Professional Documents
Culture Documents
S
e
l
e
c
t
a
s
e
r
v
i
c
e
monitoring
Risk
management
Security
management
Figure 3. Governance means controlling access to service using policies,
tracking Services using repositories, and logging and monitoring the execution
of those Services. The master repository track the enterprises records and the
slave repository track the records in the cloud.
2) Security Management Model
Integration.
Look for integration points with security and identity
management technologies you already have, such as Active
Directory, and controls for role-based access and entity-level
applications.
Privacy.
Make sure a cloud service includes data encryption,
effective data anonymization, and mobile location privacy. [9]
Access.
When you place your resources in a shared cloud
infrastructure, the provider must have a means of preventing
inadvertent access.
Jurisdiction.
The location of a cloud providers operations can affect
the privacy laws that apply to the data it hosts. Laws may limit
the ability of agencies to store official records in the cloud. [19]
3) Services Management Model
Service discovery
Service discovery refers to the process of finding,
analyzing, and detailing an existing service and the use of a
policy to govern that service. The great thing about this feature
is that you simply enter in the location of the service, and the
runtime service governance technology does the rest, including
entering aspects of the service into the repository.
Service delivery
Service delivery is the process of moving services from
development to execution or production. Moreover, it means
moving services from a staging to execution environment, such
as on-premise to cloud-computing platforms.
SLAs management
Setting and maintaining appropriate service levels refers
to making sure that all of the services execute per the service
agreements and preset levels. This is especially important in an
architecture that leverages cloud computing since they may
come with SLAs, or service level agreements, that must also be
managed.
Errors and exceptions management
Any errors and exceptions that occur are captured,
analyzed, and perhaps recovered from automatically. Typically
this means that those who implement the policies must define
how errors and exceptions should be managed for a specific
service, or group of services. The objective is to recover from
most errors and exceptions without human intervention, if
possible.
Auditing and logging management
Auditing and logging means tracking the execution of the
services and the policies, including what they do, when they do
it, and who they do it with. This allows those who manage the
holistic architecture to analyze auditing and logging
information to determine why problems occurred, or better yet,
prevent them. Auditing is required by many legal compliance
standards, such as those imposed on public companies or those
in regulated vertical markets.
4) Risk Management Model
A risk assessment framework will be developed
leveraging existing methodologies. This framework
will be tailored to the CSPs processes and will be
accompanied by a risk assessment process definition.
The CSPs compliance requirements will be
rationalized to support the development of the unified
control matrix.
The unified control matrix will be developed and
mapped against current control processes with gaps
identified.
KPIs will be defined to monitor progress and provide a
basis for ongoing measurement and project
management office dashboard reporting. [8]
VI. SUMMARY
In this paper, the authors have provided an overview of an
outline model for cloud governance. This model is based on
requirements that underline the need for policy and process
management, services life-cycle management, visibility and
contextualization. In this domain, such a framework is a
prerequisite for successfully implement cloud computing.
ACKNOWLEDGMENT
There are a bunch of people to thank for this paper,
including meina-Song and junde-Song xiaoqi-zhang. This
paper would not exist but for their faith in me, and I offer them
my heartfelt thanks.
REFERENCES
[1] Service-oriented architecture, available at
http://en.wikipedia.org/wiki/Service_Oriented_Architecture.
[2] http://www.itbusinessedge.com/
[3] http://www.layer7tech.com/main
[4] http://www.zapthink.com/
[5] Michael R. Head, Anca Sailer, Hidayatullah Shaikh, Mahesh
Viswanathan, "Taking IT Management Services to a Cloud," cloud,
pp.175-182, 2009 IEEE International Conference on Cloud Computing,
2009
[6] http://news.zdnet.com/2100-9595_22-287001.html
[7] Buyya, R., et al., Cloud computing and emerging IT platforms: Vision,
hype, and reality for delivering computing as the 5th utility. Future
Generation Computer Systems, 2009. 25(6): p. 599-616.Tim Mather,
Subra Kumaraswamy, Shahed Latif Cloud Security and PrivacyA
practice Perspective on Risks and Compliance ISBN 978-596-802769
[8] David S. Linthicum Cloud Computing and SOA convergence in Your
Enterprise ISBN 0-13-600922-0
[9] Cloud Security Alliance December 2009 Security Guidance for Critical
Areas of Focus in Cloud Computing V2.1
[10] Pankaj Goyal, Ph.D., Senior Member IEEE, Rao Mikkilineni, Ph.D.,
Member IEEE Policy-based Event-driven Services-oriented
Architecture for Cloud Services Operation &Management 2009 IEEE
International Conference on Cloud Computing
[11] Hyuck Han, Shingyu Kim, Hyungsoo Jung, Heon Y. Yeom, Changho
Yoon, Jongwon Park, Yongwoo Lee, A RESTful Approach to the
Management of Cloud Infrastructure 2009 IEEE International
Conference on Cloud Computing
[12] http://www.vordel.com/products/vx_gateway/
[13] http://www.ibm.com/developerworks/xml/library/x-cloudpt3/
[14] http://www.perspecsys.com/cloud-salesforce.php
[15] L. Rodero-Merino, L.M. Vaquero, V. Gil, F. Galan, J. Fontan,
R.S.Montero, I.M. Llorente, From infrastructure delivery to service
management in clouds, Future Generation Computer Systems (2010),
doi:10.1016/j.future.2010.02.013
[16] Tan, P., et al. A Survey of Policy-Based Management Approaches for
Service Oriented Systems. in Software Engineering, 2008. ASWEC
2008. 19th Australian Conference on. 2008.
[17] Ravi Iyer , Ramesh Illikkal, Omesh Tickoo, Li Zhao, Padma Apparao,
Don Newell VM3: Measuring, modeling and managing VM shared
resources Intel Corporation, 2111 NE 25th Ave., Mailstop JF2-58,
Hillsboro OR 97124, United States
[18] Lalana Kagal, Tim Finin, and Jim Hendler Policy Management for the
Web A workshop held at the 14th International World Wide Web
Conference Tuesday 10 May 2005, Chiba Japan
[19] Tim Mather, Subra Kumaraswamy, and Shahed Latif Cloud Security
and Privacy Published by OReilly Media, Inc., 1005 Gravenstein
Highway North, Sebastopol, CA 95472