A CLOUD SERVICE BROKER WITH LEGAL-RULE COMPLIANCE CHECKING AND QUALITY ASSURANCE CAPABILITIES



Similar documents
TECHNICAL SPECIFICATION: ABBREVIATIONS AND GLOSSARY

Security Issues in Cloud Computing

Table of Contents. Abstract... Error! Bookmark not defined. Chapter 1... Error! Bookmark not defined. 1. Introduction... Error! Bookmark not defined.

Trust and Dependability in Cloud Computing

Editorial NUMBER 01 NOVEMBER Editorial. Project overview. Reference architecture

Akoma Ntoso an open document standard for Parliaments

The Way to SOA Concept, Architectural Components and Organization

TECHNICAL SPECIFICATION: FEDERATED CERTIFIED SERVICE BROKERAGE OF EU PUBLIC ADMINISTRATION CLOUD

A framework for secure migration processes of legacy systems to the cloud

Cloud Panel Service Evaluation Scenarios

IAAS CLOUD EXCHANGE WHITEPAPER

A Cloud Platform for Delivering Instant Development Service with Service Oriented Approaches

Innovation by Service 2012

Improving Agility of Cloud Ecosystems with MODAClouds Introduction and objectives for the second year

ICT 7: Advanced cloud infrastructures and services

6 Cloud computing overview

OPEN DATA CENTER ALLIANCE USAGE Model: Software as a Service (SaaS) Interoperability Rev 1.0

Taming the Cloud: Safety, Certification and Compliance for Software Services

Tilburg University. Publication date: Link to publication

Cloud Computing are you ready?

Cloud Computing (f)or Grid Security

APPLIED AND INTEGRATED SECURITY

SeaClouds Open Reference Architecture

TECHNICAL SPECIFICATION: LEGISLATION EXECUTING CLOUD SERVICES

Cloud Service Brokerage: A Better Way to Manage and Deliver Cloud Services

ca IT Leaders Forum Working in the Cloud using the new ISO/IEC/ITU-T Cloud Computing Standards Dr David Ross, Chief Information Security Officer,

Boosting Productivity and Innovation Through. Public Sector Compliant Cloud Services

Cloud for Europe lessons learned

Service-Oriented Architectures

FLEXIANT. Utility Computing on Demand

Object Management Group Cloud Computing Standards

SPECS Secure Provisioning of Cloud Services based on SLA Management

ICT 7: Advanced cloud infrastructures and services. ICT 8: Boosting public sector productivity and innovation through cloud computing services

Cloud Security Specialist Certification Self-Study Kit Bundle

ARTIST Methodology and Tooling. Jesus Gorroñogoitia - Atos SOC Crete, 1 st July 2015

Sentinet for BizTalk Server SENTINET 3.1

SOA CERTIFIED JAVA DEVELOPER (7 Days)

Building More Reliable Cloud Services The CUMULUS Project

Guiding SOA Evolution through Governance From SOA 101 to Virtualization to Cloud Computing

CLOSER st Int. Conf. on Cloud Computing and Services Science: The Cloud Service Supply Chain

Integrated Monitoring Approach for Seamless Service Provisioning in Federated Clouds

Federal Enterprise Architecture and Service-Oriented Architecture

Deutsche Börse Cloud Exchange AG First vendor-neutral platform for IaaS cloud computing products. October 2013

Public Sector Cloud Services - The Telecom Perspective

Ontwikkelingen binnen cloud services (in het Engels)

1 Publishable summary

Cloud Computing An Introduction

OPEN DATA CENTER ALLIANCE Usage Model: Guide to Interoperability Across Clouds

SeaClouds Project D2.2 Initial architecture and design of the SeaClouds platform

OW2 Meeting Towards Building a Cloud Platform for Service Oriented Software Development

Platform Autonomous Custom Scalable Service using Service Oriented Cloud Computing Architecture

Tomáš Müller IT Architekt 21/04/2010 ČVUT FEL: SOA & Enterprise Service Bus IBM Corporation

Oracle Reference Architecture and Oracle Cloud

Data Sheet Netrounds Control Center

Contents Huntcliff, Suite 1350, Atlanta, Georgia, 30350, USA

Cordys Business Operations Platform

TECHNICAL SPECIFICATION: SECURE LEGISLATION-AWARE STORAGE SOLUTION

Consumption IT. Michael Shepherd Business Development Manager. Cisco Public Sector May 1 st 2014

TECHNOLOGY GUIDE THREE. Emerging Types of Enterprise Computing

Cloud Computing. by Civic Consulting (research conducted October 2011 January 2012)

Why Use OPTIMIS? Build and Run Services in the Most Suitable Cloud Venues. October 2012

Cloud Computing Technology

NIST Cloud Computing Reference Architecture

SOA Governance. Stephen G. Bennett, Clive Gee, Robert Laird, Co-authored and edited by Thomas Erl. Governing

Monitoring, Managing and Supporting Enterprise Clouds with Oracle Enterprise Manager 12c Name, Title Oracle

Cloud Essentials for Architects using OpenStack

Expert Reference Series of White Papers. Understanding NIST s Cloud Computing Reference Architecture: Part II

Sentinet for BizTalk Server SENTINET

Cloud computing: the state of the art and challenges. Jānis Kampars Riga Technical University

2014 Latin America Cloud Computing Market

Cloud Virtualization Specialist Certification Self-Study Kit Bundle

Platform Autonomous Custom Scalable Service using Service Oriented Cloud Computing Architecture

Contents. Overview 1 SENTINET

A Modeling Language for Activity-Oriented Composition of Service-Oriented Software Systems

Hubspan White Paper: Beyond Traditional EDI

Sentinet for Windows Azure SENTINET

and Deployment Roadmap for Satellite Ground Systems

Oracle Service Bus: - When to use, where to use and when not to use

Seamless adaptive multi- cloud management of service- based applications. European Open Cloud Collaboration Workshop, May 15, 2014, Brussels

Making Leaders Successful Every Day

MODAClouds. An FP7 Integrated Project

A Strawman Model. NIST Cloud Computing Reference Architecture and Taxonomy Working Group. January 3, 2011

CLOUD COMPUTING AS ENABLER FOR DURABLE IT SOLUTIONS

HNX. The Helix Nebula Marketplace. Marc-Elian Bégin, CEO, Co-founder, SixSq

Facilitating self-adaptable Inter-Cloud management

LEGAL ISSUES IN CLOUD COMPUTING

Deploying a Geospatial Cloud

Cloud for Europe trusted Cloud Services for the European market for public administrations

Public Cloud Workshop Offerings

ASCETiC Whitepaper. Motivation. ASCETiC Toolbox Business Goals. Approach

Heuristic policies for SLA provisioning in Cloud-based service providers

Security und Compliance in Clouds

SOA Maximizing Value of Cloud & On-Premise Applications & Services. Pierre Fricke Director Product Line Management, SOA Products Red Hat June 23, 2010

Validating Enterprise Systems: A Practical Guide

Hybrid Cloud Computing

On-demand Provisioning of Workflow Middleware and Services An Overview

Environments, Services and Network Management for Green Clouds

Moving beyond Virtualization as you make your Cloud journey. David Angradi

CLOUD ARCHITECTURE DIAGRAMS AND DEFINITIONS

Certified Cloud Computing Professional VS-1067

Transcription:

A CLOUD SERVICE BROKER WITH LEGAL-RULE COMPLIANCE CHECKING AND QUALITY ASSURANCE CAPABILITIES Cloud Forward 2015 7 October, 2015 Pisa, Scuola Normale Superiore Emiliano Casalicchio*, University of Rome Tor Vergata, DICII, Rome, Italy Monica Palmirani +, University of Bologna, CIRSFID, Bologna, Italy

CF2015 - E.Casalicchio M.Palmirani 2 Tender Cloud4Europe Goal of the tender was to investigate the state of the art in the research domain in order to produce precommercial outcomes in the cloud computing focused on some special challenges: Federated Certified Service Brokerage Secure, Legislation-Aware Storage Legislation Execution The solutions is oriented to PPAA services and it must include privacy-by-design approach Legislative Executor module guarantees the compliance checking with the legislation and the legal framework

CF2015 - E.Casalicchio M.Palmirani 3 Motivation Compliance with law/regulation is an emerging issue in cloud service. It s core to establish trust It s core to facilitate the adoption in government and critical sectors It s an element for calculating metrics

CF2015 - E.Casalicchio M.Palmirani 4 Motivation Cloud Service Brokers will play an important role in law/ regulation compliance management compliance checking in service on-boarding phase and service evolution phase (run time) third party independent audit in the whole service life cycle discovery of law/regulation compliant services aggregation, composition, orchestration of cloud services compliant with legislation run time monitoring of SLA and legal rule fulfilment service adaptation to maintain compliance

User Scenario CF2015 - E.Casalicchio M.Palmirani 5

ICCAC'15 - E.Casalicchio - University of Tor Vergata 6 Proposed solution: the broker architecture!!!!!!!!!!!!!!!!!service!providers!!!!!!!!!!!!!!!!service!consumers!! Accredita<on! Account!Management! Service!onAbording!! Service! Providers! Interfaces! Service! Consumers! Interfaces! Account!management! Service!discovery!&!presenta<on! Contract!management! Monitoring! Billing! Analysis of data for predict SLAs violation monitoring service metrics parameters Legal!engineers! Analy<cs! Service! Monitoring! Legisla<on! Management! Service!Quality! Assessment! Knowledge)(Data)Models)) Planning!and! Op<miza<on! Execu<on!and! Deployment! Quality) Assurance)&) Op;miza;on) service re-configuration, resource provisioning, traffic re-routing Execute policy interact with IaaS, PaaS or SaaS off-line verification collection of data!!!!!resources!(iaas,!paas,!saas)!

Proposed solution: The legislation aware autonomic manager!!!!!!!!!!!!!!!!!service!providers!! Accredita<on! Account!Management! Service!onAbording!! Legal!engineers! Analy<cs! Service! Monitoring!!!!!!Resources!(IaaS,!PaaS,!SaaS)! Broker Architecture Service! Providers! Interfaces! Legisla<on! Management! Service!Quality! Assessment! Service! Consumers! Interfaces! Knowledge)(Data)Models))!!!!!!!!!!!!!!!Service!Consumers! Account!management! Service!discovery!&!presenta<on! Contract!management! Monitoring! Billing! Planning!and! Op<miza<on! Execu<on!and! Deployment! Quality) Assurance)&) Op;miza;on) CF2015 - E.Casalicchio M.Palmirani 7 Legislation Aware Autonomic Manager Quality)Assurance)&)Op;miza;on) Service'Quality' Assessment' Service' Monitoring' Monitor) Analysis' Legisla;on)Management:) 5'to'monitor'and'analyse'the'law'and' regula9on'landscape' 5'to'check'the'compliance'to' legisla9on'in'term'of'non5func9onal' requirements,'' business'processes,'standard' adherence'and'other'constraints'' Analyser) Knowledge) Planning)and)Op;miza;on:) 5'to'maintaining'the'compliance'with' law'and'regula9on' 5'to'guarantee'that'all'the''non' func9onal'constraints'are'sa9sfied'and' the'broker/customer'u9lity'is' maximised' 5'service're5configura9on,'service' selec9on,'resource'provisioning,'traffic' re5rou9ng' Planner) Executor) Execu9on'' and' Deployment' MAPE-K Knowledge)(Data)Models))

Legal Sources Modelling Legal regulations General conditions Policies Analysis a NLP and Ontology b Legal Reasoning Engine CF2015 - E.Casalicchio M.Palmirani 8 Legal Compliance d Design-Time Compliance checking Analysis BPM editor c Business Process Modelling Modelling Phase Law Legal Rules LIME editor XML DB Compliance checking Compliance checking BPM DB e Prevent/ Simulate/Notify Violation f Run-Time Phase Legal Reasoning Engine Run-Time Compliance checking Request of compliance Cloud Service

CF2015 - E.Casalicchio M.Palmirani 9 Standards Akoma Ntoso XML standard for modelling legal document adopted by the EU Parliament, EU Commission and other Parliament/Gazette in EU (e.g. UK, IT, etc.) LegalRuleML Deontic operators (right, obligation, permission, prohibition, violation, reparation) Defeasible operators (overruling, ranking of the rules and qualification of the rules: strict, defeasible, defeater) Temporal and jurisdiction metadata BPMN2.0

CF2015 - E.Casalicchio M.Palmirani LE Architecture LegalRuleML BPMN2.0 LegalRuleML

CF2015 - E.Casalicchio M.Palmirani 11 Conclusions Integrated approach for the solution of the autonomic management of run-time legal-rule compliance of cloud services Modelling of the BPM in forward approach using privacy-by-design approach - Monitoring module Detection of the violations in backward - Service Quality Assessing/Analysis modules Validation on-demand of the services or broker - Executive module Transparent process based on standards XML in open format for permitting audit and accountability Dynamic detection of violation and of the legislative changes for minimizing the violation Patterns approach in order to store static rules in the KB

CF2015 - E.Casalicchio M.Palmirani 12 Questions? Thanks for your attention emiliano.casalicchio@uniroma2.it monica.palmirani@unibo.it

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information