Cloud Computing Contracts - Regulatory Issues and Cloud Service Providers' Offers: An Analysis

In cloud computing, a cloud service-brokering framework mediates between cloud service users (CSUs) and cloud service providers (CSPs) to facilitate the availability of cloud services to the users according to their requirements from multi-cloud environment. The current cloud service brokering framework considers the service performance commitments of CSPs, but it is not aware of current legal/regulatory compliance status of CSPs when recommending services to the users. A cloud contract (terms of service, Service Level Agreement (SLA)) helps cloud users in their decision making to select an appropriate CSP according to their expectations. CSUs feedback and survey report show that users are still not satisfied with the current terms and conditions committed to by CSPs. They believe that the terms and conditions are unclear or unbalanced, which they sometimes are when in favour of CSPs. In this paper, we identify some major issues to be included in cloud contract to make it safe and fair to all parties involved in the agreement from the European Union (EU) data protection perspective. Another contribution of the paper is analyzing cloud contracts (their terms of service and SLAs) offered by international CSPs in respect of the standard guidelines recommended by different independent bodies to include in the cloud contracts. This information is visualized in a sorting table, called a Heat Map table, which gives a clear picture of the regulatory compliance status of CSPs in their cloud contract documents.

[1]  Monica Palmirani,et al.  A Cloud Service Broker with Legal-Rule Compliance Checking and Quality Assurance Capabilities , 2015, Cloud Forward.

[2]  Shyam S. Wagle SLA Assured Brokering (SAB) and CSP Certification in Cloud Computing , 2014, 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing.

[3]  Rajkumar Buyya,et al.  Cloud Computing Principles and Paradigms , 2011 .

[4]  Pascal Bouvry,et al.  An Evaluation Model for Selecting Cloud Services from Commercially Available Cloud Providers , 2015, 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom).

[5]  Rajkumar Buyya,et al.  Inter‐Cloud architectures and application brokering: taxonomy and survey , 2014, Softw. Pract. Exp..

[6]  Cosimo Laneve,et al.  Engineering virtualized services , 2013, NordiCloud '13.

[7]  V. T. Raja,et al.  Protecting the privacy and security of sensitive customer data in the cloud , 2012, Comput. Law Secur. Rev..

[8]  Pascal Bouvry,et al.  Cloud service providers ranking based on service delivery and consumer experience , 2015, 2015 IEEE 4th International Conference on Cloud Networking (CloudNet).

[9]  Chris Reed,et al.  Information Ownership in the Cloud , 2010, Cloud Computing Law.

[10]  Rajkumar Buyya,et al.  InterCloud: Utility-Oriented Federation of Cloud Computing Environments for Scaling of Application Services , 2010, ICA3PP.

[11]  R. Bisdorff The EURO 2004 Best Poster Award: Choosing the Best Poster in a Scientific Conference , 2015 .

[12]  R. Bisdorff On Polarizing Outranking Relations with Large Performance Differences , 2013 .

[13]  Axel Küpper,et al.  Towards a Federated Cloud Ecosystem: Enabling Managed Cloud Service Consumption , 2012, GECON.

[14]  Radu Calinescu,et al.  Dynamic QoS Management and Optimization in Service-Based Systems , 2011, IEEE Transactions on Software Engineering.

[15]  Cosimo Laneve,et al.  Statically and Dynamically Verifiable SLA Metrics , 2016, Theory and Practice of Formal Methods.

[16]  George Kousiouris,et al.  A Cloud Provider Description Schema for Meeting Legal Requirements in Cloud Federation Scenarios , 2013, I3E.

[17]  Ian Horrocks,et al.  A software framework for matchmaking based on semantic web technology , 2003, WWW '03.