complaint cloud computing C3

8/8/2019 complaint cloud computing C3

1/33

Compliant Cloud Computing (C3): Architecture andLanguage Support for User-driven ComplianceManagement in Clouds

Siju.Pavithran

Roll no: 57

S7 Computer Science and Engineering

Government Engineering CollegeSreekrishnapuram Palakkad

December 2, 2010

Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)

C3 December 2, 2010 1 / 33


2/33

1 Introduction

2 Service Models In Cloud3 C3:Compliant Cloud Computing

4 Use Case Model for C3

5

C3 Architecture6 C3 Language Support

7 C3 Technical Architecture And Middleware

8 Related Work

9 Conclusion And Future Scope

10 References


C3 December 2, 2010 2 / 33


3/33

Introduction

Contents

1 Introduction

2 Service Models In Cloud

3 C3:Compliant Cloud Computing


5 C3 Architecture

6 C3 Language Support


8 Related Work


10 References


C3 December 2, 2010 3 / 33


4/33

Introduction

Introduction

Cloud Computing :

promising approach for implementing highly scalable software systems .Cloud computing allows companies to decrease expensive in-housecomputer systems via pay-per-use solutions for computing cycles

requested on-demand.

loopholes:

lack of customized design in clouds.no guarentee in relation to the storage of data in specified geographical

domains.clumsy usage of the submitted data only to those intended by thesubmitting user.

Siju.Pavithran Roll no: 57 S7 Computer Science and Engineering (Government Engineering College Sreekrishnapuram Palakkad)C3 December 2, 2010 4 / 33

S i M d l I Cl d


5/33

Service Models In Cloud

Contents

1 Introduction




5 C3 Architecture



8 Related Work


10 References


S i M d l I Cl d


6/33



Cloud computing provides three service models that provide different

levels of control and security. These levels are, in decreasing order ofcontrol and increasing order of security:

Infrastructure as a Service (IaaS);

Platform as a Service (PaaS); and

Software as a Service (SaaS)


C3:Compliant Cloud Computing


7/33


Contents

1 Introduction




5 C3 Architecture



8 Related Work


10 References




8/33




user-driven compliance management framework,like compliance comingfrom laws,internal policies etc.

C3 ensures that the Cloud providers are selected ensuring customizablecompliance with the user requirements, such as, security restrictions.

C3 infrastructure consisting of two major parts:

language concepts to express user requirements and Compliance LevelAgreements (CLAs)

a middleware for the deployment of C3-aware applications,for themanagement of CLAs.




9/33


Contd....

Once the CLAs are agreed between a Cloud provider and a consumer,the C3 middleware manages the enactment of CLAs considering

available monitoring information and complying with predefinedsecurity, privacy, and trust issues.

This includes for example information flow restriction consideringgeographic and infrastructure affinity or automatic datafragmentation and aggregation among different Cloud providers.


Use Case Model for C3


10/33


Contents

1 Introduction




5 C3 Architecture



8 Related Work


10 References




11/33


T-Systems Deutsche Telekom PSP model can be taken in toconsideration to understand the infrastructure of C3 MODEL.




12/33

Kindergarten(kiga) protocol

it include services for the enrolment of children to a particularkindergarten, absence recording of children, andmonitoring/controlling of kindergartens.

address in particular the following two compliance managementscenarios:

flexible compliance management of sensitive childrens data which isnecessary for the assignment of trained kindergarten teachers.guarantees that data is only stored in certain geographical regions e.g.,European Union due to various legal guidelines.




13/33

Contd....

Thus, C3 should facilitate the following two compliance managementissues:

Dispersal of data among different protection domains as for examplebusiness and application data, which are dispersed among differentCloud providers.Storage of data only in certain geographic areas, and guarantees aboutits adequate retention policies, privacy, integrity, and safety.


C3 Architecture


14/33

Contents

1 Introduction




5 C3 Architecture



8 Related Work


10 References


C3 Architecture


15/33

C3 Application Deployement

A C3-aware Cloud provider can execute applications in compliancewith predefined security, privacy, and trust requirements as defined bythe C3 certification process.


C3 Architecture


16/33

C3 Role Model

Each C3 role is exemplified using the KiGa use case.Before anapplication can be deployed to a Cloud provider, it has to be created(i.e. programmed) by an application developer.


C3 Architecture


17/33

C3 Application Execution

Here we analyze the execution of the deployed application by a

C3-aware Cloud provider.We distinguish between three binding scenarios for the Cloudapplication execution.


C3 Language Support


18/33

Contents

1 Introduction




5 C3 Architecture



8 Related Work


10 References


C3 Language Support


19/33

C3 Language Support

the figure above shows the discription about the relation between

domain specific languages(DSLs) and compliance levelagreements(CLAs)CLAs are extended Service Level Agreements with the elements forthe specification of certifiable and auditable guarantees.Valid CLAdocuments are generated using predefined CLA templates.


C3 Language Support


20/33

Model Driven DSL Development

the Model Driven Development of DSLs is divided into two parts:

the first part is the definition of a DSL e.g., necessary to specifydifferent data protection scenarios (upper part of Figure 6 ).The second part is the transformation of the DSL into the CLA (downpart of Figure 6).


C3 Language Support


21/33

Levels Of Abstraction In DSLs

DSLs can provide multiple levels of abstraction to help multiplestakeholders with different backgrounds and knowledge to expressrelations and behaviors of a domain with notations they are familiarwith.

For instance, domain experts do not have to deal with technologicalaspects, such as programming APIs or service interface descriptions.

the domain expert decides about the fragmentation method and theconcrete resources necessary to fragment data i.e., concrete Cloud

providers.the data analyst for example in the caseof a rdbms has to assignwhich columns of the data model have to be assigned to which region.


C3 Language Support


22/33

Contd....

DSL is seperated into high level and low level. We exemplify theseparation based on KiGas data fragmentation problem.


C3 Language Support


23/33

CLA Development:Relation with SLA

Service Level Agreements represent negotiated agreements between

two parties, namely the service consumer and the service provider.SLAs in computing resource markets specify measurable metricsexample availability, response time, and serviceability.

SLA is a valid CLA. CLAs extend SLAs with the parameters for thespecification of certifiable and auditable objectives in order to providesome kind of measurement for compliance agreements.


C3 Technical Architecture And Middleware


24/33

Contents

1 Introduction




5 C3 Architecture



8 Related Work


10 References




25/33


The C3 middleware consists of the two major parts :

A Decision making / deployment component (DCDM).The Runtime Component being responsible for the enactment of theCLAs.


Related Work


26/33

Contents

1 Introduction




5 C3 Architecture



8 Related Work


10 References


Related Work


27/33

Related Work

COMPAS (Compliance-driven Models, Languages, and Architecturesfor Services) is an example European Commissions Framework 7Specific targeted research project (STREP) dealing with compliance

issues of software services to business regulations and design rules.[4]The European project BREIN: to develop a framework, which willextend the Grid possibilities by driving their usage inside new targetareas in the business domain[3].

BREIN applies SLA management to Grids, whereas C3 targets CLAmanagement in Clouds.


Conclusion And Future Scope


28/33

Contents

1 Introduction




5 C3 Architecture



8 Related Work


10 References



C S


29/33


This was the first attempt by the authors to devise concepts forCompliant Cloud Computing (C3).

Requirements considering compliance management of security,

privacy, and trust related issues.Concepts for the languages necessary for the user based requirementsspecification (domain specific languages) and for the agreementspecification (compliance level agreement).

The C3 architecture considering application deployment, roles, andthe application execution issues.



C d


30/33

Contd....

Finally,the technical architecture for the C3 middleware responsiblefor the application deployment execution, negotiation andenforcement, and compliance level agreements.

In the future ,investigations on various implementation issuesregarding available open source projects in compliance with C3.Furthermore,concepts for the certification processes of the C3-awareCloud providers could be implemented precisely.


References

C


31/33

Contents

1 Introduction




5 C3 Architecture



8 Related Work


10 References


References

R f


32/33

References

Amazon Elastic Compute Cloud (Amazon EC2),http://aws.amazon.com/ec2/ 2010.

Open Cloud manifesto 2009, http://www.opencloudmanifesto.org2010.

I. Brandic. Towards Self-manageable Cloud Services. RTSOAA 2009.

In conjunction with the 33rd Annual IEEE International ComputerSoftware and Applications Conference. July 20 - 24, 2009, Seattle,Washington, USA.

H. M. Frutos, I. Kotsiopoulos. BREIN: Business Objective Driven

Reliable and Intelligent Grids for Real Business, International Journalof Interoperability in Business Information Systems, Issue 3 (1), 2009.

Compliance-driven Models, Languages, and Architectures for Services(COMPAS), FP7 http://www.compas-ict.eu/ 2009.



33/33

....THANK YOU....


complaint cloud computing C3

Documents

Transcript of complaint cloud computing C3