A Cloud Service Broker with Legal-Rule Compliance Checking and Quality Assurance Capabilities

Abstract The ICT industry, and specifically critical sectors such as healthcare, transportation, energy and government require as mandatory the compliance of the ICT systems and services with legislation and regulation, as well as with standards. In the era of cloud computing, and particularly in a public cloud scenario, this compliance management issue is exacerbated by the distributed nature of the system and by the limited control of the customer on the infrastructure/services. Also if the cloud industry is aware of this legislation/regulation compliance issue (e.g. the compliance program of Amazon, Google and Microsoft Azure), right now, there are nor reference architectures neither mechanisms capable to check and to assure, off-line and at run-time, that the compliance is guaranteed during the whole life cycle of a cloud service. Cloud service brokerage can play an important role in law/regulation compliance management of cloud services. In this paper we propose a broker-based solution for the management of law/regulation compliance. In the specific first we define a reference architecture for a legislation-aware cloud service broker, and second we propose an autonomic manager that integrate the MAPE-K control loop with the LegEx framework for the management of the legal compliance checking lifecycle.

[1]  Djamal Zeghlache,et al.  Cloud Service Delivery across Multiple Cloud Platforms , 2011, 2011 IEEE International Conference on Services Computing.

[2]  Antonio Pescapè,et al.  Cloud monitoring: A survey , 2013, Comput. Networks.

[3]  Emiliano Casalicchio An Autonomic Legal-Rule Aware Cloud Service Broker , 2015, 2015 International Conference on Cloud and Autonomic Computing.

[4]  Marwane El Kharbili Business Process Regulatory Compliance Management Solution Frameworks: A Comparative Evaluation , 2012, APCCM.

[5]  Patrizio Dazzi,et al.  QBROKAGE: A Genetic Approach for QoS Cloud Brokering , 2014, 2014 IEEE 7th International Conference on Cloud Computing.

[6]  Rajkumar Buyya,et al.  InterCloud: Utility-Oriented Federation of Cloud Computing Environments for Scaling of Application Services , 2010, ICA3PP.

[7]  Guido Governatori,et al.  Algorithms for tractable compliance problems , 2014, Frontiers of Computer Science.

[8]  Kanagasabai Rajaraman,et al.  OWL-S Based Semantic Cloud Service Broker , 2012, 2012 IEEE 19th International Conference on Web Services.

[9]  Guido Boella,et al.  Managing legal interpretation in regulatory compliance , 2013, ICAIL.

[10]  Monica Palmirani,et al.  RAWE: An Editor for Rule Markup of Legal Texts , 2013, RuleML.

[11]  Salvatore Venticinque,et al.  Cloud Brokering as a Service , 2013, 2013 Eighth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing.

[12]  Johan Tordsson,et al.  Towards Secure Cloud Bursting, Brokerage and Aggregation , 2010, 2010 Eighth IEEE European Conference on Web Services.

[13]  Guido Governatori,et al.  Regorous: a business process compliance checker , 2013, ICAIL.

[14]  George Kousiouris,et al.  A Cloud Provider Description Schema for Meeting Legal Requirements in Cloud Federation Scenarios , 2013, I3E.

[15]  Claus Pahl,et al.  A Comparison Framework and Review of Service Brokerage Solutions for Cloud Architectures , 2013, ICSOC Workshops.

[16]  Marin Litoiu,et al.  Introducing STRATOS: A Cloud Broker Service , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[17]  Axel Küpper,et al.  Towards a Federated Cloud Ecosystem: Enabling Managed Cloud Service Consumption , 2012, GECON.

[18]  Salvatore Venticinque,et al.  Evaluation and brokering of service level agreements for negotiation of cloud infrastructures , 2012, 2012 International Conference for Internet Technology and Secured Transactions.

[19]  Liana L. Fong,et al.  Cloud federation in a layered service model , 2012, J. Comput. Syst. Sci..

[20]  Giuseppe Contissa,et al.  Modelling temporal legal rules , 2011, ICAIL.

[21]  Michael W. Godfrey,et al.  Storm prediction in a cloud , 2013, 2013 5th International Workshop on Principles of Engineering Service-Oriented Systems (PESOS).

[22]  Guido Governatori,et al.  The Making of SPINdle , 2009, RuleML.

[23]  Salvatore Venticinque,et al.  Multi-objective Decision Support for Brokering of Cloud SLA , 2013, 2013 27th International Conference on Advanced Information Networking and Applications Workshops.

[24]  Johan Tordsson,et al.  Cloud brokering mechanisms for optimized placement of virtual machines across multiple providers , 2012, Future Gener. Comput. Syst..

[25]  Giannis Verginadis,et al.  Brokerage for Quality Assurance and Optimisation of Cloud Services: An Analysis of Key Requirements , 2013, ICSOC Workshops.

[26]  Vincenzo Grassi,et al.  MOSES: A Framework for QoS Driven Runtime Adaptation of Service-Oriented Systems , 2012, IEEE Transactions on Software Engineering.

[27]  Rajkumar Buyya,et al.  Inter‐Cloud architectures and application brokering: taxonomy and survey , 2014, Softw. Pract. Exp..

[28]  Simone Braun,et al.  Advanced service brokerage capabilities as the catalyst for future cloud service ecosystems , 2014, CCB '14.

[29]  Jin Tong,et al.  NIST Cloud Computing Reference Architecture , 2011, 2011 IEEE World Congress on Services.