Contract-based cloud architecture

Cloud Computing as a service on demand architecture has become a topic of interest in the last few years. The outsourcing of duties and infrastructure to external parties enables new services to be established quickly and with low financial risk. These services also can be scaled on demand. Nevertheless, several issues such as security and legality should be considered before entering the cloud. The financial benefits of cloud services conflict with the need to secure and control the access to outsourced information. Companies have to comply with diverse laws across jurisdictions and are accountable to various national regulators. Security requirements may not be compatible with those offered by existing providers. In this paper, we propose an architecture to facilitate the integration of these security requirements in the cloud environment and to address the legal issues attached. Our approach customizes the selection of a service provider based on the companies preference. We also define a trusted third party to handle the monitoring and auditing processes over different service providers.

[1]  Rajkumar Buyya,et al.  A Negotiation Mechanism for Advance Resource Reservations Using the Alternate Offers Protocol , 2008, 2008 16th Interntional Workshop on Quality of Service.

[2]  Carlo Ghezzi,et al.  Automated Dynamic Maintenance of Composite Services Based on Service Reputation , 2007, ICSOC.

[3]  Tad Hogg,et al.  Spawn: A Distributed Computational Economy , 1992, IEEE Trans. Software Eng..

[4]  Thomas J Smedinghoff Information Security: The Emerging Standard for Corporate Compliance , 2008 .

[5]  Asit Dan,et al.  Web services agreement specification (ws-agreement) , 2004 .

[6]  Li Zhang,et al.  Tycoon: An implementation of a distributed, market-based resource allocation system , 2004, Multiagent Grid Syst..

[7]  Lundy Lewis,et al.  Managing Business and Service Networks , 2001, Network and Systems Management.

[8]  Christoph Meinel,et al.  Constructing a Context-Aware Service-Oriented Reputation Model Using Attention Allocation Points , 2009, 2009 IEEE International Conference on Services Computing.

[9]  Manfred A. Jeusfeld,et al.  Business data management for business-to-business electronic commerce , 2002, SGMD.

[10]  Peter Sommerlad,et al.  Security Patterns: Integrating Security and Systems Engineering , 2006 .

[11]  Erich Schikuta,et al.  Aggregating Hierarchical Service Level Agreements in Business Value Networks , 2009, BPM.

[12]  Christoph Meinel,et al.  Security Requirements Specification in Service-Oriented Business Process Management , 2009, 2009 International Conference on Availability, Reliability and Security.

[13]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[14]  Heiko Ludwig,et al.  The WSLA Framework: Specifying and Monitoring Service Level Agreements for Web Services , 2003, Journal of Network and Systems Management.

[15]  C. Meinel,et al.  Getting More from Reputation Systems: A Context–Aware Reputation Framework Based on Trust Centers and Agent Lists , 2008, 2008 The Third International Multi-Conference on Computing in the Global Information Technology (iccgi 2008).

[16]  Tim Mather,et al.  Cloud Security and Privacy - An Enterprise Perspective on Risks and Compliance , 2009, Theory in practice.

[17]  Adrian Paschke RBSLA A declarative Rule-based Service Level Agreement Language based on RuleML , 2005, International Conference on Computational Intelligence for Modelling, Control and Automation and International Conference on Intelligent Agents, Web Technologies and Internet Commerce (CIMCA-IAWTIC'06).

[18]  Christoph Meinel,et al.  A pattern-driven security advisor for service-oriented architectures , 2009, SWS '09.

[19]  Stephen A. White,et al.  Business Process Modeling Notation (BPMN), Version 1.0 , 2004 .

[20]  Geoffrey Macnab,et al.  The big switch , 2009 .

[21]  Chetan S. Sankar,et al.  Analysis of Names and Relationships Among Data Elements , 1985 .

[22]  Rajkumar Buyya,et al.  Aneka: Next-Generation Enterprise Grid Platform for e-Science and e-Business Applications , 2007, Third IEEE International Conference on e-Science and Grid Computing (e-Science 2007).

[23]  Christoph Meinel,et al.  Distributed Trust Management for Validating SLA Choreographies , 2010 .

[24]  Wolfgang Emmerich,et al.  SLAng: a language for defining service level agreements , 2003, The Ninth IEEE Workshop on Future Trends of Distributed Computing Systems, 2003. FTDCS 2003. Proceedings..

[25]  Jeffrey Barlow,et al.  The Big Switch , 2021, Early Years Educator.