Home      Log In      Contacts           INSTICC Portal
Special Sessions
Special Session on
Security Governance and SLAs in Cloud Computing
 - CloudSecGov 2013

8 - 10 May, 2013 - Aachen, Germany

Within the 3rd International Conference on Cloud Computing and Services Science - CLOSER 2013


Karin Bernsmed
Software Engineering, Safety and Security , SINTEF ICT

Brief Bio
Karin Bernsmed received her MSc degree from Linköping University in 2003 and her PhD in Telematics from the Norwegian University of Science and Technology (NTNU) in 2007. She worked as a research scientist at Telenor R&I until 2010, after which she joined SINTEF ICT where she is currently heading the information security group. Her research interests include network security and privacy, security in cloud computing, and stochastic modeling and analysis.
Martin Gilje Gilje Jaatun
IDE, Software Engineering, Safety and Security, SINTEF Digital, Trondheim, Norway
Brief Bio
Martin Gilje Jaatun is a Senior Scientist at SINTEF Digital in Trondheim, Norway. He graduated from the Norwegian Institute of Technology (NTH) in 1992, and received the Dr.Philos degree in critical information infrastructure security from the University of Stavanger in 2015. He is an adjunct professor at the University of Stavanger, and was Editor-in-Chief of the International Journal of Secure Software Engineering (IJSSE). Previous positions include scientist at the Norwegian Defence Research Establishment (FFI), and Senior Lecturer in information security at the Bodø Graduate School of Business. His research interests include software security, security in cloud computing, and security of critical information infrastructures. He is vice chairman of the Cloud Computing Association (, vice chair of the IEEE Technical Committee on Cloud Computing (TCCLD), an IEEE Cybersecurity Ambassador, and a Senior Member of the IEEE. Most of my published papers are available here:


Keywords: Cloud Risk, Challenges, and Governance; Monitoring of Services; Quality of Service; Service Level Agreements; Cloud Security

Cloud computing is slowly turning towards an open ecosystem of services that can be mixed and matched according to the customers' individual requirements. In federated Clouds (or "clouds-of-clouds"), services will be picked not only from functionality, but also based on non-functional properties such as availability, performance, security and cost. The obvious downside is the lack of control; customers need to make sure that the composite services behave as expected and that the individual components from different providers can be trusted.

To mitigate the security risks associated with federated Clouds, and to increase the trust in the individual providers, existing security mechanisms and their effectiveness should be formalized in contracts. Service Level Agreements (SLAs) is a common way to explicitly state the obligations of the provider and to serve as a binding agreement between the service customer and the service provider. The SLA will help ensure that the service keeps the right level of quality and that customers are credited accordingly in terms of contract violations. This session will include presentations of peer-reviewed papers related to Cloud computing SLAs, with special focus on security. The topics of interests include (but are not limited to)
• Security mechanisms for Cloud computing
• Negotiation of security terms
• Machine-readable SLAs
• Monitoring and enforcement of security terms
• Security in hybrid/federated Clouds
• Cloud security governance

This is the second edition of the CloudSecGov. The first edition, CloudSecGov 2012, took place during CLOSER 2012 and attracted a large number of high-quality speakers.


Humberto Castejon, Independent Researcher, Norway
Nazila Golmohammadi, University of Duisburg-Essen, Germany
Bjarne E. Helvik, Department of Information Security and Communication Technology, NTNU – Norwegian University of Science and Technology, Norway
Geir M. Køien, ICT, University of Agder, Norway
Melek Önen, Digital Security, EURECOM, France
Siani Pearson, Cloud and Security Research Lab,, United Kingdom
Erkuden Rios Velasco, Independent Researcher, Spain
Katerina Stamou, ISS, University of Geneva ISS, Switzerland


Prospective authors are invited to submit papers in any of the topics listed above.
Instructions for preparing the manuscript (in Word and Latex formats) are available at: Paper Templates
Please also check the Guidelines and Templates.
Papers should be submitted electronically via the web-based submission system at:


All accepted papers will be published in a special section of the conference proceedings book - under an ISBN reference and on CD-ROM support - and submitted for indexation by Thomson Reuters Conference Proceedings Citation Index (ISI), INSPEC, DBLP, EI (Elsevier Index) and Scopus.
SCITEPRESS is member of CrossRef (
All papers presented at the conference venue will be available at the SCITEPRESS Digital Library


CLOSER Special Sessions - CloudSecGov 2013