Upload
siju-pavithran
View
216
Download
0
Embed Size (px)
Citation preview
8/8/2019 complaint cloud computing C3
1/33
Compliant Cloud Computing (C3): Architecture andLanguage Support for User-driven ComplianceManagement in Clouds
Siju.Pavithran
Roll no: 57
S7 Computer Science and Engineering
Government Engineering CollegeSreekrishnapuram Palakkad
December 2, 2010
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)
C3 December 2, 2010 1 / 33
8/8/2019 complaint cloud computing C3
2/33
1 Introduction
2 Service Models In Cloud3 C3:Compliant Cloud Computing
4 Use Case Model for C3
5
C3 Architecture6 C3 Language Support
7 C3 Technical Architecture And Middleware
8 Related Work
9 Conclusion And Future Scope
10 References
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)
C3 December 2, 2010 2 / 33
8/8/2019 complaint cloud computing C3
3/33
Introduction
Contents
1 Introduction
2 Service Models In Cloud
3 C3:Compliant Cloud Computing
4 Use Case Model for C3
5 C3 Architecture
6 C3 Language Support
7 C3 Technical Architecture And Middleware
8 Related Work
9 Conclusion And Future Scope
10 References
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)
C3 December 2, 2010 3 / 33
8/8/2019 complaint cloud computing C3
4/33
Introduction
Introduction
Cloud Computing :
promising approach for implementing highly scalable software systems .Cloud computing allows companies to decrease expensive in-housecomputer systems via pay-per-use solutions for computing cycles
requested on-demand.
loopholes:
lack of customized design in clouds.no guarentee in relation to the storage of data in specified geographical
domains.clumsy usage of the submitted data only to those intended by thesubmitting user.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 4 / 33
S i M d l I Cl d
8/8/2019 complaint cloud computing C3
5/33
Service Models In Cloud
Contents
1 Introduction
2 Service Models In Cloud
3 C3:Compliant Cloud Computing
4 Use Case Model for C3
5 C3 Architecture
6 C3 Language Support
7 C3 Technical Architecture And Middleware
8 Related Work
9 Conclusion And Future Scope
10 References
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 5 / 33
S i M d l I Cl d
8/8/2019 complaint cloud computing C3
6/33
Service Models In Cloud
Service Models In Cloud
Cloud computing provides three service models that provide different
levels of control and security. These levels are, in decreasing order ofcontrol and increasing order of security:
Infrastructure as a Service (IaaS);
Platform as a Service (PaaS); and
Software as a Service (SaaS)
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 6 / 33
C3:Compliant Cloud Computing
8/8/2019 complaint cloud computing C3
7/33
C3:Compliant Cloud Computing
Contents
1 Introduction
2 Service Models In Cloud
3 C3:Compliant Cloud Computing
4 Use Case Model for C3
5 C3 Architecture
6 C3 Language Support
7 C3 Technical Architecture And Middleware
8 Related Work
9 Conclusion And Future Scope
10 References
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 7 / 33
C3:Compliant Cloud Computing
8/8/2019 complaint cloud computing C3
8/33
C3:Compliant Cloud Computing
C3:Compliant Cloud Computing
C3:Compliant Cloud Computing
user-driven compliance management framework,like compliance comingfrom laws,internal policies etc.
C3 ensures that the Cloud providers are selected ensuring customizablecompliance with the user requirements, such as, security restrictions.
C3 infrastructure consisting of two major parts:
language concepts to express user requirements and Compliance LevelAgreements (CLAs)
a middleware for the deployment of C3-aware applications,for themanagement of CLAs.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 8 / 33
C3:Compliant Cloud Computing
8/8/2019 complaint cloud computing C3
9/33
C3:Compliant Cloud Computing
Contd....
Once the CLAs are agreed between a Cloud provider and a consumer,the C3 middleware manages the enactment of CLAs considering
available monitoring information and complying with predefinedsecurity, privacy, and trust issues.
This includes for example information flow restriction consideringgeographic and infrastructure affinity or automatic datafragmentation and aggregation among different Cloud providers.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 9 / 33
Use Case Model for C3
8/8/2019 complaint cloud computing C3
10/33
Use Case Model for C3
Contents
1 Introduction
2 Service Models In Cloud
3 C3:Compliant Cloud Computing
4 Use Case Model for C3
5 C3 Architecture
6 C3 Language Support
7 C3 Technical Architecture And Middleware
8 Related Work
9 Conclusion And Future Scope
10 References
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 10 / 33
Use Case Model for C3
8/8/2019 complaint cloud computing C3
11/33
Use Case Model for C3
T-Systems Deutsche Telekom PSP model can be taken in toconsideration to understand the infrastructure of C3 MODEL.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 11 / 33
Use Case Model for C3
8/8/2019 complaint cloud computing C3
12/33
Kindergarten(kiga) protocol
it include services for the enrolment of children to a particularkindergarten, absence recording of children, andmonitoring/controlling of kindergartens.
address in particular the following two compliance managementscenarios:
flexible compliance management of sensitive childrens data which isnecessary for the assignment of trained kindergarten teachers.guarantees that data is only stored in certain geographical regions e.g.,European Union due to various legal guidelines.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 12 / 33
Use Case Model for C3
8/8/2019 complaint cloud computing C3
13/33
Contd....
Thus, C3 should facilitate the following two compliance managementissues:
Dispersal of data among different protection domains as for examplebusiness and application data, which are dispersed among differentCloud providers.Storage of data only in certain geographic areas, and guarantees aboutits adequate retention policies, privacy, integrity, and safety.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 13 / 33
C3 Architecture
8/8/2019 complaint cloud computing C3
14/33
Contents
1 Introduction
2 Service Models In Cloud
3 C3:Compliant Cloud Computing
4 Use Case Model for C3
5 C3 Architecture
6 C3 Language Support
7 C3 Technical Architecture And Middleware
8 Related Work
9 Conclusion And Future Scope
10 References
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 14 / 33
C3 Architecture
8/8/2019 complaint cloud computing C3
15/33
C3 Application Deployement
A C3-aware Cloud provider can execute applications in compliancewith predefined security, privacy, and trust requirements as defined bythe C3 certification process.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 15 / 33
C3 Architecture
8/8/2019 complaint cloud computing C3
16/33
C3 Role Model
Each C3 role is exemplified using the KiGa use case.Before anapplication can be deployed to a Cloud provider, it has to be created(i.e. programmed) by an application developer.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 16 / 33
C3 Architecture
8/8/2019 complaint cloud computing C3
17/33
C3 Application Execution
Here we analyze the execution of the deployed application by a
C3-aware Cloud provider.We distinguish between three binding scenarios for the Cloudapplication execution.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 17 / 33
C3 Language Support
8/8/2019 complaint cloud computing C3
18/33
Contents
1 Introduction
2 Service Models In Cloud
3 C3:Compliant Cloud Computing
4 Use Case Model for C3
5 C3 Architecture
6 C3 Language Support
7 C3 Technical Architecture And Middleware
8 Related Work
9 Conclusion And Future Scope
10 References
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 18 / 33
C3 Language Support
8/8/2019 complaint cloud computing C3
19/33
C3 Language Support
the figure above shows the discription about the relation between
domain specific languages(DSLs) and compliance levelagreements(CLAs)CLAs are extended Service Level Agreements with the elements forthe specification of certifiable and auditable guarantees.Valid CLAdocuments are generated using predefined CLA templates.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 19 / 33
C3 Language Support
8/8/2019 complaint cloud computing C3
20/33
Model Driven DSL Development
the Model Driven Development of DSLs is divided into two parts:
the first part is the definition of a DSL e.g., necessary to specifydifferent data protection scenarios (upper part of Figure 6 ).The second part is the transformation of the DSL into the CLA (downpart of Figure 6).
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 20 / 33
C3 Language Support
8/8/2019 complaint cloud computing C3
21/33
Levels Of Abstraction In DSLs
DSLs can provide multiple levels of abstraction to help multiplestakeholders with different backgrounds and knowledge to expressrelations and behaviors of a domain with notations they are familiarwith.
For instance, domain experts do not have to deal with technologicalaspects, such as programming APIs or service interface descriptions.
the domain expert decides about the fragmentation method and theconcrete resources necessary to fragment data i.e., concrete Cloud
providers.the data analyst for example in the caseof a rdbms has to assignwhich columns of the data model have to be assigned to which region.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 21 / 33
C3 Language Support
8/8/2019 complaint cloud computing C3
22/33
Contd....
DSL is seperated into high level and low level. We exemplify theseparation based on KiGas data fragmentation problem.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 22 / 33
C3 Language Support
8/8/2019 complaint cloud computing C3
23/33
CLA Development:Relation with SLA
Service Level Agreements represent negotiated agreements between
two parties, namely the service consumer and the service provider.SLAs in computing resource markets specify measurable metricsexample availability, response time, and serviceability.
SLA is a valid CLA. CLAs extend SLAs with the parameters for thespecification of certifiable and auditable objectives in order to providesome kind of measurement for compliance agreements.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 23 / 33
C3 Technical Architecture And Middleware
8/8/2019 complaint cloud computing C3
24/33
Contents
1 Introduction
2 Service Models In Cloud
3 C3:Compliant Cloud Computing
4 Use Case Model for C3
5 C3 Architecture
6 C3 Language Support
7 C3 Technical Architecture And Middleware
8 Related Work
9 Conclusion And Future Scope
10 References
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 24 / 33
C3 Technical Architecture And Middleware
8/8/2019 complaint cloud computing C3
25/33
C3 Technical Architecture And Middleware
The C3 middleware consists of the two major parts :
A Decision making / deployment component (DCDM).The Runtime Component being responsible for the enactment of theCLAs.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 25 / 33
Related Work
8/8/2019 complaint cloud computing C3
26/33
Contents
1 Introduction
2 Service Models In Cloud
3 C3:Compliant Cloud Computing
4 Use Case Model for C3
5 C3 Architecture
6 C3 Language Support
7 C3 Technical Architecture And Middleware
8 Related Work
9 Conclusion And Future Scope
10 References
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 26 / 33
Related Work
8/8/2019 complaint cloud computing C3
27/33
Related Work
COMPAS (Compliance-driven Models, Languages, and Architecturesfor Services) is an example European Commissions Framework 7Specific targeted research project (STREP) dealing with compliance
issues of software services to business regulations and design rules.[4]The European project BREIN: to develop a framework, which willextend the Grid possibilities by driving their usage inside new targetareas in the business domain[3].
BREIN applies SLA management to Grids, whereas C3 targets CLAmanagement in Clouds.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 27 / 33
Conclusion And Future Scope
8/8/2019 complaint cloud computing C3
28/33
Contents
1 Introduction
2 Service Models In Cloud
3 C3:Compliant Cloud Computing
4 Use Case Model for C3
5 C3 Architecture
6 C3 Language Support
7 C3 Technical Architecture And Middleware
8 Related Work
9 Conclusion And Future Scope
10 References
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 28 / 33
Conclusion And Future Scope
C S
8/8/2019 complaint cloud computing C3
29/33
Conclusion And Future Scope
This was the first attempt by the authors to devise concepts forCompliant Cloud Computing (C3).
Requirements considering compliance management of security,
privacy, and trust related issues.Concepts for the languages necessary for the user based requirementsspecification (domain specific languages) and for the agreementspecification (compliance level agreement).
The C3 architecture considering application deployment, roles, andthe application execution issues.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 29 / 33
Conclusion And Future Scope
C d
8/8/2019 complaint cloud computing C3
30/33
Contd....
Finally,the technical architecture for the C3 middleware responsiblefor the application deployment execution, negotiation andenforcement, and compliance level agreements.
In the future ,investigations on various implementation issuesregarding available open source projects in compliance with C3.Furthermore,concepts for the certification processes of the C3-awareCloud providers could be implemented precisely.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 30 / 33
References
C
8/8/2019 complaint cloud computing C3
31/33
Contents
1 Introduction
2 Service Models In Cloud
3 C3:Compliant Cloud Computing
4 Use Case Model for C3
5 C3 Architecture
6 C3 Language Support
7 C3 Technical Architecture And Middleware
8 Related Work
9 Conclusion And Future Scope
10 References
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 31 / 33
References
R f
8/8/2019 complaint cloud computing C3
32/33
References
Amazon Elastic Compute Cloud (Amazon EC2),http://aws.amazon.com/ec2/ 2010.
Open Cloud manifesto 2009, http://www.opencloudmanifesto.org2010.
I. Brandic. Towards Self-manageable Cloud Services. RTSOAA 2009.
In conjunction with the 33rd Annual IEEE International ComputerSoftware and Applications Conference. July 20 - 24, 2009, Seattle,Washington, USA.
H. M. Frutos, I. Kotsiopoulos. BREIN: Business Objective Driven
Reliable and Intelligent Grids for Real Business, International Journalof Interoperability in Business Information Systems, Issue 3 (1), 2009.
Compliance-driven Models, Languages, and Architectures for Services(COMPAS), FP7 http://www.compas-ict.eu/ 2009.
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 32 / 33
8/8/2019 complaint cloud computing C3
33/33
....THANK YOU....
Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 33 / 33