Page 539 - Cloud computing: From paradigm to operation
P. 539

Cloud Computing management                                          2


            6.3     Inter-cloud data policy-based management

            Inter-cloud data policy-based management enables peer CSPs to control and evaluate who can access which
            inter-cloud data, how to manage inter-cloud data, how to process and use inter-cloud data.
            The main elements of data policy-based management in inter-cloud are as follows.
            –       An IDPDP collects information about available resources and corresponding properties of the peer
                    CSPs to decide which of these CSP can process and use the inter-cloud data from peer CSPs. The
                    functionalities of IDPDP depend on role-based, rule-based and context-based data policies applied
                    in inter-cloud computing.
            –       An IDPEP is responsible for enforcing the terms of a CSC or CSP access. This enforcement is run-time
                    based on the capabilities of the IDPEP.
            –       An IDPIP is a repository of information to support the access decision.
            –       An IDPAP provides inter-cloud administration, management and monitoring of entitlement policies,
                    as well as delegation and integration with inter-cloud information repositories.
            Figure 6-1 illustrates how an IDPAP and IDPIP are related with each other to operate data management
            policies for a data supplier, and shows that an IDPEP, IDPDP and IDPIP cooperate for a data customer to
            access data based on policies set by the data supplier.


























                    Figure 6-1 – Relationship of main elements in inter-cloud data policy-based management


            In  Figure  6-1,  the  data  supplier  generates  and  provides  data,  and  also  sets  the  data  policies.  The  data
            customer uses the data that is provided by the data supplier and processed by policy-based management.

            The data supplier side-related operations can be described as the following procedure.
            1)      The data supplier provides the data to the data repository.
            2)      The data repository sends an acknowledgement to the data supplier.
            3)      The data supplier sets the corresponding data policies, which are managed by the IDPAP.
            4)      The IDPAP requests the IDPIP to store the data policies.
            5)      The IDPIP stores the data policies in the data policies repository.

            6)      The data policies repository sends an acknowledgement to the IDPIP.
            7)      The IDPIP sends an acknowledgement to the IDPAP.
            8)      The IDPIP sends an acknowledgement to the data supplier.







                                                                                                         531
   534   535   536   537   538   539   540   541   542   543   544