Page 837 - Cloud computing: From paradigm to operation

P. 837

Intercloud and interoperability 5

7.4.2 Authorization and security policy management

The authorization and security policy management function controls and applies authorization for peer CSPs
to access a specific inter-cloud service.

This function includes the following.
– Authorization management. This allows for implementing of permissions and authorization for
particular peer CSPs and related inter-cloud services.
– Federated authorization and security policy management. This allows for providing of federated
authorization and security policy management between peer CSPs.
– Trust management. This allows for encapsulating and verifying of the policies for trusted inter-cloud.

NOTE – For more information about trusted inter-cloud please refer to [ITU-T Y.3514].
7.4.3 Encryption management
The encryption management function provides data encryption, API encryption, as well as network
connectivity encryption.
This function includes the following.

– Data encryption. This allows for encrypting of data exchanged through inter-cloud services.
– API encryption. This allows for encrypting of inter-cloud service and management APIs for peer CSPs.
– Network connectivity encryption. This allows for utilizing of security keys to secure the network
connectivity between CSPs.

8 Functional components of inter-cloud

Figure 8-1 illustrates the mapping of inter-cloud functions and functional components.

Figure 8-1 – Mapping of inter-cloud functions and functional components

829

832 833 834 835 836 837 838 839 840 841 842