı kitlesine sahip olan bulut bilişimin popülerleşmesi bulut güvenliği kaygılarını da beraberinde getirmektedir. Farklı bulut servislerinin farklı hizmet katmanlarını karşılaması, atak yüzeylerinin geleneksel yöntemlerden çok daha fazla olması gibi sebepler, bulut güvenliğinin yönetimini zorlaştırmaktadır. Bulut servislerinin yönetimini ve bulut güvenliğini sağlamak amacı ile, bulut hizmetleri kullanıcılarının ve bulut sağlayıcılarının hizmetlerin güvenlik, kullanılabilirlik, yanıt verme düzeyleri gibi kritik özellikleri garanti eden Hizmet Düzeyi Sözleşmeleri (Service Level Agreements, SLAs) bulunur. Bu sözleşmelere uyumluluk ve sözleşme ihlallerin kontrolü üzerine bulut servisleri ve bulut güvenliği için geliştirilen ontoloji yapısı, bulut servisleri ve bulut güvenliği kavramlarının arasındaki ilişkileri tanımlamaktadır. Bu ontolojik tanımlama, SLA’ların daha iyi anlaşılmasını, yönetilmesini ve sürekli kontrol için otomasyonunu sağlamaktadır. Bu çalışmada, bulut servisleri ve bulut güvenliği kapsamında geliştirilen SLA ontolojileri üzerine kapsamlı bir araştırma ve inceleme sunulmaktadır. Gerçekleştirilen çalışma sonucunda, alandaki mevcut durum ve yaklaşımlar incelenerek kullanılan teknolojiler ve gelecek çalışmalara yönelik fırsatlar değerlendirilmektedir.

Anahtar Kelimeler:

Bulut bilişim, Bulut güvenliği, Ontoloji, Hizmet düzeyi sözleşmesi, Anlamsal ağ

Ontology-Based Service Level Agreements for Cloud Services and Cloud Security

Cloud computing is defined as one of the most important technological developments and transformations nowadays. As cloud technology improves, handling and using services like databases, servers, and storage becomes simpler and cheaper. The popularization of cloud computing, which has a wide range of users from end users to large-scale enterprises, also brings cloud security concerns. Different cloud services have the ability to operate across multiple service layers, attack surfaces and scenarios are much more varied than traditional methods. Because of all these, keeping track of cloud security can be hard and complicated. In order to manage cloud services and provide cloud security, cloud users and cloud providers have Service Level Agreements (SLAs) that guarantee critical features of services such as security, availability, and responsiveness levels. Cloud services and cloud security ontology help to be compliant with these documents and control SLA violations by defining the relationships between cloud services and cloud security concepts. This ontological definition enables SLAs to be better understood, managed, and automated for continuous control. In this study, comprehensive research and review on SLA ontologies for cloud services and cloud are presented. As a result of the study, the current situation and approaches in the area are examined. Also, opportunities for future SLA ontology studies are evaluated.

Keywords:

Cloud computing, Cloud security, Ontology, Service Level Agreement, Semantic network,

PDF

___

Alibaba SLA. 2023. Alibaba service level agreements. URL: https://www.alibabacloud.com/help/en/legal/latest/product-sla. (accessed date: 23 March, 2023).
Amazon Web Services (AWS) SLA. 2023. AWS service level agreements (SLAs). URL: https://aws.amazon.com/legal/service-level-agreements. (accessed date: 23 March, 2023).
Amazon Compute SLA. 2023. Amazon compute service level agreement. URL: https://aws.amazon.com/compute/sla/. (accessed date: 23 March, 2023).
Avram MG. 2014. Advantages and challenges of adopting cloud computing from an enterprise perspective. Procedia Technol, 12: 529-534
Azure SLA. 2023. Azure Service Level Agreements. URL: https://www.azure.cn/en-us/support/legal/sla/. (accessed date: 23 March, 2023).
Baset S. 2012. Cloud SLAs: present and future. ACM SIGOPS Operating Systems Rev, 46: 57–66.
Brereton P, Kitchenham A, Budgen D, Turner M, Khalil M. 2007. Lessons from applying the systematic literature review process within the software engineering domain. Journal of Systems and Software. Volume 80, 571-583.
CloudSim. 2023. A framework for modeling and simulation of cloud computing infrastructures and services. URL: https://github.com/Cloudslab/cloudsim. (accessed date: 23 March, 2023).
Dastjerdi A, Tabatabaei S, Buyya R. 2012. A dependency-aware ontology-based approach for deploying service level agreement monitoring services in cloud. Softw Pract Exper, 42(4): 501–518.
Fernández M, Gómez-Pérez A, Juristo N. 1997. Methontology: From ontological art towards ontological engineering. AAAI Technical Report, 1997: 33-40
Ganapathy D, Josh K. 2022. A semantically rich framework to automate cloud service level agreements. IEEE Transactions on Services Computing, 2022: 1-12.
Gennaria J, Musen M, Fergerson R, Grosso W, Crubezy M, Eriksson H, Noy N, Tu S, 2003, The evolution of Protégé: an environment for knowledge-based systems development, Inter J Human-Computer Stud, 58(1): 89-123.
Google SLA. 2023. Google cloud platform service level agreements. URL: https://cloud.google.com/terms/sla (accessed date: 23 March, 2023).
GoGrid. 2023. What is GoGrid? URL: https://en.wikipedia.org/wiki/GoGrid (accessed date: 23 March, 2023).
HP SLA. 2023. HP support service agreement terms & conditions. https://h20345.www2.hp.com/Resources/csndocs/elfpack/AU_EN/Related%20Documents/Terms_and_conditions.pdf (accessed date: 23 March, 2023).
IBM SLA. 2023. IBM service level agreements. URL: https://cloud.ibm.com/docs/overview?topic=overview-slas (accessed date: 23 March, 2023).
Joshi K, Pearce C. 2015. Automating cloud service level agreements using semantic technologies. Proceedings of IEEE International Conference on Cloud Engineering (IC2E), March 9-13 2015, Tempe, AZ, USA, pp: 1-6.
Kitchenham B. 2004. Procedures for performing systematic reviews. Keele University, Technical Report, TR/SE-0401, Newcastle, UK, ISSN:1353-7776, pp: 33.
Kouki Y, Ledoux T. 2012. CSLA: A language for improving cloud SLA management. international conference on cloud computing and services science. URL: https://www.scitepress.org/papers/2012/39564/39564.pdf (accessed date: 23 March, 2023).
Labidi T, Mtibaa A, Brabra H. 2016. CSLAOnto: A comprehensive ontological sla model in cloud computing. J Data Semant, 5: 179–193.
Labidi T, Mtibaa A, Gaaloul W, Tata S, Gargouri F. 2017a. Cloud SLA modeling and monitoring. Proceedings of IEEE 14th International Conference on Services Computing, June 25-30, 2017, Honolulu, Hawaii, USA, pp: 338-345. DOI: 10.1109/SCC.2017.50
Labidi T, Mtibaa A, Gaaloul W, Gargouri F. 2017b. Ontology-Based SLA negotiation and re-negotiation for cloud computing. Proceedings of IEEE 26th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises, 21-23 June, 2017, Tempe, AZ, USA, pp: 36-41. DOI: 10.1109/WETICE.2017.24
Labidi T, Mtibaa A, Gargouri F. 2018. Cloud SLA terms analysis based on ontology. Procedia Comput Sci, 126: 292-301.
Lee C, Kavi K, Raymond P, Gomathisankaran M. 2015a. Ontology of secure service level agreement. Proceedings of 16th International Symposium on High Assurance Systems Engineering, January 8-10, 2015, Daytona, USA, pp: 166-172. DOI: 10.1109/HASE.2015.33
Lee C, Kamongi P, Kav K. 2015b. Optimus: A framework of vulnerabilities, attacks, defenses and SLA ontologies. Inter J Next-Generation Comput, 6(1): 42-56.
Manvi S, Shyam G, 2014, Resource Management for Infrastructure as a Service (IaaS) in cloud computing: A survey. J Network Comput Applicat, 41: 424-440.
Meegan J, Singh. G, Woodward, S, Salvatore V, Rak M, Harris D, Murray G, Martino B Di, Roux Le, McDonald J, Kean R, Edwards M, Russell D, Malekkos G, 2012, Practical guide to cloud service level agreements. URL: https://parsec2.unicampania.it/venticinque/index.php/research/jr-project?view=publication&task=show&id=149 (accessed date: 03 June, 2023).
Mittal S, Joshi K, Pearce C, Joshi A. 2016. Automatic extraction of metrics from slas for cloud service management. Proceedings of IEEE International Conference on Cloud Engineering (IC2E), April 4-8, 2016, Berlin, Germany, pp: 1-4. DOI: 10.1109/IC2E.2016.14
Modica G, Petralia G, Tomarchio O. 2013. An SLA ontology to support service discovery in future cloud markets. Proceedings of 27th International Conference on Advanced Information Networking and Applications Workshops, March 25-28, 2013, Barcelona, Spain, pp: 1-5. DOI: 10.1109/WAINA.2013.68
Mohamed M, Anya O, Tata S, Mandagere N, Baracaldo N, Ludwig H. 2017. rSLA: An Approach for Managing Service Level Agreements in Cloud Environments. Inter J Cooperat Inform Systems, 26(2): 1742003. DOI: 10.1142/S0218843017420035
Moustafa S, Elgazzar K, Martin P, Elsayed M. 2015. SLAM: SLA monitoring framework for federated cloud services. Proceedings of IEEE/ACM 8th International Conference on Utility and Cloud Computing, December 7-10, 2015, Limassol, Cyprus pp: 1-6. DOI: 10.1109/UCC.2015.90
NIST. NIST ontological visualization interface for standards: user’s guide. URL: https://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7945.pdf /(accessed date: June 03, 2023).
Ontology. 2023. What is Ontology? URL: https://en.wikipedia.org/wiki/Ontology (accessed date: 23 March, 2023).
Oracle SLA. 2023. Oracle cloud infrastructure service level agreement (SLA). URL: https://www.oracle.com/uk/cloud/sla/(accessed date: 23 March, 2023).
SAP SLA. 2023. SAP service level agreement. URL: https://help.sap.com/docs/HANA_SERVICE/319dbc7c518f4f31b7333060d0cc546c/9deb7aea417a4e1886d7845e198fc9b5.html (accessed date: 23 March, 2023).
Singh A, Chatterjee K, 2017. Cloud security issues and challenges: A survey, J Network Comput Applicat, 79: 88-115.
Sleator D, Temperley D. 1995. Parsing English with a link grammar. URL: https://arxiv.org/pdf/cmp-lg/9508004.pdf (accessed date: 23 March, 2023).
Stanford PoS Tagger. 2023. The Stanford POS Tagger. URL: http://www.linguisticsweb.org/doku.php?id=linguisticsweb:tutorials:automaticannotation:stanford_pos_tagger (accessed date: 23 March, 2023).
Pellet. 2023. What is pellet? URL: https://www.w3.org/2001/sw/wiki/Pellet (accessed date: 23 March, 2023).
Rackspace SLA. 2023. Rackspace service level agreements. URL: https://docs.rackspace.com/docs/vm-management/private-cloud/service-level-agreements (accessed date: 23 March, 2023).
VMWare Cloud Air. 2023. VMware vCloud air service description. URL: https://www.vmware.com/files/au/pdf/vcloud-air/vcloud-air-Datasheet.pdf (accessed date: 23 March, 2023).
WeiTek T, XiaoYing BAI, Yu H. 2014. Software-as-a-service (SaaS): perspectives and challenges. Sci China Inform Sci, 57: 1-15.
WSAG4J. 2023. Welcome to WSAG4J. https://wsag4j.sourceforge.net/site/index.html. (accessed date: 23 March, 2023).