Final conclusion

For legal compliance, the cloud provider has to implement and enforce several safeguards that support the cloud customer’s requirements for security and legal compliance. Therefore, the cloud customer needs to be able to communicate these requirements to the cloud provider and in turn the cloud provider needs to be able to report on the compliant implementation of these requirements. In particular, it is important to deal with the requirements of each customer individually, since the requirements of each customer may be different. Within the cloud infrastructure, the cloud management process needs to assign virtual resources based on the physical location of the hardware resource and itsensured level of security. As a result of the legal analysis, this leads to the technical requirement of location determined data processing, which enables decision making and enforcement based on an ensured level of security and thenecessary level of security. How the technical requirements can be addressed in clouds is investigated in Chapter4.

Chapter 4

Technical analysis of cloud computing

and supporting legal compliance

Having identified the technical requirements which derive from legal norms applicable to IT outsourcing to clouds, it is possible to investigate the technical capabilities of clouds to address these requirements (Objective 2). Based on these requirements, it is possible to investigate the technical implications of cloud infrastructures when it comes to their compliance with the legal requirements the legal requirements identified in Section3.6(Objective 3). This is done with a focus on the utilisation, provisioning, and hosting of virtual resources in IaaS cloud infrastructures for IT outsourcing .

To achieve this, it is necessary to understand the technical characteristics of cloud infras- tructures first. Particularly, knowledge of the operation of virtual and hardware resources and their management in the cloud is required. Based on that knowledge it is possible to under- stand how security measures and safeguards can be implemented to achieve legal compliance. Finally, the technical capabilities of compliance monitoring and reporting are investigated.

The terminology and structure of cloud environments is investigated in Section4.1. There- fore, virtual resources, hardware resources and the cloud management process are described based on the observation of existing cloud infrastructures. The result is an entity-relationship model which is formulated in an ontology’s notation and serves as a basis for all further in- vestigations and descriptions of cloud infrastructures and their behaviour. In Section4.2, the abilities of cloud security management to satisfy the identified legal requirements are analy- sis based on literature and existing implementations. In particular, the academic void and the shortcomings of the current practice are identified enabling the classification of challenges in the domain of security management addressed in this thesis. In Section4.3, the technical ca- pacity to support compliance management in the cloud is analysed. Again, the academic void and shortcomings of current practice are identified, which forms a basis for classifying the challenges in the domain of compliance management addressed in this thesis.

4.1

Towards an IaaS cloud computing ontology

To understand the technical capacity to implement legally compliant data processing in clouds, it is necessary to understand the structure and operation of cloud infrastructures and how they provide cloud services technically.

In this section, a cloud computing taxonomy forIaaSis specified. For this taxonomy, an analysis of existing cloud infrastructures is performed including standards and best practices in data centre design and management as well as cloud computing reference architectures. As a result an entity-relationship model is defined that provide a comprehensive description of virtual resources, hardware resources and the cloud management process. The model is formu- lated using the formal notation of an ontology and, thereby, is the first step towards an ontology onIaaScloud infrastructures. This has the advantage that the model is ready for formal verifica- tion in respect of its plausibility and being self-contained. Such formal verifications are outside the scope of this thesis and are not further investigated. However, using the systematic methods of ontology construction supports the characteristics of plausibility and being self-contained. How the provided model can be verified in respect of these characteristics is discussed in the outlook (cf. Section7.3).

In general, cloud infrastructures can be classified (1) by infrastructure elements required for managing cloud services, security, and privacy, and (2) by infrastructure elements required for service orchestration (cf. NIST’s cloud computing reference architecture [134]). The manage- ment elements provide functions for the overall control and operation of the cloud infrastructure including the interaction with the cloud customer and cloud provider. The elements for service orchestration are organised in a layered structure covering 1) the cloud services (i.e., virtual resources forIaaS), 2) the abstraction and control of computing resources, and 3) the hardware resources.

Figure 4.1: Infrastructure of an IaaScloud provider according to NIST reference architecture [134].

Cloud Provider Service Orchestration

IaaS (Virtual Resources)

Abstraction and Control of Computing Resources

Physical Infrastructure

(Hardware Resources) _Clou

d S e rv ic e Man a g e men t Se cu ri ty an d P ri v ac y Ma na ge me n t

Figure 4.1 provides an overview of the cloud infrastructure elements of an IaaS cloud provider. Beside the service orchestration, there are management elements for provisioning the cloud services to the customer (including the management front-ends for cloud customers and provider as well as accounting) and for ensuring the secure operation of the cloud infras- tructure and protecting the cloud customer’s privacy.

In the following, virtual resources, hardware resources, and the cloud management process inIaaS cloud infrastructures are specified in an entity-relationship model. First, the formal model of description is given (cf. Section4.1.1). Then, the cloud customer’s view of virtual re- sources (cf. Section4.1.2) and the hosting site’s view of hardware resources (cf. Section4.1.3) are described by type and relevant properties. Finally, the cloud provider’s view of the cloud infrastructure and the cloud management process are specified (cf. Section4.1.4).