1 / 20

Policy based Cloud Services on a VCL platform

Policy based Cloud Services on a VCL platform. Karuna P Joshi, Yelena Yesha, Tim Finin, Anupam Joshi University of Maryland, Baltimore County. Cloud Computing : The present. New paradigm for IT services delivery IaaS , PaaS , SaaS , …… , XaaS Focus is on “virtualizing” resources

paley
Download Presentation

Policy based Cloud Services on a VCL platform

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Policy based Cloud Services on a VCL platform Karuna P Joshi, Yelena Yesha, Tim Finin, Anupam Joshi University of Maryland, Baltimore County

  2. Cloud Computing : The present • New paradigm for IT services delivery • IaaS, PaaS, SaaS, …… , XaaS • Focus is on “virtualizing” resources • Great progress in dynamic provisioning at hardware resource level • Software/Service is still relatively statically provisioned • Gaps in current work • Lack of Cloud “service engineering” • Managing the entire lifecycle automatically

  3. Future Vision for Cloud • Virtualized Services on the Cloud • Service dynamically composed - On Demand composition • Service structure/components not pre-determined • Multiple provisioning. • Moving from totally manual to mostly automatic • needed if we truly want to leverage the cloud and service virtualization capabilities and efficiencies

  4. Key Open Research Issues • Current cloud research focused on • Improving cloud infrastructure – Virtual machines, Cloud OS etc. • Semantic description of services, and even some composition work • Limited research on how to use the cloud services efficiently • Most steps in service negotiation, acquisition, and consumption/monitoring still require significant human intervention • Difficult to manage service quality especially of composed services created by different providers

  5. Key Contributions of Our Research A semantically rich, policy-based framework can be used to automate the lifecycle of virtualized services on the cloud • Use semantic web languages/technologies • Developed an integrated lifecycle of virtualized services on the Cloud • Negotiation for cloud service acquisition by constraint relaxation • Service quality framework

  6. Service Lifecycle Methodology • Our methodology divides Service processes Lifecycle on the Cloud into Five Phases • Requirements, Discovery, Negotiation, Composition and Consumption • This Methodology is applicable on any cloud deployment. • We have developed high level ontologies for the five phases that enables automation. • available in OWL at http://ebiq.org/o/itse/1.0/itso.owl

  7. Service Requirements Service Discovery Service Negotiation Service Composition Service Consumption CONSUMER SERVICE CLOUD Phases of IT Services Lifecycle Service specified Provider(s) identified New Service needed Contract signed Service delivered

  8. Service Requirements Requirements for a service will include • Functional specifications (tasks to be automated) • Budgetary policies/Cost constraints • Technical Policy specifications • Human Agent Policy • Security Policy • Data Quality Policy • Service Compliance Policy

  9. Service Discovery • Cloud Broker used to search available services that match the specifications • Identify gaps that exist in services discovered • Cloud Auditor or centralized registry, similar to UDDI, will certify the service provided.

  10. Service Negotiation • Discussion and agreement that the Service provider and consumer have regarding the Service. • Service Level Agreements (SLA) finalized between consumer and provider • Quality of Service (QoS) decided between primary provider and component providers.

  11. Service Composition Phase • One or more services provided by one or more providers are combined and delivered as a single Service • SLA and QoS finalized in the negotiation phase used for determining service components and its orchestration (the sequence of execution) • We reuse the OWL-S ontology to model and reason about compositions

  12. Service Consumption Phase • Composed Service is consumed and monitored in this phase • Key measures like Service Performance and reliability are monitored using automated tools. • SLA, QoS determine performance of the service • Phase includes Service Delivery, Service payment • Customer Satisfaction is tracked in this phase

  13. Cloud Broker Architecture Cloud User User Interface Translate to machine processable format Final SLA for approval 1 9 4 Service Cloud Service Broker agent Service Discovery federated SPARQL query 2 5 SLA negotiation Service URI Final SLA 8 3 Service endpoint (provider agent) 6 Service URI Final configuration 7 Virtual Service Instance (Eucalyptus/VCL) Cloud Provider

  14. Collaboration with NIST • US government agency NIST working on standardizing cloud computing • Member of Reference architecture and Taxonomy groups • Member of Cloud Security group • Prototype for NIST • Automation of Cloud Storage Service acquisition, consumption /monitoring. • Using Service lifecycle Ontologies developed by us. • Platform: using SPARQL, RDF, Web technologies – Perl, HTML. • NIST Cloud Computing workshop, Nov 2-4 2011.

  15. Some Policies/Constraints … • Cloud security – would like to mandate policies at the Cloud hardware level • Data security policies • US government compliance policies • User authentication policy : FIPS 140-2 is a standard used to accredit cryptographic modules. • Trusted Internet Connection mandated to optimize individual external connections. • Want to be interoperable across Cloud platforms

  16. Cloud user Storage Service Architecture User Interface <rdf> Rfs description </rdf> Cloud Service Procurer module Final SLA Service Translate to machine process able format Discover service SLA negotiation Service URI Respond Cloud <rdf> SLA description </rdf> Cloud Provider 3 Cloud Provider 2 Cloud Provider 1 Joseki SPARQL endpoint Joseki SPARQL endpoint Joseki SPARQL endpoint Virtual Service Instance (Eucalyptus/Bluegrit) Virtual Service Instance (Eucalyptus/Bluegrit) Virtual Service Instance (Eucalyptus/Bluegrit)

  17. NIST prototype demo

  18. Request for Service : RDF file <?xml version="1.0"?><rdf:RDF xmlns="http://www.w3.org/2002/07/owl#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:itso="http://ebiquity.umbc.edu/ontologies/itso/1.0/itso.owl" xmlns:stg="http://www.cs.umbc.edu/~kjoshi1/storage_ontology.owl" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="http://localhost/RFS"><itso:RFS_Respond_By_Date> Fri Apr 27 11:53:49 2012 </itso:RFS_Respond_By_Date><itso:Expected_Begin_Date_of_Service> 1-1-2012 </itso:Expected_Begin_Date_of_Service><itso:Service_Cost_Constraint> 0 </itso:Service_Cost_Constraint><itso:Service_Location_constraint> global </itso:Service_Location_constraint><stg:storage> 2GB </stg:storage><stg:backup> Weekly </stg:backup><stg:availability> 95 </stg:availability><stg:datadeletion> data archived </stg:datadeletion><stg:Encryption> Data Encrypted </stg:Encryption><stg:authentication> FIPS 140 2 supported </stg:authentication><stg:VMseparation> VM separation </stg:VMseparation><stg:storage_interface> SOAP WSDL </stg:storage_interface><stg:TIC_connection> TIC Compliant </stg:TIC_connection><stg:CC_EAL> 3 </stg:CC_EAL><stg:cloud_instance_size> 1GB </stg:cloud_instance_size><stg:cloud_instance_speed> 1GHz </stg:cloud_instance_speed><stg:cloud_instance_cores> 10 </stg:cloud_instance_cores></rdf:Description></rdf:RDF>

  19. Storage Service Broker URL http://cs.umbc.edu/~kjoshi1/nist_demo/

  20. Summary • For broader adoption of cloud computing, we need to automate cloud service processes • Developed an integrated methodology to acquire, consume and monitor services on the cloud. • Future work: improving upon the cloud broker integration with VCL • Ontologies in public domain. • Publications available at http://ebiq.org/j/93

More Related