CAJ | 학술논문

当前云计算服务水平协议通常只关注性能，缺乏安全参数，并且客户需要在多家云供应商中做出选择。针对上述问题，提出一种基于 SecSLA 的云供应商选择方法。构建云计算安全服务水平协议(SecSLA)的指标体系，采用目标-问题-度量方法形成SecSLA的50个底层评估指标项。并将改进的ELECTRE方法引入到云供应商的选择决策过程中，结合净优势值与净劣势值的思想，简化决策过程。实例计算与分析结果表明，SecSLA较全面地覆盖了云计算事故处理、漏洞补丁管理、合规性与可用性等因素，该云供应商选择方法能消除传统选择消去法 ELECTRE II 的繁琐与对经验的依赖，便于实现编程自动化处理，且最终的评价结果与ELECTRE II、灰色关联、理想解法一致。
당전운계산복무수평협의통상지관주성능，결핍안전삼수，병차객호수요재다가운공응상중주출선택。침대상술문제，제출일충기우 SecSLA 적운공응상선택방법。구건운계산안전복무수평협의(SecSLA)적지표체계，채용목표-문제-도량방법형성SecSLA적50개저층평고지표항。병장개진적ELECTRE방법인입도운공응상적선택결책과정중，결합정우세치여정열세치적사상，간화결책과정。실례계산여분석결과표명，SecSLA교전면지복개료운계산사고처리、루동보정관리、합규성여가용성등인소，해운공응상선택방법능소제전통선택소거법 ELECTRE II 적번쇄여대경험적의뢰，편우실현편정자동화처리，차최종적평개결과여ELECTRE II、회색관련、이상해법일치。
The cloud computing service level agreement often only focuses on performance while seldom emphasizes security parameters. Besides, customers are confused by several suppliers in cloud computing market. Therefore, cloud computing Security Service Level Agreement(SecSLA) with detailed indexes is put forward and an improved ELECTRE method is introduced to the cloud provider selection process. Goal-Question-Metric method is employed to form 50 bottom evaluation indexes for SecSLA. The modified ELECTRE method combines the value of net advantage and net disadvantage to simplify the decision process.The calculation and analysis of instance prove the following aspects:the proposed SecSLA has a relatively comprehensive coverage of the cloud computing assessment factors, such as incident handling, vulnerability and patch management,compliance and availability;the suggested method eliminates the redundancy and dependence on experience of ELECTRE II, which makes the realization of automatic process easier. The final evaluation order conforms to the result of ELECTRE II, gray correlation method and TOPSIS method, which indicates that the designed method can play a guiding role in the selection of cloud service provider.