Verifying cloud Service Level Agreement

摘要

In this paper we study the important issue of verifying Service Level Agreement (SLA) in a semi-trusted (or untrusted) cloud. Cloud computing services promise elastic computing and storage resources in a pay-as-you-go way. A SLA between a cloud service provider (CSP) and a user is a contract which specifies the resources and performances that the cloud should offer. However, the CSP has the incentive to cheat on SLA, e.g., providing users with less CPU and memory resources than that specified in the SLA, which allows the CSP to support more users and make more profits. A malicious CSP can disrupt the existing SLA monitoring/verification techniques by interfering the monitoring/measurement process. Therefore, we present a SLA verification framework that leverages a third party auditor (TPA). Under the TPA framework, we propose an effective testing algorithm that can detect SLA violations of physical memory size in virtual machine (VM). Using real experiments, we show that the algorithm can detect cloud cheating on VM memory size (i.e., SLA violations). Furthermore, our algorithm can defend various attacks from a malicious CSP, which tries to hide a SLA violation.