Security Monitoring in the Cloud: An SLA-Based Approach

In this paper we present a monitoring architecture that is automatically configured and activated based on a signed Security SLA. Such monitoring architecture integrates different security-related monitoring tools (either developed ad-hoc or already available as open-source or commercial products) to collect measurements related to specific metrics associated with the set of security Service Level Objectives (SLOs) that have been specified in the Security SLA. To demonstrate our approach, we discuss a case study related to detection and management of vulnerabilities and illustrate the integration of the popular open source monitoring system Open VAS into our monitoring architecture. We show how the system is configured and activated by means of available Cloud automation technologies and provide a concrete example of related SLOs and metrics.