Title :
Multi-cloud policy enforcement through semantic modeling and mapping
Author_Institution :
Sch. of Comput. Sci. & Eng., California State Univ. at San Bernardino, San Bernardino, CA, USA
Abstract :
In today´s cloud service market, different providers have very different low-level mechanisms to accommodate various types of policies from their users. Enforcement of policies over multiple cloud provider domains is an intrinsically complex problem for both sides. In reality, cloud providers have to either manually update enforcement mechanisms or negotiate adjusted policies with their users for enforcement. To save these high-cost and error-prone manual updates or adjustments, an automatic and flexible solution is desired. This paper proposes a semantic modeling and mapping based approach to help enforce high-level user policies across cloud domain boundaries when applications or IT operations have to span over multiple cloud domains. This approach creates policy models and maps these models across cloud domain boundaries automatically or semi-automatically. Policy rules following these mappings can be tied to multiple enforcement mechanisms in different cloud domains. If a rule cannot be mapped, a manual adjustment solution will be suggested. A case study is also included to demonstrate the efficiency and accuracy of this approach.
Keywords :
cloud computing; semantic Web; cloud domain boundary; cloud service market; error-prone manual update; high-cost manual update; high-level user policy; low-level mechanism; manual adjustment solution; multicloud policy enforcement; multiple cloud provider; multiple enforcement mechanism; policy model; policy rules; semantic modeling and mapping; Bismuth; Equations; Industries; Manuals; Mathematical model; Numerical models; Semantics; cloud computing; cloud domain; policy enforcement; semantic mapping; semantic modeling;
Conference_Titel :
Semantic Computing (ICSC), 2015 IEEE International Conference on
Conference_Location :
Anaheim, CA
DOI :
10.1109/ICOSC.2015.7050849