Artikel in Tagungsband INPROC-2013-43

Waizenegger, Tim; Wieland, Matthias; Binz, Tobias; Breitenbücher, Uwe; Haupt, Florian; Kopp, Oliver; Leymann, Frank; Mitschang, Bernhard; Nowak, Alexander; Wagner, Sebastian: Policy4TOSCA: A Policy-Aware Cloud Service Provisioning Approach to Enable Secure Cloud Computing.
In: Meersman, Robert (Hrsg); Panetto, Herve (Hrsg); Dillon, Tharam (Hrsg); Eder, Johann (Hrsg); Bellahsene, Zohra (Hrsg); Ritter, Norbert (Hrsg); De Leenheer, Pieter (Hrsg); Dou Deijing (Hrsg): On the Move to Meaningful Internet Systems: OTM 2013 Conferences.
Universität Stuttgart, Fakultät Informatik, Elektrotechnik und Informationstechnik.
Lecture Notes in Computer Science (LNCS); 8185, S. 360-376, englisch.
Heidelberg: Springer Berlin Heidelberg, September 2013.
ISBN: 978-3-642-41029-1; DOI: 10.1007/978-3-642-41030-7_26.
Artikel in Tagungsband (Konferenz-Beitrag).
KörperschaftDOA-Trusted Cloud
CR-Klassif.D.2.7 (Software Engineering Distribution, Maintenance, and Enhancement)
D.2.9 (Software Engineering Management)
D.2.13 (Software Engineering Reusable Software)
KeywordsCloud Computing, TOSCA, Cloud Service, Cloud Management, Policy-Framework, Security, Green-IT, Sustainable Cloud Service

With the growing adoption of Cloud Computing, automated deployment and provisioning systems for Cloud applications are becoming more prevalent. They help to reduce the onboarding costs for new customers as well as the financial impact of managing Cloud Services by automating these previously manual tasks. With the widespread use of such systems, the adoption of a common standard for describing Cloud applications will provide a crucial advantage by enabling reusable and portable applications. TOSCA, a newly published standard by OASIS with broad industry participation provides this opportunity. Besides the technical requirements of running and managing applications in the cloud, non-functional requirements, like cost, security, and environmental issues, are of special importance when moving towards the automated provisioning and management of Cloud applications. In this paper we demonstrate how non-functional requirements are defined in TOSCA using policies. We propose a mechanism for automatic processing of these formal policy definitions in a TOSCA runtime environment that we have developed based on the proposed architecture of the TOSCA primer. In order to evaluate our approach, we present prototypical implementations of security policies for encrypting databases and for limiting the geographical location of the Cloud servers. We demonstrate how our runtime environment is ensuring these policies and show how they affect the deployment of the application.

CopyrightSpringer-Verlag Berlin Heidelberg 2013
Abteilung(en)Universität Stuttgart, Institut für Parallele und Verteilte Systeme, Anwendersoftware
Universität Stuttgart, Institut für Architektur von Anwendungssystemen
Eingabedatum30. September 2013
   Publ. Institut   Publ. Informatik