3,096 research outputs found
Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems
Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security
assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security
mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps
framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include
the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any)
and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security
level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received
funding from the European Union’s Horizon 2020 research
and innovation programme under grant agreement No 644429
and No 780351, MUSA project and ENACT project,
respectively. We would also like to acknowledge all the
members of the MUSA Consortium and ENACT Consortium
for their valuable help
Decision Support Tools for Cloud Migration in the Enterprise
This paper describes two tools that aim to support decision making during the
migration of IT systems to the cloud. The first is a modeling tool that
produces cost estimates of using public IaaS clouds. The tool enables IT
architects to model their applications, data and infrastructure requirements in
addition to their computational resource usage patterns. The tool can be used
to compare the cost of different cloud providers, deployment options and usage
scenarios. The second tool is a spreadsheet that outlines the benefits and
risks of using IaaS clouds from an enterprise perspective; this tool provides a
starting point for risk assessment. Two case studies were used to evaluate the
tools. The tools were useful as they informed decision makers about the costs,
benefits and risks of using the cloud.Comment: To appear in IEEE CLOUD 201
Observing the clouds : a survey and taxonomy of cloud monitoring
This research was supported by a Royal Society Industry Fellowship and an Amazon Web Services (AWS) grant. Date of Acceptance: 10/12/2014Monitoring is an important aspect of designing and maintaining large-scale systems. Cloud computing presents a unique set of challenges to monitoring including: on-demand infrastructure, unprecedented scalability, rapid elasticity and performance uncertainty. There are a wide range of monitoring tools originating from cluster and high-performance computing, grid computing and enterprise computing, as well as a series of newer bespoke tools, which have been designed exclusively for cloud monitoring. These tools express a number of common elements and designs, which address the demands of cloud monitoring to various degrees. This paper performs an exhaustive survey of contemporary monitoring tools from which we derive a taxonomy, which examines how effectively existing tools and designs meet the challenges of cloud monitoring. We conclude by examining the socio-technical aspects of monitoring, and investigate the engineering challenges and practices behind implementing monitoring strategies for cloud computing.Publisher PDFPeer reviewe
Review of the environmental and organisational implications of cloud computing: final report.
Cloud computing – where elastic computing resources are delivered over the Internet by external service providers – is generating significant interest within HE and FE. In the cloud computing business model, organisations or individuals contract with a cloud computing service provider on a pay-per-use basis to access data centres, application software or web services from any location. This provides an elasticity of provision which the customer can scale up or down to meet demand. This form of utility computing potentially opens up a new paradigm in the provision of IT to support administrative and educational functions within HE and FE. Further, the economies of scale and increasingly energy efficient data centre technologies which underpin cloud services means that cloud solutions may also have a positive impact on carbon footprints. In response to the growing interest in cloud computing within UK HE and FE, JISC commissioned the University of Strathclyde to undertake a Review of the Environmental and Organisational Implications of Cloud Computing in Higher and Further Education [19]
Bid-Centric Cloud Service Provisioning
Bid-centric service descriptions have the potential to offer a new cloud
service provisioning model that promotes portability, diversity of choice and
differentiation between providers. A bid matching model based on requirements
and capabilities is presented that provides the basis for such an approach. In
order to facilitate the bidding process, tenders should be specified as
abstractly as possible so that the solution space is not needlessly restricted.
To this end, we describe how partial TOSCA service descriptions allow for a
range of diverse solutions to be proposed by multiple providers in response to
tenders. Rather than adopting a lowest common denominator approach, true
portability should allow for the relative strengths and differentiating
features of cloud service providers to be applied to bids. With this in mind,
we describe how TOSCA service descriptions could be augmented with additional
information in order to facilitate heterogeneity in proposed solutions, such as
the use of coprocessors and provider-specific services
- …