A Governance Model for Cloud Computing

Zhiyun Guo /s Meina Song

School of Computer, Beijing University of Posts and
Telecommunications
Beijing, China
guozhiyun0216@gmail.com; mnsong@bupt.edu.cn;
Zhiyun Guo /s Junde Song
School of Computer, Beijing University of Posts and
Telecommunications
Beijing, China
guozhiyun0216@gmail.com; jdsong@bupt.edu.cn


AbstractAs Cloud Computing begins to move beyond the pure
hype stage and into the beginning of mainstream adoption,
adopting cloud-based services or moving application services to
the cloud brings a number of new risks, including: Cloud
availability, Cloud security, Erosion of data integrity, and so on.
However, for enterprise which require visibility, trust and
control over cloud-based services. To maximize the value of cloud
computing, meanwhile, to avoid the risk associated with their
cloud-based implementations, enterprises need an approach,
processes, procedures, and technology to manage and control
thousands of data, services and process elements in the Cloud
environment. In a word, Cloud computing needs governance. In
this paper, the authors propose a Cloud-based governance model
that marks out a path that will guide the enterprise into the cloud
in a controlled and secure manner.
Keywords- Cloud Computing; Cloud Governance; SOA; SOA
governance
I. BACKGROUND
Cloud based services, by their nature, are distributed
anywhere in the cloud. The cloud computing infrastructure,
offered by a vendor or by the internal IT organization, services
are accessible from anywhere with an internet connection. The
internally offered cloud may be private or a combination of
private and public clouds. The cloud encompasses all elements
of the IT and network stack of products and supporting services
that enables the development, delivery and consumption of
services. Figure 1 shows the deployment of business services
using multiple clouds. In an ideal case, services S9 through S2,
and S2 composite S3, and call S4 may implement a business
workflow and associated policies using a combination of public
and private clouds that are massively scalable and globally
interoperable. As reflected in the example, many of these
services are interdependent, meaning services calling services,
or composite services. Moreover, many applications are
dependent upon these services (see Figure 1). Thus, services
that fail or, more likely, services that change without
authorization, will have a domino effect on other services and
applications that leverage them. Indeed, a single service that is
altered without the knowledge and understanding of the impact
that change may have, could bring down many core enterprise
systems, perhaps costing thousands of dollars an hour in lost
revenue, which quickly diminishes the value of cloud
computing.

Figure 1. Interdependencies between services Can cause disruptions
when any one service fails or changes
To maximize the value of cloud computing, meanwhile, to
avoid the risk associated with their cloud-based
implementations, enterprise need an approach, processes,
procedures, and technology to manage and control thousands
of services and data elements in the Cloud environment. In a
word, Cloud computing needs governance.
For Cloud Computing, the term governance refers to the
processes used to oversee and control the adoption and
implementation of a cloud-based service in accordance with
recognized policies, audit procedures and management policies.
Cloud Governance aims at providing optimum service quality,
consistency, predictability and performance. A Cloud
Governance environment should offer the ability to define,
track, and monitor service execution on any number of
platforms, on-premise or cloud computing-based. [8][9]
The rest of this paper is structured as follows: section 2
analysis the objectives of Cloud governance, which provides a
strategy blueprint for Cloud success; in section 3, we overview
the related work about Cloud governance; section 4 will
describe requirements for a cloud governance model; while in
section 5, we emphasizes on Cloud Governance model. Finally,
section 6 summarizes this paper.
II. OBJECTIVES OF CLOUD GOVERNANCE
To successfully implementing cloud computing, those who
attempt govern the Cloud must really know what to govern.
To Cloud Computing [7], it is clear that a well designed
governance model is a prerequisite to successfully
implementing cloud computing. These include the ability to
create, deploy, dynamically allocate, and track usage of these
This work is financially supported by the Program for New Century
Excellent Talents in University No.NCET-08-0738; and the Innovation
Technology Star Program of Beijing under Grant No.2007A045; and the
National Key project of Scientific and Technical Supporting Programs of
China under Grant No.2008BAH24B04.
978-1-4244-5326-9/10/$26.00 2010 IEEE
virtualized services. More details on the objectives of such a
Cloud governance framework are given in Table 1. [5][6] [9]
TABLE I. CLOUD GOVERNANCE OBJECTIVES
Services
management
Reliability and liability.
The cloud to be a reliable resource,
especially if a cloud provider takes over
the task of running mission-critical
applications and will expect clear
delineation of liability if serious problems
occur.
Security, privacy, and anonymity.
The cloud provider will prevent
unauthorized access to both data and code,
and that sensitive data will remain private.
The cloud provider, other third parties, and
governments will not monitor their
activities. The only possible exception
may be for cloud providers, who may need
to selectively monitor usage for quality
control purposes.
Access and usage restrictions.
Users will expect to be able to access
and use the cloud where and when they
wish without hindrance from the cloud
provider or third parties, while their
intellectual property rights are upheld.
Policy
management

Manage the Policy Lifecycle
Track policies and procedures using an
on-line, auditable policy database. Easily
set up and manage workflow and approval
processes to support in-house policy
processes.
Flexibly Control Access to
Policies
Manage policy editing and visibility
using the platforms powerful access
controls including user roles and
groupings as well as record-level
permissions. Communicate policies
through user-specific dashboards and
email notifications that are relevant to
specific roles, departments and business
functions.
Support Policy Compliance
Initiatives
Create and distribute policy
compliance surveys using custom question
libraries and survey templates.
Ensure Policy Understanding and
Compliance
Users can distribute policies to relevant
stakeholders within the business and also
gather individual acknowledgment of
policy requirements.
Report on Policy Management
Activities
Utilize the platform's powerful, highly
customizable, reporting and dashboards
capabilities to communicate key policy
activities. Set up automated report and
dashboard generation and automatically
email them to relevant stakeholders.

risk
Management
Identify and Track Potential Risks
Build a registry of potential risks,
documenting their key attributes, including
source, business unit, risk rating, target
risk rating, and mitigated risk rating.
Implement Controls and Map to
Processes
Easily map risks to multiple mitigating
controls, put in place auditable action
plans, and link risks to specific processes
within the organization.
Track Activities and Events
Track the progress of risk management
activities, including tasks, emails and
actions. Manage associated events and
easily link them to our Outlook calendar.
Create and Manage Approval
Processes and Workflows
Utilize powerful approval and
workflow capabilities to create and
manage approval processes and
workflows, including parallel and
delegated approvals.
Flexibly Report on users Risk
Management Activities
Utilize user customizable reporting and
dashboards capabilities to communicate
key risk management activities. Set up
automated report and dashboard
generation and automatically email them
relevant stakeholders.

Compliance
Management
Assess the Impact of New
Regulations
Record and communicate important
new regulatory publications and
clarifications and assess their impact on
the organization.
Report Breaches of Regulations
Provide support for registering and
tracking regulatory breaches through a
compliance portal that can be easily linked
to internal web-sites and intranets.
Track Breaches and Notifiable
Events
Enable relevant stakeholders to report
on potential regulatory breaches and other
notifiable compliance issues. Track the
actions that are created to deal with the
issues and report them.
Track Compliance
Communications
Manage and record communications
between the organization and its
regulators. Manage and track compliance
related advice and guidance provided to
employees in the organization.
Compliance Reporting
Analyze and communicate critical
compliance data to key stakeholders using
customizable reports and dashboards,
including sending automated email
reports.


III. RELATED WORKS
In many ways, we can apply what weve already learned,
implemented, and invested in SOA Governance [1] directly to
issues of Cloud Governance. Cloud governance is an evolution
of SOA governance, recognizing that the best practice in the
cloud is to build on the solid foundation of existing SOA
principles. It refines and extends SOA governance procedure
and technology, making it universally applicable on-premises
(in a private cloud, or across an existing SOA), in the public
cloud, or managing a hybrid combination of the two.
The term Cloud governance has also sometimes been
treated as a marketing term for the packaging of the set of
features that allow managing and improving the visibility of
distributed virtualized resources. In fact Cloud governance
frameworks build on top of such work by addressing the need
to make the supporting service management and monitoring
layer interoperable and introduce processes that allow
governing multiple interrelated services and policies in cloud-
based deployments as one whole.
Currently, there is no Cloud governance technology and
architecture that fulfils the objectives aforementioned. Instead,
vendors have a tendency to aggregate the different products
they have developed over the years that supports the
management of distributed virtualized resources. [3][4]
IBM Tivoli Service Automation Manager enables users
to request, deploy, monitor and manage cloud computing
services. It also provides traceable approvals and processes [2]
[14].
Vordel XML Gateway provides governance, acceleration,
integration, and security for SOA and Cloud Computing. It is
available as an appliance, as software, in the cloud or as a
virtual appliance [13].
To promote the use of best practices for providing
security assurance within Cloud Computing, and provide
education on the uses of Cloud Computing to help secure all
other forms of computing, the Cloud Security Alliance (CSA)
Controls Matrix (CM) is specifically designed to provide
fundamental security principles to guide cloud vendors and to
assist prospective cloud customers in assessing the overall
security risk of a cloud provider. [9]
The Layer 7 SecureSpan Virtual Appliance supports
VMWare/ESX, and can be deployed in both private and public
clouds (such as those offered by BT, AT&T, Verizon, etc)
today. [12] [3]
These attempts are mainly directed towards the visibility
and management objective of cloud governance and offer only
little support, if any, for the adaptation and contextualization.
Another area of interest that has focused on certain
aspects of governance, for instance, in [10] built on concepts
from policy management, SOA and EDA, has a loose-
coupling and event-driven nature that enables creation of an
agile management framework. In [11], propose the RESTful
Cloud Management System (CMS). The CMS fully utilizes
fundamental Web technologies, such as HTTP and URIs, to
perform infrastructure management. In [15], present Claudia,
an IaaS service management system that implements an
abstraction layer, which sit on top of different cloud providers,
hence mitigating the potential lock-in problem and allowing
the transparent federation of clouds for the execution of
services.
But none of the above papers and productions proposed a
unified model to mark out a path that will guide the enterprise
into the cloud in a controlled and secure manner. Currently,
there is no Cloud Governance technology and architecture that
fulfils the objectives aforementioned.
IV. REQUIREMENTS FOR A GOVERNANCE MODEL
Traditionally, most IT organizations govern the five
technology layers shown in the Figure2 The two on-premises
models indicate that IT has total control over (and
responsibility for) all five technology layers. However, as we
move from IaaS to PaaS to SaaS, the IT organizations level of
control diminishes and the CSPs (Cloud Service Provider)
level of control increases. (Figure2 illustrates the impact of
cloud computing on the governance structure of IT
organizations.)[5][8]
However, although control increases for the CSP,
responsibility remains with the IT organization. It is critical
for IT organizations to develop strong governance frameworks
to ensure that their service levels and contractual obligations
are met.

Enterprises
has control
Enterprises
shares
control
with vendor
Vendor has
control
Network
Storage
Server
services
App
SaaS
Network
Storage
Server
services
App
PaaS
Network
Storage
Server
VM
App
IaaS
Network
Storage
Server
VM
App
On Premise
(hosted)
Network
Storage
Server
VM
App
On Premise

Figure 2. Impact of cloud computing on the governance structure of IT
enterprises(adopt from[8])
In this section we describe the requirements of a Cloud
governance framework. These requirements were gathered
through the studying of a large number of business cases
studies and pilots in research projects and survey vendors such
as IBM, Layer 7 Technologies, Vordel, and Microsoft.
To achieve the objective mentioned in Objectives of Cloud
governance, a flexible framework needs to be provided.
Policy schemes and templates about protecting
managing and monitoring cloud-based services, and
transformations to realize these into concrete policy
instances for specific target environments and contexts.
Services profiles, including the selection of core
infrastructure, platform, software capabilities and the
corresponding policy schemes.
Resource management processes that manage the life-
cycle of cloud-based services and policy depending on
the target environment and context.
Governance processes that coordinate on-premise and
cloud-based services management and policy
implement across the enterprise.
The governance framework must allow adaptability in
response to changes of the requirements of the resource
exposed through it and also be capable of adapting to different
kind of events such as change in the requirements of the
different components it uses. This has an impact on the way the
consumed services must be presented, it influences the way the
framework is architected and it affects the management of the
profile.
V. ANATOMY OF A CLOUD GOVERNANCE MODEL
The architecture of Cloud governance model is
summarized in the following paragraphs. A distinctinction is
made between the policy, management and operational models.
A. Governance: Policy Model
Policies in the context of SOA and cloud computing are
declarative electronic rules about what can be done to a service
and by whom. [16]
In the following paragraphs, the main governance policy
types of the Cloud governance are introduced. This is
particularly important for the governance model as the different
types of policies can take precedence one over another.
1) Data policies:
Requires defining all relevant metadata within the
candidate applications, which you wish to place on cloud
computing platforms. This means defining where the data is
now, the data structure, the logical model, the physical model,
security issues, data definitions, and so on. At the end of this
process, you should have a populated metadata layer which
including data Performance, data Stability, data Interface
efficiencies, data Schema efficiencies.
In addition, you need to create a data dictionary as a base
to hold all of the metadata and other information about the
data you analyze. We do these per system because in many
instances, the systems are so different that it is difficult to find
a common set of properties to track in the data dictionary.
Information typically tracked includes:
_ The reason for the existence of particular data elements
_ Ownership
_ Format
_ Security parameters
_ The role within both the logical and physical data
structures.
2) Services policies:
Requires defining all relevant metaservices, including:
If the services are loose coupling? We can break down
loose coupling into a few basic patterns: the candidate
applications, location independence, communication
independence, security independence, and instance
independence.
You need to create a services dictionary as a base to
hold all of the metaservices and other information
about the services you analyze.
The ability to invoke services as if they were native no
matter where they exist, on-premise or cloud-based,
over the local network or the Internet.
The ability to mix and match services within composite
applications or processes, since the interfaces are
typically standard (e.g., Web Services Description
Language and Simple Object Access Protocol).
The ability to manage and govern services
centrally.[17]
3) Business process management policies:
Define processes using a standards-based mechanism that
defines how Web Services and cloud-based services work
together, including business logic, sequencing, exception
handling, and process decomposition, as well as service and
process reuse.
Modeling or the ability to create a common, agreed-
upon process among computer systems, either on-
premise or cloud-based, automating the integration of
all information systems to react in real time to business.
Monitoring or the ability to analyze all aspects of the
business and enterprise or trading community to
determine the current state of the process in real time.
Optimization or the ability to redefine the process at
any given time in support of the cloud-based business
and thus make the process more efficient.
B. Governance: Operational Model
Following is the list of the core operational elements part
of the governance model and their basic properties. [8]
1) Authentication:
Interfacing with most identity and access management
systems.
2) Authorization:
Fine grained authorization management including attribute-
and role-based authorization models.
3) Audit:
Collection of information related to events and transaction
processing on the PEP (Policy Enforcement Point).
4) Monitoring:
Collecting rich data sets describing both individual
transaction data and aggregate counters, and generation of
graphs and reports to summarize these.
5) Adaptation/Transformation:
Alteration of the physical data stream in flight. Can be used
to provide interface versioning, or to produce entirely new
aggregate services that combine results from several individual
service calls.
6) Metadata repository:
Often referred to as a policy store or simply repository, the
role of this infrastructure is to allow storing metadata such as
policies, taxonomies or ontology. Together with the service
registry, this is the most commonly found element in existing
governance solution.
C. Governance: Management Model
Following is the list of the core management elements part
of the governance model and their basic properties. Figure 3.
presents a top level view of the model.
1) Policy Management
The policy management is composed of four parts:
Generic Policy Ontology (GPO), Application Specification
Ontology (ASO), Policy Repository (PR) and the Policy
Specification Service (PSS).
The Generic Policy Ontology defines the common
concepts that are used in the policy specification.
The Application Specification Ontology defines the
concepts that are used in cloud environment.
The Policy Repository stores all polices that end-users
have given that suitable for the special context of
business process.
The Policy Specification Service is encapsulated in
policy agents. It reduces the composite tasks to sub
tasks and detects the policy conflicts.
Governance
interface
Policy
management
Services
registery
Master repository
Slave Logs
Logs
services
services
services
services
services
polices
polices
Services domain User domain Runtime governance domain
services
Slave repository
On-premise
Services
Services
management

S
e
l
e
c
t

a

s
e
r
v
i
c
e
monitoring
Risk
management
Security
management

Figure 3. Governance means controlling access to service using policies,
tracking Services using repositories, and logging and monitoring the execution
of those Services. The master repository track the enterprises records and the
slave repository track the records in the cloud.
2) Security Management Model
Integration.
Look for integration points with security and identity
management technologies you already have, such as Active
Directory, and controls for role-based access and entity-level
applications.
Privacy.
Make sure a cloud service includes data encryption,
effective data anonymization, and mobile location privacy. [9]
Access.
When you place your resources in a shared cloud
infrastructure, the provider must have a means of preventing
inadvertent access.
Jurisdiction.
The location of a cloud providers operations can affect
the privacy laws that apply to the data it hosts. Laws may limit
the ability of agencies to store official records in the cloud. [19]
3) Services Management Model
Service discovery
Service discovery refers to the process of finding,
analyzing, and detailing an existing service and the use of a
policy to govern that service. The great thing about this feature
is that you simply enter in the location of the service, and the
runtime service governance technology does the rest, including
entering aspects of the service into the repository.
Service delivery
Service delivery is the process of moving services from
development to execution or production. Moreover, it means
moving services from a staging to execution environment, such
as on-premise to cloud-computing platforms.
SLAs management
Setting and maintaining appropriate service levels refers
to making sure that all of the services execute per the service
agreements and preset levels. This is especially important in an
architecture that leverages cloud computing since they may
come with SLAs, or service level agreements, that must also be
managed.
Errors and exceptions management
Any errors and exceptions that occur are captured,
analyzed, and perhaps recovered from automatically. Typically
this means that those who implement the policies must define
how errors and exceptions should be managed for a specific
service, or group of services. The objective is to recover from
most errors and exceptions without human intervention, if
possible.
Auditing and logging management
Auditing and logging means tracking the execution of the
services and the policies, including what they do, when they do
it, and who they do it with. This allows those who manage the
holistic architecture to analyze auditing and logging
information to determine why problems occurred, or better yet,
prevent them. Auditing is required by many legal compliance
standards, such as those imposed on public companies or those
in regulated vertical markets.
4) Risk Management Model
A risk assessment framework will be developed
leveraging existing methodologies. This framework
will be tailored to the CSPs processes and will be
accompanied by a risk assessment process definition.
The CSPs compliance requirements will be
rationalized to support the development of the unified
control matrix.
The unified control matrix will be developed and
mapped against current control processes with gaps
identified.
KPIs will be defined to monitor progress and provide a
basis for ongoing measurement and project
management office dashboard reporting. [8]
VI. SUMMARY
In this paper, the authors have provided an overview of an
outline model for cloud governance. This model is based on
requirements that underline the need for policy and process
management, services life-cycle management, visibility and
contextualization. In this domain, such a framework is a
prerequisite for successfully implement cloud computing.
ACKNOWLEDGMENT
There are a bunch of people to thank for this paper,
including meina-Song and junde-Song xiaoqi-zhang. This
paper would not exist but for their faith in me, and I offer them
my heartfelt thanks.
REFERENCES
[1] Service-oriented architecture, available at
http://en.wikipedia.org/wiki/Service_Oriented_Architecture.
[2] http://www.itbusinessedge.com/
[3] http://www.layer7tech.com/main
[4] http://www.zapthink.com/
[5] Michael R. Head, Anca Sailer, Hidayatullah Shaikh, Mahesh
Viswanathan, "Taking IT Management Services to a Cloud," cloud,
pp.175-182, 2009 IEEE International Conference on Cloud Computing,
2009
[6] http://news.zdnet.com/2100-9595_22-287001.html
[7] Buyya, R., et al., Cloud computing and emerging IT platforms: Vision,
hype, and reality for delivering computing as the 5th utility. Future
Generation Computer Systems, 2009. 25(6): p. 599-616.Tim Mather,
Subra Kumaraswamy, Shahed Latif Cloud Security and PrivacyA
practice Perspective on Risks and Compliance ISBN 978-596-802769
[8] David S. Linthicum Cloud Computing and SOA convergence in Your
Enterprise ISBN 0-13-600922-0
[9] Cloud Security Alliance December 2009 Security Guidance for Critical
Areas of Focus in Cloud Computing V2.1
[10] Pankaj Goyal, Ph.D., Senior Member IEEE, Rao Mikkilineni, Ph.D.,
Member IEEE Policy-based Event-driven Services-oriented
Architecture for Cloud Services Operation &Management 2009 IEEE
International Conference on Cloud Computing
[11] Hyuck Han, Shingyu Kim, Hyungsoo Jung, Heon Y. Yeom, Changho
Yoon, Jongwon Park, Yongwoo Lee, A RESTful Approach to the
Management of Cloud Infrastructure 2009 IEEE International
Conference on Cloud Computing
[12] http://www.vordel.com/products/vx_gateway/
[13] http://www.ibm.com/developerworks/xml/library/x-cloudpt3/
[14] http://www.perspecsys.com/cloud-salesforce.php
[15] L. Rodero-Merino, L.M. Vaquero, V. Gil, F. Galan, J. Fontan,
R.S.Montero, I.M. Llorente, From infrastructure delivery to service
management in clouds, Future Generation Computer Systems (2010),
doi:10.1016/j.future.2010.02.013
[16] Tan, P., et al. A Survey of Policy-Based Management Approaches for
Service Oriented Systems. in Software Engineering, 2008. ASWEC
2008. 19th Australian Conference on. 2008.
[17] Ravi Iyer , Ramesh Illikkal, Omesh Tickoo, Li Zhao, Padma Apparao,
Don Newell VM3: Measuring, modeling and managing VM shared
resources Intel Corporation, 2111 NE 25th Ave., Mailstop JF2-58,
Hillsboro OR 97124, United States
[18] Lalana Kagal, Tim Finin, and Jim Hendler Policy Management for the
Web A workshop held at the 14th International World Wide Web
Conference Tuesday 10 May 2005, Chiba Japan
[19] Tim Mather, Subra Kumaraswamy, and Shahed Latif Cloud Security
and Privacy Published by OReilly Media, Inc., 1005 Gravenstein
Highway North, Sebastopol, CA 95472