Security Services Lifecycle Management in On-Demand Infrastructure Services Provisioning

Modern e-Science and high technology industry require high-performance and complicated network and computer infrastructure to support distributed collaborating groups of researchers and applications that should be provisioned on-demand. The effective use and management of the dynamically provisioned services can be achieved by using the Service Delivery Framework (SDF) proposed by TeleManagement Forum that provides a good basis for defining the whole services life cycle management and supporting infrastructure services. The paper discusses conceptual issues, basic requirements and practical suggestions for provisioning consistent security services as a part of the general e-Science infrastructure provisioning, in particular Grid and Cloud based. The proposed Security Services Lifecycle Management (SSLM) model extends the existing frameworks with additional stages such as “Reservation Session Binding” and “Registration and Synchronisation” that specifically target such security issues as the provisioned resources restoration, upgrade or migration and provide a mechanism for remote executing environment and data protection by binding them to the session context. The paper provides a short overview of the existing standards and technologies and refers to the on-going projects and experience in developing dynamic distributed security services.