The ICT industry, and specifically critical sectors such as healthcare, transportation, energy and government require as mandatory the compliance of the ICT systems and services with legislation and regulation, as well as with standards. In the era of cloud computing, and particularly in a public cloud scenario, this compliance management issue is exacerbated by the distributed nature of the system and by the limited control of the customer on the infrastructure/services. Also if the cloud industry is aware of this legislation/regulation compliance issue (e.g. the compliance program of Amazon, Google and Microsoft Azure), right now, there are nor reference architectures neither mechanisms capable to check and to assure, off-line and at run-time, that the compliance is guaranteed during the whole life cycle of a cloud service. Cloud service brokerage can play an important role in law/regulation compliance management of cloud services. In this paper we propose a broker-based solution for the management of law/regulation compliance. In the specific first we define a reference architecture for a legislation-aware cloud service broker, and second we propose an autonomic manager that integrate the MAPE-K control loop with the LegEx framework for the management of the legal compliance checking lifecycle.
A cloud service broker with legal-rule compliance checking and quality assurance capabilities / Casalicchio, Emiliano; Palmirani, Monica. - In: PROCEDIA COMPUTER SCIENCE. - ISSN 1877-0509. - STAMPA. - 68:(2015), pp. 136-150. (Intervento presentato al convegno 1st International Conference on Cloud Forward: From Distributed to Complete Computing, 2015 tenutosi a Pisa; Italy nel 2015) [10.1016/j.procs.2015.09.230].
A cloud service broker with legal-rule compliance checking and quality assurance capabilities
Casalicchio, Emiliano
;
2015
Abstract
The ICT industry, and specifically critical sectors such as healthcare, transportation, energy and government require as mandatory the compliance of the ICT systems and services with legislation and regulation, as well as with standards. In the era of cloud computing, and particularly in a public cloud scenario, this compliance management issue is exacerbated by the distributed nature of the system and by the limited control of the customer on the infrastructure/services. Also if the cloud industry is aware of this legislation/regulation compliance issue (e.g. the compliance program of Amazon, Google and Microsoft Azure), right now, there are nor reference architectures neither mechanisms capable to check and to assure, off-line and at run-time, that the compliance is guaranteed during the whole life cycle of a cloud service. Cloud service brokerage can play an important role in law/regulation compliance management of cloud services. In this paper we propose a broker-based solution for the management of law/regulation compliance. In the specific first we define a reference architecture for a legislation-aware cloud service broker, and second we propose an autonomic manager that integrate the MAPE-K control loop with the LegEx framework for the management of the legal compliance checking lifecycle.| File | Dimensione | Formato | |
|---|---|---|---|
|
Casalicchio_Cloud_2015.pdf
accesso aperto
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Creative commons
Dimensione
765.89 kB
Formato
Adobe PDF
|
765.89 kB | Adobe PDF |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
