{"id":7539,"date":"2014-08-03T15:19:12","date_gmt":"2014-08-03T13:19:12","guid":{"rendered":"http:\/\/blog.zhaw.ch\/icclab\/?p=7539"},"modified":"2015-08-27T14:11:22","modified_gmt":"2015-08-27T12:11:22","slug":"cloud-incident-management","status":"publish","type":"post","link":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/","title":{"rendered":"Cloud Incident Management"},"content":{"rendered":"<h1>Overview<\/h1>\n<p>Cloud Incident Management is a new research direction which focuses on conducting forensic investigations, electronic discovery (eDiscovery), and other critical aspects of security that are inherent in a multi-tenant, highly virtualized environment, along with any standards that need to be followed.<\/p>\n<p>An Incident is an event which occurs outside the standard operation plan and which can lead to a reduction or interruption of quality of service. Incidents, in Cloud Computing, can lead to service shortages at all infrastructure levels (IaaS, PaaS, SaaS).<\/p>\n<p>Incident Management provides a solid approach to address SLA incidents by covering aspects pertaining to service runtime in cloud through monitoring and analysis of events that may not cause SLA breaches but may disrupt service execution, or by covering aspects related to security by correlating and analyzing information coming from logs and generating adequate corrective responses.<\/p>\n<h1>Objectives<\/h1>\n<p>Current research will focus on addressing a series of research challenges pertaining to the Cloud Incident Management field:<\/p>\n<ul>\n<li>Tackle possible temporary or long-term failures through the development of incident management tools, reference architectures and guidance for cloud customers to build systems resilient to cloud service failure.<\/li>\n<li>Automated management of incident prevention, detection and response as well as recovery via clear SLA commitments and continuous monitoring will increase reliability, resilience, availability, trustworthiness and even accountability of cloud providers and customers.<\/li>\n<\/ul>\n<h1>Research Challenges and Open Issues<\/h1>\n<p>Current research challenges and open issues are as follows:<\/p>\n<ul>\n<li>Correct identification, aggregation and correlation of events that make up an incident<\/li>\n<li>Automated incident classification<\/li>\n<li>Automated incident \/ problem management (workflow, processes)<\/li>\n<li>Root cause analysis in cloud computing<\/li>\n<li>Assessing business impact<\/li>\n<li>Incident management in multi-cloud approaches<\/li>\n<li>Transparency and audit<\/li>\n<li>Cloud anti-patterns<\/li>\n<li>Clear definition of outages given by cloud service providers<\/li>\n<\/ul>\n<h1>Architecture<\/h1>\n<p>A high level overview of the architecture can be seen below<\/p>\n<figure id=\"attachment_7839\" aria-describedby=\"caption-attachment-7839\" style=\"width: 584px\" class=\"wp-caption aligncenter\"><a href=\"http:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"size-large wp-image-7839\" src=\"http:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture-950x1024.jpg\" alt=\"Cloud Incident Management Architecture\" width=\"584\" height=\"629\" srcset=\"https:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture-950x1024.jpg 950w, https:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture-278x300.jpg 278w, https:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture.jpg 983w\" sizes=\"auto, (max-width: 584px) 100vw, 584px\" \/><\/a><figcaption id=\"caption-attachment-7839\" class=\"wp-caption-text\">Cloud Incident Management Architecture<\/figcaption><\/figure>\n<h1>Relevance to current and future markets<\/h1>\n<h3>Business Impact<\/h3>\n<p>The following items represent the business impact incident management brings:<\/p>\n<ul>\n<li>Automating incident management reduces the time spent by specialized personnel<\/li>\n<li>Automation reduces response time to incidents and thus prevents or reduces downtime as it is able to act as soon as the incident has happened<\/li>\n<li>Return on investment though availability, response time and throughput<\/li>\n<li>Incident management increases efficiency, reduces operating expenses, offers agility and reliability for business users<\/li>\n<\/ul>\n<h1>Contact point<\/h1>\n<p>For further information or assistance please contact <a href=\"http:\/\/blog.zhaw.ch\/icclab\/valon-mamudi\/\">Valon Mamudi<\/a>.<\/p>\n<div class=\"pt-sm\">Schlagw\u00f6rter: <a href=\"https:\/\/blog.zhaw.ch\/icclab\/tag\/cloud-incident-management-2\/\">cloud incident management<\/a><br><\/div>","protected":false},"excerpt":{"rendered":"<p>Overview Cloud Incident Management is a new research direction which focuses on conducting forensic investigations, electronic discovery (eDiscovery), and other critical aspects of security that are inherent in a multi-tenant, highly virtualized environment, along with any standards that need to be followed. An Incident is an event which occurs outside the standard operation plan and [&hellip;]<\/p>\n","protected":false},"author":142,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"footnotes":""},"categories":[431],"tags":[509],"features":[],"class_list":["post-7539","post","type-post","status-publish","format-standard","hentry","category-cloud-incident-management","tag-cloud-incident-management-2"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Cloud Incident Management - Service Engineering (ICCLab &amp; SPLab)<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cloud Incident Management\" \/>\n<meta property=\"og:description\" content=\"Overview Cloud Incident Management is a new research direction which focuses on conducting forensic investigations, electronic discovery (eDiscovery), and other critical aspects of security that are inherent in a multi-tenant, highly virtualized environment, along with any standards that need to be followed. An Incident is an event which occurs outside the standard operation plan and [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/\" \/>\n<meta property=\"og:site_name\" content=\"Service Engineering (ICCLab &amp; SPLab)\" \/>\n<meta property=\"article:published_time\" content=\"2014-08-03T13:19:12+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2015-08-27T12:11:22+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture-950x1024.jpg\" \/>\n<meta name=\"author\" content=\"mune\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"mune\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/\"},\"author\":{\"name\":\"mune\",\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/#\/schema\/person\/ad6f9dc95a64a3da5cfcbe9b76581014\"},\"headline\":\"Cloud Incident Management\",\"datePublished\":\"2014-08-03T13:19:12+00:00\",\"dateModified\":\"2015-08-27T12:11:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/\"},\"wordCount\":395,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture-950x1024.jpg\",\"keywords\":[\"cloud incident management\"],\"articleSection\":[\"Cloud Incident Management\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/\",\"url\":\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/\",\"name\":\"Cloud Incident Management - Service Engineering (ICCLab &amp; SPLab)\",\"isPartOf\":{\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture-950x1024.jpg\",\"datePublished\":\"2014-08-03T13:19:12+00:00\",\"dateModified\":\"2015-08-27T12:11:22+00:00\",\"author\":{\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/#\/schema\/person\/ad6f9dc95a64a3da5cfcbe9b76581014\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#primaryimage\",\"url\":\"https:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture.jpg\",\"contentUrl\":\"https:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture.jpg\",\"width\":983,\"height\":1060,\"caption\":\"Cloud Incident Management Architecture\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\/\/blog.zhaw.ch\/icclab\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cloud Incident Management\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/#website\",\"url\":\"https:\/\/blog.zhaw.ch\/icclab\/\",\"name\":\"Service Engineering (ICCLab &amp; SPLab)\",\"description\":\"A Blog of the ZHAW Zurich University of Applied Sciences\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.zhaw.ch\/icclab\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.zhaw.ch\/icclab\/#\/schema\/person\/ad6f9dc95a64a3da5cfcbe9b76581014\",\"name\":\"mune\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/7b886759523f8a854ac234c59f59f32dee27ca251311c457235251e8aa94bcaf?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7b886759523f8a854ac234c59f59f32dee27ca251311c457235251e8aa94bcaf?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7b886759523f8a854ac234c59f59f32dee27ca251311c457235251e8aa94bcaf?s=96&d=mm&r=g\",\"caption\":\"mune\"},\"url\":\"https:\/\/blog.zhaw.ch\/icclab\/author\/mune\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Cloud Incident Management - Service Engineering (ICCLab &amp; SPLab)","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/","og_locale":"en_US","og_type":"article","og_title":"Cloud Incident Management","og_description":"Overview Cloud Incident Management is a new research direction which focuses on conducting forensic investigations, electronic discovery (eDiscovery), and other critical aspects of security that are inherent in a multi-tenant, highly virtualized environment, along with any standards that need to be followed. An Incident is an event which occurs outside the standard operation plan and [&hellip;]","og_url":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/","og_site_name":"Service Engineering (ICCLab &amp; SPLab)","article_published_time":"2014-08-03T13:19:12+00:00","article_modified_time":"2015-08-27T12:11:22+00:00","og_image":[{"url":"http:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture-950x1024.jpg","type":"","width":"","height":""}],"author":"mune","twitter_card":"summary_large_image","twitter_misc":{"Written by":"mune","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#article","isPartOf":{"@id":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/"},"author":{"name":"mune","@id":"https:\/\/blog.zhaw.ch\/icclab\/#\/schema\/person\/ad6f9dc95a64a3da5cfcbe9b76581014"},"headline":"Cloud Incident Management","datePublished":"2014-08-03T13:19:12+00:00","dateModified":"2015-08-27T12:11:22+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/"},"wordCount":395,"commentCount":0,"image":{"@id":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#primaryimage"},"thumbnailUrl":"http:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture-950x1024.jpg","keywords":["cloud incident management"],"articleSection":["Cloud Incident Management"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/","url":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/","name":"Cloud Incident Management - Service Engineering (ICCLab &amp; SPLab)","isPartOf":{"@id":"https:\/\/blog.zhaw.ch\/icclab\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#primaryimage"},"image":{"@id":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#primaryimage"},"thumbnailUrl":"http:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture-950x1024.jpg","datePublished":"2014-08-03T13:19:12+00:00","dateModified":"2015-08-27T12:11:22+00:00","author":{"@id":"https:\/\/blog.zhaw.ch\/icclab\/#\/schema\/person\/ad6f9dc95a64a3da5cfcbe9b76581014"},"breadcrumb":{"@id":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#primaryimage","url":"https:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture.jpg","contentUrl":"https:\/\/blog.zhaw.ch\/icclab\/files\/2014\/08\/Architecture.jpg","width":983,"height":1060,"caption":"Cloud Incident Management Architecture"},{"@type":"BreadcrumbList","@id":"https:\/\/blog.zhaw.ch\/icclab\/cloud-incident-management\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/blog.zhaw.ch\/icclab\/"},{"@type":"ListItem","position":2,"name":"Cloud Incident Management"}]},{"@type":"WebSite","@id":"https:\/\/blog.zhaw.ch\/icclab\/#website","url":"https:\/\/blog.zhaw.ch\/icclab\/","name":"Service Engineering (ICCLab &amp; SPLab)","description":"A Blog of the ZHAW Zurich University of Applied Sciences","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.zhaw.ch\/icclab\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.zhaw.ch\/icclab\/#\/schema\/person\/ad6f9dc95a64a3da5cfcbe9b76581014","name":"mune","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/7b886759523f8a854ac234c59f59f32dee27ca251311c457235251e8aa94bcaf?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7b886759523f8a854ac234c59f59f32dee27ca251311c457235251e8aa94bcaf?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7b886759523f8a854ac234c59f59f32dee27ca251311c457235251e8aa94bcaf?s=96&d=mm&r=g","caption":"mune"},"url":"https:\/\/blog.zhaw.ch\/icclab\/author\/mune\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.zhaw.ch\/icclab\/wp-json\/wp\/v2\/posts\/7539","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.zhaw.ch\/icclab\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.zhaw.ch\/icclab\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.zhaw.ch\/icclab\/wp-json\/wp\/v2\/users\/142"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.zhaw.ch\/icclab\/wp-json\/wp\/v2\/comments?post=7539"}],"version-history":[{"count":9,"href":"https:\/\/blog.zhaw.ch\/icclab\/wp-json\/wp\/v2\/posts\/7539\/revisions"}],"predecessor-version":[{"id":8863,"href":"https:\/\/blog.zhaw.ch\/icclab\/wp-json\/wp\/v2\/posts\/7539\/revisions\/8863"}],"wp:attachment":[{"href":"https:\/\/blog.zhaw.ch\/icclab\/wp-json\/wp\/v2\/media?parent=7539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.zhaw.ch\/icclab\/wp-json\/wp\/v2\/categories?post=7539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.zhaw.ch\/icclab\/wp-json\/wp\/v2\/tags?post=7539"},{"taxonomy":"features","embeddable":true,"href":"https:\/\/blog.zhaw.ch\/icclab\/wp-json\/wp\/v2\/features?post=7539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}