Confiança na Nuvem a partir da construção de Sec-SLA nos diversos modelos quanto à implantação e serviço
Resumo
Um dos requisitos fundamentais para a consolidação da computação em nuvem, como solução robusta e confiável, é a segurança. As organizações que buscam adotar a nuvem como solução devem estar cientes que esta tecnologia herda todas as vulnerabilidades de segurança existentes em soluções tradicionais, aliadas à complexidade e heterogeneidade de suas configurações quanto à arquitetura, à privacidade e à conformidade deste novo modelo computacional. Ao impor práticas de gestão uniformes aos provedores quanto ao controle de segurança, com políticas de privacidade acordadas com seus clientes definidos em Acordo de Nível de Serviço de Segurança (Security Service Level Agreements), ou simplesmente Sec-SLA, espera-se que a nuvem seja capaz de melhorar seu controle e segurança, bem como obter respostas eficientes a incidentes. Propõe-se neste trabalho, um modelo para calcular a confiança de provedores a partir de medidas de solução e mitigação a incidentes de segurança oferecidas em seus catálogos de serviço.
Palavras-chave:
Nuvem, Confiança, Sec-SLA, SLA
Referências
G. Caldiera and V. Basili. Identifying and qualifying reusable software components. Computer, 24(2):61–70, 1991.
J. Cybulski and K. Reed. Requirements classification and reuse: Crossing domain boundaries. In Proceedings of the 6th International Conference on Software Reuse (ICSR), pages 190–210, 2000.
W. Frakes and C. Terry. Software reuse: metrics and models. Computing Surveys (CSUR), 28(2):415–435, 1996.
J. Guo and Luqi. A survey of software reuse repositories. In Proceedings of the 7th International Conference and Workshops on the Engineering of Computer Based Systems (ECBS), page 92. IEEE, 2000.
S. Kawaguchi, P. Garg, M. Matsushita, and K. Inoue. Mudablue: an automatic categorization system for open source repositories. In Proceedings of the 11th Asia-Pacific Software Engineering Conference (APSEC), pages 184–193, 2004.
C. Krueger. Software reuse. Computing Surveys (CSUR), 24(2):131–183, 1992.
A. Kuhn, S. Ducasse, and T. Gírba. Semantic clustering: Identifying topics in source code. Information and Software Technology, 49(3):230–243, 2007.
J. Lee, K. Kang, and S. Kim. A feature-based approach to product line production planning. In Software Product Lines, pages 183–196. Springer, 2004.
H. Liu and R. Lu. Word similarity based on an ensemble model using ranking svms. In Proceedings of the International Conference on Web Intelligence and Intelligent Agent Technology (WI-IAT), pages 283–286, 2008.
Y. Maarek, D. Berry, and G. Kaiser. An information retrieval approach for automatically constructing software libraries. Transactions on Software Engineering (TSE), 17(8):800–813, 1991.
P. Mohagheghi and R. Conradi. Quality, productivity and economic benefits of software reuse: a review of industrial studies. Empirical Software Engineering (ESE), 12(5):471–516, 2007.
P. Mohagheghi, R. Conradi, O. Killi, and H. Schwarz. An empirical study of software reuse vs. defect-density and stability. In Proceedings of the 26th International Conference on Software Engineering (ICSE), pages 282–291, 2004.
R. Monroe and D. Garlan. Style-based reuse for software architectures. In Proceedings of the 4th International Conference on Software Reuse (ICSR), pages 84–93. IEEE, 1996.
M. Morisio, M. Ezran, and C. Tully. Success and failure factors in software reuse. Transactions on Software Engineering (TSE), 28(4):340–357, 2002.
J. Neighbors. The evolution from software components to domain analysis. International Journal of Software Engineering and Knowledge Engineering (IJSEKE), 2(03):325–354, 1992.
M. Oliveira, E. Goncalves, and K. Bacili. Automatic identification of reusable software development assets: Methodology and tool. In Proceedings of the 8th International Conference on Information Reuse and Integration (IRI), pages 461–466. IEEE, 2007.
T. Ravichandran and M. Rothenberger. Software reuse strategies and component markets. Communications of the ACM, 46(8):109–114, 2003.
M. Sojer and J. Henkel. License risks from ad hoc reuse of code from the internet. Communications of the ACM, 54(12):74–81, 2011.
Y. Tian, D. Lo, and J. Lawall. Sewordsim: Software-specific word similarity database. In Proceedings of the 36th International Conference on Software Engineering (ICSE), pages 568–571, 2014.
Z. Wang, X. Xu, and D. Zhan. A survey of business component identification methods and related techniques. International Journal of Information Technology, 2(4):229–238, 2005.
C. Wohlin, P. Runeson, M. H¨ost, M. C. Ohlsson, B. Regnell, and A. Wesslén. Experimentation in software engineering. Springer Science & Business Media, 2012.
Y. Ye and G. Fischer. Reuse-conducive development environments. Automated Software Engineering (ASE), 12(2):199–235, 2005.
L. Yujian and L. Bo. A normalized levenshtein distance metric. Transactions on Pattern Analysis and Machine Intelligence (TPAMI), 29(6):1091–1095, 2007.
Z. Zhen, J. Shen, and S. Lu. Wcons: An ontology mapping approach based on word and context similarity. In Proceedings of the International Conference on Web Intelligence and Intelligent Agent Technology (WI-IAT), pages 334–338, 2008.
J. Cybulski and K. Reed. Requirements classification and reuse: Crossing domain boundaries. In Proceedings of the 6th International Conference on Software Reuse (ICSR), pages 190–210, 2000.
W. Frakes and C. Terry. Software reuse: metrics and models. Computing Surveys (CSUR), 28(2):415–435, 1996.
J. Guo and Luqi. A survey of software reuse repositories. In Proceedings of the 7th International Conference and Workshops on the Engineering of Computer Based Systems (ECBS), page 92. IEEE, 2000.
S. Kawaguchi, P. Garg, M. Matsushita, and K. Inoue. Mudablue: an automatic categorization system for open source repositories. In Proceedings of the 11th Asia-Pacific Software Engineering Conference (APSEC), pages 184–193, 2004.
C. Krueger. Software reuse. Computing Surveys (CSUR), 24(2):131–183, 1992.
A. Kuhn, S. Ducasse, and T. Gírba. Semantic clustering: Identifying topics in source code. Information and Software Technology, 49(3):230–243, 2007.
J. Lee, K. Kang, and S. Kim. A feature-based approach to product line production planning. In Software Product Lines, pages 183–196. Springer, 2004.
H. Liu and R. Lu. Word similarity based on an ensemble model using ranking svms. In Proceedings of the International Conference on Web Intelligence and Intelligent Agent Technology (WI-IAT), pages 283–286, 2008.
Y. Maarek, D. Berry, and G. Kaiser. An information retrieval approach for automatically constructing software libraries. Transactions on Software Engineering (TSE), 17(8):800–813, 1991.
P. Mohagheghi and R. Conradi. Quality, productivity and economic benefits of software reuse: a review of industrial studies. Empirical Software Engineering (ESE), 12(5):471–516, 2007.
P. Mohagheghi, R. Conradi, O. Killi, and H. Schwarz. An empirical study of software reuse vs. defect-density and stability. In Proceedings of the 26th International Conference on Software Engineering (ICSE), pages 282–291, 2004.
R. Monroe and D. Garlan. Style-based reuse for software architectures. In Proceedings of the 4th International Conference on Software Reuse (ICSR), pages 84–93. IEEE, 1996.
M. Morisio, M. Ezran, and C. Tully. Success and failure factors in software reuse. Transactions on Software Engineering (TSE), 28(4):340–357, 2002.
J. Neighbors. The evolution from software components to domain analysis. International Journal of Software Engineering and Knowledge Engineering (IJSEKE), 2(03):325–354, 1992.
M. Oliveira, E. Goncalves, and K. Bacili. Automatic identification of reusable software development assets: Methodology and tool. In Proceedings of the 8th International Conference on Information Reuse and Integration (IRI), pages 461–466. IEEE, 2007.
T. Ravichandran and M. Rothenberger. Software reuse strategies and component markets. Communications of the ACM, 46(8):109–114, 2003.
M. Sojer and J. Henkel. License risks from ad hoc reuse of code from the internet. Communications of the ACM, 54(12):74–81, 2011.
Y. Tian, D. Lo, and J. Lawall. Sewordsim: Software-specific word similarity database. In Proceedings of the 36th International Conference on Software Engineering (ICSE), pages 568–571, 2014.
Z. Wang, X. Xu, and D. Zhan. A survey of business component identification methods and related techniques. International Journal of Information Technology, 2(4):229–238, 2005.
C. Wohlin, P. Runeson, M. H¨ost, M. C. Ohlsson, B. Regnell, and A. Wesslén. Experimentation in software engineering. Springer Science & Business Media, 2012.
Y. Ye and G. Fischer. Reuse-conducive development environments. Automated Software Engineering (ASE), 12(2):199–235, 2005.
L. Yujian and L. Bo. A normalized levenshtein distance metric. Transactions on Pattern Analysis and Machine Intelligence (TPAMI), 29(6):1091–1095, 2007.
Z. Zhen, J. Shen, and S. Lu. Wcons: An ontology mapping approach based on word and context similarity. In Proceedings of the International Conference on Web Intelligence and Intelligent Agent Technology (WI-IAT), pages 334–338, 2008.
Publicado
17/05/2016
Como Citar
SILVA, Kátia C. A.; ROCHA, Antonio A. A.; GUIMARÃES, Flávio Q..
Confiança na Nuvem a partir da construção de Sec-SLA nos diversos modelos quanto à implantação e serviço. In: SIMPÓSIO BRASILEIRO DE SISTEMAS DE INFORMAÇÃO (SBSI), 12. , 2016, Florianópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2016
.
p. 329-336.
DOI: https://doi.org/10.5753/sbsi.2016.5979.
