1 / 37

Service Level Agreements in a Grid and Cloud Computing Environment. The Legal Assessment

Explore the impact and validity of SLAs in cloud and grid environments, including negotiation, liabilities, and enforcement. Understand how service quality and customer expectations influence SLA terms.

edc
Download Presentation

Service Level Agreements in a Grid and Cloud Computing Environment. The Legal Assessment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Service Level Agreements in a Grid and Cloud Computing Environment.The Legal Assessment Davide M. Parrilli, ICRI Madrid, 13 December 2008 http://www.law.kuleuven.be/icri

  2. SLA: Introduction; • SLA and Grid/Cloud computing; • The business practice; • SLA negotiation; • Validity and enforceability of the SLA; • Liabilities. Agenda

  3. SLA: introduction SLA: a contract between a user and a provider of a service specifying the conditions under which a service may be used. It describes the provider’s commitments and specifies the penalties if those commitments are not met. An SLA is a legally enforceable contract (exceptions do exist in academia).

  4. SLAs and Grid/Cloud computing (I) Legal assessment of the impact of Grid/Cloud computing on SLAs Question: Is Grid able to influence the content of the SLA(s)? Topic relevant for all technologies that adopt dispersed resources and increase the quality of the offered services.

  5. SLAs and Grid/Cloud computing (II) Method of the research: • Survey between the BEs of BEinGRID. The BEs responded to the above question: 20 % said ‘yes’, the others have to think about that; • Analysis of business practices.

  6. SLAs and Grid/Cloud computing (III) SLA 1: Grid provider/Service provider SLA 2: Service provider/End user Often in the business practice the SLA must be read in combination with other contracts (e.g. customer agreement): we focus on the contractual relationship between the parties regulating… Grid/technology provider Service provider End user Scenarios

  7. SLAs and Grid/Cloud computing (IV) … The content of the SLA (technology provider-service provider, service provider-end user), i.e.: • QoS: availability, system performance; • Fees; • Assistance and support service; • Security; • Liabilities and remedies (service credits); • The use of the Grid and of the Grid/Cloud-based services made by the customer: no gambling, child pornography, discriminations, phishing, viruses, trojan horses, etc. – liabilities to be negotiated on a case-by-case basis or imposed by the provider.

  8. SLAs and Grid/Cloud computing (V) In particular: management on top of the allocated resources: availability (compute resources, storage etc), network performance (latency, throughput), etc.

  9. SLAs and Grid/Cloud computing (VI) Question of a typical customer: Why should the SLA in a Grid/Cloud environment be the same as in non Grid/Cloud scenarios? Better expected services = more favorable SLA for the customer!

  10. SLAs and Grid/Cloud computing (VII) For instance: • Most clients of Xignite (financial Web service provider that delivers market data from the Cloud) are fine with 99.5 to 99.9 % availability. Some want as high as 99.99 %; • Gary Slater (LiveOps): clients want their system to work all the time.

  11. SLAs and Grid/Cloud computing (VIII) Gerry Libertelli (CEO Ready Techs): “technically, there should be zero downtime associated with a Cloud [and Grid] instance, since almost everything in a Cloud is redundant by nature and easily reinstantiated in the case of a failure.” MOSSO: “since we operate clusters of servers, maintenance that causes downtime should be rare.”

  12. SLAs and Grid/Cloud computing (IX) Answer of the rational and informed customer: If I pay (more?) for a service that is expected to be better than that I was used to, I want to see this in the SLA I sign (influence of technology on legal agreements).

  13. The business practice (I) Example of ‘traditional’ standard clause: “The system will not be available for 2 hours daily for scheduled backups and system maintenance”.

  14. The business practice (II) Amazon: • S3 Simple Storage Service (storage in 1 bucket): service availability 99.9 %; • EC2 Elastic Compute Cloud: 99.95 % availability. Grid/Cloud influence SLAs: better services = different SLAs

  15. The business practice (III) Joyent: “Cloud computing brought to you with the power of the Joyent Accelerator”. Accelerator hosting SLA (Grid container hosting account services): 100 % availability for all users.

  16. The business practice (IV) Google: SLA for Google Apps Premium Edition: 99 % availability. Thus… Performance may be the next focus in Grid/Cloud computing SLAs (Stephane Dubois, CEO Xignite).

  17. SLAnegotiation (I) Phases: • SLA contract definition (template, proposal); • Negotiation and signing of the contract; • Monitoring; • Enforcement.

  18. SLA negotiation (II) E-negotiation: focus on agreeing on the conditions of the SLA (QoS, price, etc). Human intervention combined with computer-generated process. E.g.: g-Forge SLA-negotiation: a plug-in is used to decide whether an offer shall be refused or accepted.

  19. SLA negotiation (III) E.g.: Web Services Agreement Specification (WS-Agreement): the protocol is based on a simple round “offer, accept” message exchange. As far as the parties can manage the negotiations and the agreement reflects their will, no legal contractual barriers.

  20. SLA negotiation (IV) Entirely computer-controlled/generated negotiations with no human intervention (realistic scenario?): doubts as regards the validity and enforceability of the contract. Does the SLA really represents the will of the parties? Is it a real agreement? Tip: prior agreement stating that the parties will be bound by the computer-generated SLA.

  21. SLA negotiation (V) Legal/technical issues in e-negotiations: security and reliability of the system and network: it is necessary to be sure that all messages have been received and the contract is really in force.

  22. Validity and enforceability of the SLA (I) When is the SLA legally valid and binding? The principle (common law and civil law countries) is that a contract is deemed to come into existence when acceptance of an offer has been communicated to the offeror by the offeree/when the offeror knows that the offeree accepted.

  23. Validity and enforceability of the SLA (II) Need to check whether the contract shall be made in written form! Does an e-contract respect this requisite? In the EU, all Member States should allow the conclusion of e-contracts with electronic signature (Directive 1999/93/EC). Alternatives: • E-mail with electronic signature; • Paper-based contracts with ‘real’ signature.

  24. Validity and enforceability of the SLA (III) Principle for international agreements: a contract concluded between persons/companies who are in a different countries is formally valid if it satisfies the formal requirements of the law which governs it under the Rome Convention 1980 or of the law of one of those countries.

  25. Validity and enforceability of the SLA (IV) Which law will govern the contract and will be applicable for the (contractual) obligations arising from the SLA? Rome Convention 1980: • A contract shall be governed by the law chosen by the parties – Art. 3(1); …

  26. Validity and enforceability of the SLA (V) … • In absence of choice, the contract shall be governed by the law with which it is most closely connected – Art. 4(1); • It shall be presumed that the contract is most closely connected with the country when the party who is to effect the performance which is characteristic of the contract has, at the time of the conclusion of the contract, its central administration/principal place of business/place of business from which the performance is effected – Art. 4(2).

  27. Validity and enforceability of the SLA (VI) The provision of the service is the performance characteristic of the contract. The law of the country of the technology provider or of the service provider will be applicable (Rome Convention 1980 is universal).

  28. Validity and enforceability of the SLA (VII) For instance: • US (California) Grid/Cloud provider – Spanish service provider: American (Californian) law will be applicable; • Spanish service provider (SaaS) – Brazilian customer: Spanish law will be applicable.

  29. Validity and enforceability of the SLA (VIII) Tip: the contractual regulation should be as complete as possible. Parties should state, in the SLA or in a framework contract, which law will be applicable and how potential future conflicts will be solved (competent court, ADR).

  30. Liabilities (I) Technology providers tend to limit their liabilities as much as possible. E.g.: “we and our licensors do not warrant that the service offerings will function as described, will be uninterrupted or error free, or free of harmful components, or that the data you store within the service offerings will be secure or not otherwise lost or damaged… We…shall not be responsible for any service interruptions, including, without limitation, power outrage, system failures or other interruptions.” (Amazon Web Services Customer Agreement).

  31. Liabilities (II) Service (SaaS) providers do the same! E.g.: “we are not liable to you…for any direct, indirect, incidental, special or consequential damages or losses arising out of access to or use of the Service or inability to access or use the Service or out of any breach of any warranty including, without limitation, damages or losses resulting from acts of god or events of similar case or the consequences of viruses received by you via the Service, even if we are advised of the possibility of such damages or losses.” (Business Professional).

  32. Liabilities (III) The risk, at the end, is shifted to the final customer… Technology provider Service Provider End user

  33. Liabilities (IV) Impact of Grid/Cloud failures in a SaaS scenario: who is liable for what? • The technology provider does not take liabilities; • The SaaS provider does not take liabilities; • The end use…the loser takes it all! Legislative intervention to allocate risks and liabilities in a fairer way?

  34. Liabilities (V) “The best strategy for dealing with the risks of Cloud vendors is to mitigate them before you move your applications and data into the Cloud. Do what you can to protect your business before you sign a contract with a Cloud or SaaS provider.” (Anne Grubb).

  35. Liabilities (VI) In practice… Distinction between (i) SLAs negotiated between equals and (ii) standard contracts imposed by big players. In the latter case, the customer takes the risk.

  36. Liabilities (VII) Liability of the technology provider/service provider towards third parties: E-commerce Directive (2000/31/EC). Limitations of liability: • Grid provider: hosting (Art. 14) – duty of care; • Service provider: mere conduit (Art. 12), caching (Art. 13), depending on the case.

  37. Thanks for you attention! Davide M. Parrilli ICRI-K.U. Leuven-IBBT davide.parrilli@law.kuleuven.be

More Related