Introduction to the SPECS Project
The Secure Provisioning of Cloud Services based on SLA Management (SPECS) project aims at developing and implementing an open source framework to offer Security-as-a-Service, by relying on the notion of security parameters specified in Service Level Agreements (SLA), and also providing the techniques to systematically manage their life-cycle.
Providing comprehensible and enforceable security assurance by Cloud Service Providers (CSP) is a critical factor to deploy trustworthy Cloud ecosystems.
Survey on Market-readiness of Cloud Security SLA Solutions
The EU FP7 SPECS project has released its final survey related to the market readiness of cloud security SLA solutions. We kindly request your collaboration to participate in the survey. Participants in the final SPECS survey stand a chance to win one of five CSA CCSK tokens!
The survey will be open until April-8th 2016. On behalf of the SPECS consortium, thanks!
The SPECS framework will provide techniques and tools for:
- Enabling a user-centric negotiation of security parameters in Cloud SLA, along with a trade-off evaluation process among users and CSPs, in order to compose and use Cloud services fulfilling a minimum required security level (termed QoSec or Quality of Security in SPECS).
- Monitoring in real-time the fulfillment of SLAs agreed with one or more CSP. SPECS’ monitoring services also enable notifying both users and CSPs, when a SLAs not being fulfilled (e.g., due to a cyber-attack).
- Enforcing agreed Cloud SLA in order to keep a sustained QoSec that fulfills the specified security parameters. SPECS’ enforcement framework will also “react and adapt” in real-time to fluctuations in the QoSec by advising/applying the correct countermeasures (e.g., triggering a two-factor authentication mechanism).”
SPECS is an EU FP7 project.
The SPECS project will run from November 2013 – April 2016.
For information about the SPECS Project partners, click here.
SPECS Project Deliverables
For more information about the SPECS deliverables, click here.
Cloud Security Alliance Role in SPECS Project
- CSA leads work on contribution to standards and interoperability of the A4Cloud framework.
- Participates in (i) the development of the framework, (ii) the metrics for accountability, (iii) the reference architecture and (iv) the validation activities.
SPECS Project News
SPECS will participate in CISIS 2016 at Fukuoka Institute of Technology (FIT), in Fukuoka, Japan, on 6-8 July 2016. SPECS partners CeRICT and IeAT will present a paper called “A Security SLA-driven Methodology to Set-up Security Capabilities on Top of Cloud Services” at the 10th International Conference on Complex, Intelligent and...
SPECS will participate in WETICE 2016 in Paris, France, on 13-15 June 2016. SPECS partners CeRICT and XLAB will present a paper called “Per-service Security SLA: a New Model for Security Management in Cloud” at the 25th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises that will be held...
SPECS was presented at the CLIPS Final Conference in Florence, Italy, on June 1st 2016. The European project’s CLIPS Final Conference was held in Florence on 01/06/2016 as part of the Major Cities of Europe Group (MCEG) annual conference. CLIPS a European funded initiative has been working on a new...
SPECS is participating in ASIACCS 2016 conference that is being held in Xi’an, China, on 30 May to 3 June 2016. Building on the success of ACM Conference on Computer and Communications Security (CCS) and ACM Transactions on Information and System Security (TISSEC), the ACM Special Interest Group on Security,...
SPECS survey about “Taking Cloud Security SLA’s close-to-market” closed in the end of April. Partner CSA conducted a draw between the respondents and 5 of them won five CCSK tokens, worth US$345.00. All winners have been notified via email and given the token. Thank you to all the respondents of...