Page 865 - Cloud computing: From paradigm to operation

P. 865

Intercloud and interoperability 5

Appendix II

Functionalities for managing isolation and security mechanism
(This appendix does not form an integral part of this Recommendation.)

This appendix provides functionalities for managing isolation and security mechanisms.

II.1 Functionalities for managing isolation and security mechanism
The functionalities for managing isolation and security mechanisms are supported by the 'authentication and
identity management'', ''authorization and security policy management'', ''encryption management'' and
''platform and virtualization management'' functional components within the multi-layer functions of the
cloud computing reference architecture [ITU-T Y.3502]. The positioning of these functionalities for managing
isolation and security mechanisms across the CSPs, which provide inter-cloud services, is presented in
Figure II.1.

Figure II.1 – The positioning of functionalities for managing isolation and security
mechanisms in inter-cloud

The data annotation functionalities are built upon elements as follows:
– Data annotation definer: manages the terminology (language) to annotate (or tag) workloads and
data;
– Data annotation manager: responsible for annotating the workloads and data according to the
isolation and security requirements;
– Data annotation handler: responsible for parsing and executing the isolation and security
requirements based on the annotations of workloads and data.

857

860 861 862 863 864 865 866 867 868 869 870