Home      Log In      Contacts      FAQs      INSTICC Portal
Special Sessions
Security Governance and SLAs in Cloud Computing - CloudSecGov 2012

19 April, 2012 - Porto, Portugal

Within the 2nd International Conference on Cloud Computing and Services Science - CLOSER 2012

Karin Bernsmed
NO-7465 Trondheim

Brief Bio
Karin Bernsmed received her MSc degree from Linköping University in 2003 and her PhD in Telematics from the Norwegian University of Science and Technology (NTNU) in 2007. She worked as a research scientist at Telenor R&I until 2010, after which she joined SINTEF ICT where she is currently heading the information security group. Her research interests include network security and privacy, security in cloud computing, and stochastic modeling and analysis.
Martin Jaatun
University of Stavanger

Brief Bio
Martin Gilje Jaatun is a Senior Scientist at SINTEF Digital in Trondheim, Norway. He graduated from the Norwegian Institute of Technology (NTH) in 1992, and received the Dr.Philos degree in critical information infrastructure security from the University of Stavanger in 2015. He is an adjunct professor at the University of Stavanger, and was Editor-in-Chief of the International Journal of Secure Software Engineering (IJSSE). Previous positions include scientist at the Norwegian Defence Research Establishment (FFI), and Senior Lecturer in information security at the Bodø Graduate School of Business. His research interests include software security, security in cloud computing, and security of critical information infrastructures. He is vice chairman of the Cloud Computing Association (cloudcom.org), vice chair of the IEEE Technical Committee on Cloud Computing (TCCLD), an IEEE Cybersecurity Ambassador, and a Senior Member of the IEEE. Most of my published papers are available here: http://jaatun.no/papers


Keywords: Cloud Risk, Challenges, and Governance; Monitoring of Services; Quality of Service; Service Level Agreements; Cloud Security

Cloud computing is slowly turning towards an open ecosystem of services that can be mixed and matched according to the customers' individual requirements. In federated Clouds (or "clouds-of-clouds"), services will be picked not only from functionality, but also based on non-functional properties such as availability, performance, security and cost. The obvious downside is the lack of control; customers need to make sure that the composite services behave as expected and that the individual components from different providers can be trusted.

To mitigate the security risks associated with federated Clouds, and to increase the trust in the individual providers, existing security mechanisms and their effectiveness should be formalized in contracts. Service Level Agreements (SLAs) is a common way to explicitly state the obligations of the provider and to serve as a binding agreement between the service customer and the service provider. The SLA will help ensure that the service keeps the right level of quality and that customers are credited accordingly in terms of contract violations. This session will include presentations of peer-reviewed papers related to Cloud computing SLAs, with special focus on security. The topics of interests include (but are not limited to)
• Security mechanisms for Cloud computing
• Negotiation of security terms
• Machine-readable SLAs
• Monitoring and enforcement of security terms
• Security in hybrid/federated Clouds
• Cloud security governance

Paper Submission
Prospective authors are invited to submit papers in any of the topics listed above.
Instructions for preparing the manuscript (in Word and Latex formats) are available at: Paper Templates
Please also check the Submission Guidelines.
Papers should be submitted electronically via the web-based submission system at: http://www.insticc.org/Primoris
All accepted papers (full, short and posters) will be published in a special section of the conference proceedings book - under an ISBN reference and on CD-ROM support - and submitted for indexation by Thomson Reuters Conference Proceedings Citation Index (ISI), INSPEC, DBLP and EI (Elsevier Index).
All papers presented at the conference venue will be available at the SciTePress Digital Library (http://www.scitepress.org/DigitalLibrary/). SciTePress is member of CrossRef (http://www.crossref.org/).

Journal Special Issue: Distinguished papers presented at the session will be invited for possible publication in a special issue of the International Journal of Cloud Computing (http://www.inderscience.com/ijcc/).
Secretariat Contacts
CLOSER Special Sessions - CloudSecGov 2012
e-mail: closer.secretariat@insticc.org