The demonstration will present the SPECS solution in action. The SPECS project proposes an innovative Security Platform-as-a-Service that offers a solution for the SPECS’ Security-as-a-Service approach, based on SLA life cycle management. SPECS platform enables the delivering of security services, described in details through Security SLAs. Cloud Service Customers (CSCs) are able to define at fine grain level the security features they need through a user-centric negotiation of Cloud SLA, that helps CSCs to negotiate Security Services offered by Cloud Service Providers (CSPs), by understanding the resulting trade-offs.
In order to support CSCs to verify the correctness of the services offered by CSPs, SPECS offers innovative solutions for continuous security monitoring, which implements SLA monitoring solutions dedicated to continuously control the security mechanisms offered and to help ensuring the granted security service level objectives.
Moreover, SPECS offers innovative Security Services to enforce SLA: when a cloud service does not grant the security features that CSC has expressed in the negotiated SLA, SPECS executes ad hoc security mechanisms that add and grant such specific feature.
The SPECS framework, i.e. the software collection produced by the project in open source, can be used by CSP to integrate their service offerings with Security SLAs features and/or by developers in order to offer a Third Party solution that enhance the security of public CSPs In particular, the SPECS framework has been designed to empower Small and Medium-sized Enterprises with techniques and tools to improve their control and assurance over the security aspects of their Cloud services, taking into account the SLAs from the early definition of the supply chain used in the service provisioning. As a positive side effect, SPECS facilitates transparency between CSPs and End-users to allow for a better assessment of the provided/requested security levels through SLAs. SPECS is actively contributing to Cloud security SLA standardization initiatives.
The full SPECS framework is available as a prototype and released as open source in the SPECS official bitbucket repository. Moreover, the SPECS’ Solution Portfolio comprises four solutions that are either integrated within commercial products (e.g., EMC’s ViPR Software-Defined Storage), or are offered as stand-alone products (e.g., CSA’ STAR Watch, XLAB End-to-End encryption, and CERICT’s Secure Web Container).
Dana Petcu, Professor, West University of Timisoara
Dana Petcu (Mrs., PhD) is Professor at Computer Science Department and vice-rector responsible with international relationships at West University of Timisoara, scientific manager of its supercomputing center, and CEO of the research spin-off Institute e-Austria Timisoara. Her interest in distributed and parallel computing is reflected in more than two hundred papers about Cloud, Grid, Cluster or HPC computing. She is and was involved in several projects funded by European Commission and other research funding agencies, as coordinator, scientific coordinator, or local team leader. Moreover, she is chief editor of the open-access journal Scalable Computing: Practice and Experience and awarded four times for her research results, two at national level and two at international level.