Article in Proceedings INPROC-2013-43

BibliographyWaizenegger, Tim; Wieland, Matthias; Binz, Tobias; Breitenbücher, Uwe; Haupt, Florian; Kopp, Oliver; Leymann, Frank; Mitschang, Bernhard; Nowak, Alexander; Wagner, Sebastian: Policy4TOSCA: A Policy-Aware Cloud Service Provisioning Approach to Enable Secure Cloud Computing.
In: Meersman, Robert (ed.); Panetto, Herve (ed.); Dillon, Tharam (ed.); Eder, Johann (ed.); Bellahsene, Zohra (ed.); Ritter, Norbert (ed.); De Leenheer, Pieter (ed.); Dou Deijing (ed.): On the Move to Meaningful Internet Systems: OTM 2013 Conferences.
University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology.
Lecture Notes in Computer Science (LNCS); 8185, pp. 360-376, english.
Heidelberg: Springer Berlin Heidelberg, September 2013.
ISBN: 978-3-642-41029-1; DOI: 10.1007/978-3-642-41030-7_26.
Article in Proceedings (Conference Paper).
CorporationDOA-Trusted Cloud
CR-SchemaD.2.7 (Software Engineering Distribution, Maintenance, and Enhancement)
D.2.9 (Software Engineering Management)
D.2.13 (Software Engineering Reusable Software)
KeywordsCloud Computing, TOSCA, Cloud Service, Cloud Management, Policy-Framework, Security, Green-IT, Sustainable Cloud Service

With the growing adoption of Cloud Computing, automated deployment and provisioning systems for Cloud applications are becoming more prevalent. They help to reduce the onboarding costs for new customers as well as the financial impact of managing Cloud Services by automating these previously manual tasks. With the widespread use of such systems, the adoption of a common standard for describing Cloud applications will provide a crucial advantage by enabling reusable and portable applications. TOSCA, a newly published standard by OASIS with broad industry participation provides this opportunity. Besides the technical requirements of running and managing applications in the cloud, non-functional requirements, like cost, security, and environmental issues, are of special importance when moving towards the automated provisioning and management of Cloud applications. In this paper we demonstrate how non-functional requirements are defined in TOSCA using policies. We propose a mechanism for automatic processing of these formal policy definitions in a TOSCA runtime environment that we have developed based on the proposed architecture of the TOSCA primer. In order to evaluate our approach, we present prototypical implementations of security policies for encrypting databases and for limiting the geographical location of the Cloud servers. We demonstrate how our runtime environment is ensuring these policies and show how they affect the deployment of the application.

CopyrightSpringer-Verlag Berlin Heidelberg 2013
Department(s)University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems
University of Stuttgart, Institute of Architecture of Application Systems
Entry dateSeptember 30, 2013
   Publ. Institute   Publ. Computer Science