International Conference on Information Technology Systems and Innovation (ICITSI) 2014
Bandung-Bali, 24-27 November 2014
ISBN: 978-1-4799-6526-7
6/$LQ&ORXG&RPSXWLQJ
,PSURYLQJ6/$V/LIH&\FOH$SSO\LQJ6L[6LJPD
Nabila Rizky Oktadini
School of Electrical Engineering and Informatics
Institut Teknologi Bandung
Bandung, Indonesia
nabilarizky@students.itb.ac.id
Abstract Complexity of business process in higher
education, make it very reasonable for university to adopt cloud
computing for a better quality services and education. Many
researches showed that cloud computing does a great job in
educational environment. Despite many advantages existing,
cloud computing has not separated from security incidents. So
that, an organized management, security awareness, and Services
Level Agreement (SLA), a contract between a user and a
provider of a service specifying the conditions under which a
service may be used, will be needed in order to minimize the risk.
DMAIC approach can improve quality of cloud computing
service level agreement by eliminating non-value added steps.
Together with ITIL, DMAIC (Six Sigma) make a great
combination for improving the quality of IT service delivery and
support. In this research we will use it to improve SLA life cycle
in cloud based academics services. Designing SLA through Six
Sigma approach can be a powerful in the educational setting even
though it was developed with manufacturing processes in mind.
KeywordsCloud Computing; Service Level Agreement;
ITIL; Six Sigma.
I. INTRODUCTION
Education is a form of learning in which the knowledge,
skills, and habits of a group of people are transferred from one
generation to the next through teaching, training, or research.
It is a conscious and deliberate effort to create an atmosphere
of learning and the process so that learners are actively
developing their potential. College education as a unit of
higher education providers in the implementation of its
activities include educational activities of teaching, research
and community service, cannot be separated from the data and
information.
Complexity of business process in higher education, make
it very reasonable for university to adopt cloud computing for
a better quality services and education. Cloud computing is a
means by which to this point have been used widely which
provides services that allows resources to be use by anyone at
anytime from anywhere. The costs as well as the maintenance
is relatively cheaper. Many researches showed that cloud
computing does a great job in educational environment.
Despite many advantages existing, cloud computing has not
separated from security incidents. So that, an organized
management, security awareness, and Services Level
978-1-4799-6527-4/14/$31.00 2014 IEEE
279
Kridanto Surendro
School of Electrical Engineering and Informatics
Institut Teknologi Bandung
Bandung, Indonesia
surendro@gmail.com
Agreement (SLA) will be needed in order to minimize the
risk.
Service level agreements play an important role to guide
outsourcing vendors to understand customers business need.
Normally outsourcing vendors have to ensure that the agreed
service level agreements are met. Therefore, it is necessary to
be able to effectively develop service level agreements to
avoid resource failures. From empirical research, there are
some shortcomings in service level agreement in practice. The
major problems include unclear service specification,
incomplete service specifications, insufficient cost
management, and nuclear focus of specification.
Most service level agreements focus on agreements
regarding the effort that will be spent by the outsourcing
vendor in case a problem occurs. Indeed, outsourcing
customer should pay more attention to the commitments on
the effectiveness of a service for its business processes and its
business objectives. ITIL defines service management and Six
Sigma defines the quality improvement. Together, they make
a great combination for improving the quality of IT service
delivery and support. In this paper we propose a model to
define SLAs service process on cloud based academics
services applying Six Sigma.
II. LITERATURE REVIEW
A. Cloud Computing (CC)
There are numerous definitions available on cloud
computing. The term "cloud" originates from the world of
telecommunications when providers began using virtual
private network (VPN) services for data communications [1].
Cloud computing deals with computation, software, data
access and storage services that may not require end-user
knowledge of the physical location and the configuration of
the system that is delivering the services. Cloud computing is
a recent trend in IT that moves computing and data away from
desktop and portable PCs into large data centers [2]. The
definition of cloud computing provided by National Institute
of Standards and Technology (NIST) says that: "Cloud
computing is a model for enabling convenient, on-demand
network access to a shared pool of configurable computing
resources (e.g., networks, servers, storage applications and
services) that can be rapidly provisioned and released with
minimal management effort or service provider interaction.
[3]" With the large scale proliferation of the internet around
the world, applications can now be delivered as services over
the internet. As a result this reduces the overall cost.
Based on NIST Cloud computing has following
characteristics. (1)On-demand self-service, (2)Broad network
access, (3)Resource pooling and (4)Rapid elasticity. And it
has three models of deployment which can be choosen for
cloud computing implementation. (1)Private Cloud,
(2)Communty Cloud, (3)Public Cloud, (4)Hybrid Cloud.
B. IT Services Management.
IT Service Management (ITSM) is the set of processes that
allow planning, organizing, directing and controlling the
provisioning of IT services. Most organizations rely on
Information Technology (IT) services to support their business
processes. IT services are built upon the technical
infrastructure (servers and network devices), as well as on
systems and application software. The set of processes that
allow planning, organizing, directing and controlling the
provisioning of IT services is usually called an IT Service
Management (ITSM) framework. Several ITSM frameworks
have been proposed, such as ITIL[4], ISO 20000[5] (based on
ITIL v.2), MOF [6] (a Microsoft proposal, also influenced by
ITIL), ISM [7], or HP ITSM [8].
In ITIL, the most widely used ITSM framework, some of
the processes are: incident management, problem
management, change management, service asset and
configuration management and service level management [8].
In order to support these processes, IT providers use two kinds
of applications: service management applications, which allow
to track IT services incidents and problems; and systems
management tools, for monitoring and control networks,
systems or applications [9]. Figure 1 will describe the
framework of ITIL.
Fig 1. IT Infrastucture Library (ITIL) Framework
280
Among the concerns of ITSM, namely within the service
level management process, are the requirements for services
availability, performance, accuracy, capacity and security,
which are specified in terms of service-level agreements
(SLA)[5].
C. SLA
A Service Level Agreement (SLA) is a contract between a
user and a provider of a service specifying the conditions
under which a service may be used [10] An SLA usually
specifies the agreed-upon level of availability, serviceability,
performance, and operation of services in measurable terms,
what services the service provider will furnish and what
penalties will assess if the service provider can not meet the
established goals [11].
In outsourcing context, service level agreement has been
considered as adequate compensation to the company for its
outsourcing service providers failure to satisfy performance
standards. Effective service level agreements are extremely
important to ensure effective outsourcing engagements[12].
When a new IT service is conceived and the need for an
SLA is identified by its stakeholders, the SLA negotiation
takes place at some point of Service Design. For each relevant
quality attribute identified, the definition for its acceptable
range must be sought. When an agreement is found around the
SLA specification, a SLA owner/manager is assigned and the
SLA becomes available for Service Transition activities, in
preparation for deployment.
D. Six Sigma
Six Sigma was created by Motorola and is based on the
work of W. Edwards Deming. Professor Deming observed that
85 percent of the reasons for failure to meet customer
expectations are related to deficiencies in systems and process.
The Six Sigma process uses data and rigorous statistical
analysis to identify defects in a process or product, reduce
variability, and achieve as close to zero defects as possible.
Using a universal measurement scale, Six Sigma defines
and estimates the opportunities for error and calculates defects
in the same way every time, thus offering a means for
measuring improvement. The Six Sigma methodology
incorporates this data and statistical analysis into a project-
based workflow that allows businesses to make intelligent
decisions about where and how to incorporate improvements.
At the heart of Six Sigma is a five-phase process improvement
methodologycalled DMAICfor analyzing and improving
business process. DMAIC is an acronym for the five phases of
the model.
Figure 2 explain about Six Sigma DMAIC process:
Define opportunities, Measure performance, Analyze factors
impacting performance, Improve performance, and Control
performance.
 case of literature, these associations are between literatures
and mapping can help to identify issues such as proximity and
connections in terms of ideas and finding.

Fig. 3. Literature Map of Research

B. Preliminary Research
Fig.2 A schematic overviwe of the Six Sigma DMAIC process
At this section, we will start to formulate new
improvisation method to define SLA in cloud based university
III. RESEARCH METHODOLOGY based on literature map and the steps mentioned in section III.
Now, author will analize some literature related to life cycle of
The perspectives and experiences of the researcher SLA published by Sun Microsystem Internet Data Center,
influence a research design. These views and experiences are TeleManagement Forum, Clouds Security Alliance Guide,
used to guide how and for whom the research problem is being Cloud Standards Customer Council.
investigated, what research approach and methods of Sun Mycrosystem Internet Data Center Group define
gathering suitable research data will be used [13]. there are six steps of service process on creating SLA life
First, author will focus on SLA life cycle and service cycle, shown in Figure 4.
process according to some related researches of cloud
computing and then evaluate it. Second, author will make a
mapping of SLAs life cycle to DMAIC cycle from Six
Sigma. Third, we will review and evaluate it. Finally a new
improvisation on SLA life cycle for cloud based university
will be proposed as a result.
IV. DISCUSSION

A. Literature Map
Mapping is a very useful graphical technique that helps us
to visualise connections and relative relationships between Fig 4. Life Cycle of Service Level Agreement (Sun Microsystem)
things. Figure 3 show a literature map of this research. In the

281
 TeleManagement Forum, a global trade association cloud computing executives should examine the draft of cloud
trusted by the worlds largest enterprises, through SLA computing service level agreement. Every service level
handbook Solution Suite V2.0 (SOA) define that there are 5 agreement must be analyzed from the following aspects: the
phase of creating SLA[15]. (1)SLA Development in which the involved parties, the measuring parameters, the service level
SLA templates are developed, (2)Negotiation and Sales: In objectives, and the appropriate actions to be taken if a
this phase the SLA is negotiated and the contracts are violation of these objectives has been detected.
executed, (3)Implementation: where the SLA is generated. (4) The next step is creating process life cycle of cloud
Execution: The SLA is executed, monitored, and maintained, computing service based on references above and collaborate
(5)Assessment: Evaluation of the SLA performance. In this it with DMAIC cycle will be shown in Figure 5. We only
phase, a re-evaluation of the initial SLA template might be include two domains, considering SLA Life Cycle Six Steps
done. and SLA Handbook Solution Suite V2.0 which already showed
According to Cloud Security Alliance Guide, There are process cycle of SLA.
14 best practices to ensure security of cloud computing [16]:
(1) Cloud Computing Architectural Framework,
(2)Governance and Enterprise Risk Management,
(3)Contracts and Electronic Discovery, (4)Compliance and
Audit Management, (5)Information Management and Data
Security, (6)Interoperability and Portability Operating in the
Cloud, (7)Traditional Security, Business Continuity, and
Disaster Recovery, (8)Data Center Operations, (9)Incident
Response, (10)Application Security, (11)Encryption and Key
Management, (12)Identity, Entitlement, and Access
Management, (13)Virtualization, (14)Security as a Service.
The Practical Guide to Cloud Computing (CSCC) is a
collaborative effort that brings together diverse customer-
focused experiences and perspectives into a single guide for IT
and business leaders who are considering cloud adoption. It
publish 10 steps to take in order to evaluate and negotiate an
Fig. 5. Mapping of SLA Life Cycle to DMAIC
agreement with cloud computing service provider:
(1)Understand roles and rsponsibilities,(2)Evaluate Business
level policies, (3)Understand service and deployment model C. Proposed Model
differences, (4)Identify critical performance objectives, Based on analysis we did, author propose an improvisation of
(5)Evaluate security and privacy requirement, (6)Identify SLA life cycle adopting DMAIC approach.
service managemen requirement, (7)Prepare for service failure
management, (8)Understand the disaster recovery plan,
(9)Define an effective management process, (10)Understand
the exit process.
From explanation above, we make a mapping of service
process of Cloud SLA to DMAIC Cycle (Six Sigma) shown
in Table I.

TABLE I. MAPPING OF CLOUD SLA SERVICE PROCESS TO DMAIC

Litertature Source D M A I C
SLA Life Cycle Six Steps Sun Microsystem 9 9 9 9
(Data Center) Internet Data Center
Group (2002)
SLA Handbook Solution TeleManagement 9 9 9 9
Suite V2.0 (SOA) Forum (2008)
Security Guidance for Cloud Security 9 9
Critical Areas of Focus in Alliance Guide
Cloud Computing v3.0 (2011)
Practical Guide to Cloud Cloud Standards 9 9 9
service level Agreement Costumer Council
Version 1.0 (2012)

We can infer some parts of DMAIC cycle already

included in the process of the literature reviewed even though
most of them dont have analyse phase which is the main key
to the success of quality improvement. During this period, Fig. 6. Proposed Model

282
 Figur 6 explain eight steps to take in order to improve
service level agreement in cloud based university. First step is
Define Service Level, then Negotiate Agreement, the step with
blue, are steps define from DMAIC cycle of Six Sigma.
Next step is the green one, the measuring step of DMAIC
cycle. Measuring service level become crucial in Six Sigma.
We have to measure service level otherwise cloud computing
business would be lost of control and university would not
gain their expected service level. In Analysing step which is
the yellow one refer to analyse of DMAIC, every service
level agreement must be analyzed from many aspects such as
the involved parties, the measuring parameters, the service
level objectives, what actions to be taken if a violation
occurred, and check any existent continuous possibility of
improvement. These step included to purple group which is
representation of improve step of DMAIC cycle. The last
two steps are about control. From the analysis we did, we
can choose to correct any mistakes in service level, or
terminate SLA.
Six Sigma is a management methodology which
allows companies to use data to eliminate defects in any
process. Six Sigma is the careful, analytical thought process of
solving problems using data. Many of the worlds top
corporations have used Six Sigma to increase profits. So that,
we assume that adopting sub methodology of six sigma which
known as DMAIC cycle, we can improve quality of cloud
computing service level agreement.
V. CONCLUSION
Service level agreements for cloud based academics
service are useful for customers (student, teacher, academic
staff) and vendors (cloud service provider). Many approaches
have been used to improve the performance of service level
agreement. Six Sigma is such a process that brings additional
benefits to ITIL and help organizations to adopt best practices
for service delivery by a quality process which ensure its
success. Designing SLA through Six Sigma approach can be a
powerful in the educational setting even though it was
developed with manufacturing processes in mind.
A. Limitation and Future Research
The paper is still a proposed model that has not been
implemented and tested, in future research it might be good to
run case studies to implement and test the model.
[5] [5] ISO20000-1, Information technology -- Service management -- Part
1: Specification; ISO20000-2, Information technology -- Service
management -- Part 2: of practice, International Organization for
Standardization, 2005.
[6] [6] MS, M.C.-. Microsoft Operations Framework (MOF) 4.0, Microsoft
Corporation, 2008.
[7] Lindquist, D., Madduri, H., Paul, C.J., and Rajaraman, B.: IBM Service
Management architecture, IBM Systems Journal, 2007, 46(3), pp. 423-
440.
[8] Sall, M..IT Service Management and IT Governance: Review,
Comparative Analysis and their Impact on Utility Computing, Hewlett-
Packard Research Labs, 2004
[9] Mayerl, C., Vogel, T., and Abeck, S.: SOA-based Integration of Service
Management Applications, Proc. of the IEEE International Conference
on Web Services, 2005.
[10] T. Sandholm, Service Level Agreement Requirements of an
Accounting Driven Computational Grid,
www.hpl.hp.com/personal/Thomas_Sandholm/sandholm2005b.pdf
[11] E.Marilly, O.Martinot, H.Papini, D. Goderis, Service Level
Agreements: a Main Challenge for Next Generation Networks, 2002
2nd European Conference on Universal Multiservice Networks,
ECUMN, August 2002, pp.297-304
[12] Jinmei Huai, "Design Service Level Agreements in Outsourcing
Contracts," Management and Service Science (MASS), 2010
International Conference on , vol., no., pp.1,4, 24-26 Aug. 2010
[13] Janssen, M. & Cresswell, A. (2005) An Enterprise Application
Integration Methodology for E-Government. Journal of Enterprise
Information Management, 18(5), pp.531-547.
[14] Wustenhoff, Edward. Service Level Agreement in the Data Center,
Sun Professional Services Sun BluePrints OnLine. 2002
[15] TMF. SLA Handbook Solution Suite V2.0 TeleManagement Forum.
2008
[16] Chris Hoff, Paul Simmonds Security Guide For Critical Areas of Focus
in Cloud Computing V.3.0 Cloud Security Alliance Guide. 2011
[17] CSCC. Practical Guide to Cloud Computing Version 2.0, Cloud
Standards Costumer Council. 2014

REFERENCE:
[1] L.M.Kaufinan, "Data Security in the World of Cloud Computing", in
IEEE Security & Privacy. vol. 7, pp. 61-64, August 2009.
[2] M.D. Dikaiakos, G.Pall, D.Katsaros, P,Mehra, A.Vakali, "Cloud
computing : Distributed Internet Computing for IT and Scientific
Research", IEEE Internet Computing, vol. 13, pp. 10-13, October 2009.
[3] National Institute of Standards and Technology - Computer Security
Resource Center - www.csrc.nist.gov
[4] [4] ITIL3Sm, OGC-Office of Government Commerce: Summary, ITIL
Version 3, ITSMF- IT Service Management Forum, 2007.

283