Many cloud service providers offer outsourcing capabilities to businesses using the software-as-a- service delivery model. However, challenges remain for widespread acceptance of this delivery model as it requires business critical data to be stored and processed outside the control of the business. The ability to manage data in compliance with regulatory and corporate policies, which we refer to as data assurance, is an essential success factor for this delivery model. The challenges include the ability to express service data assurance capabilities, capture customers' requirements and finally enforce these policies inside service providers' environments. This paper addresses these challenges by proposing GEODAC (Global Enforcement Of Data Assurance Controls), a policy framework that enables the expression of both service providers' capabilities and customers' requirements, and enforcement of the agreed-upon requirements in service providers' environments. High- level policy statements are backed in the service provider environment with a state machine-based representation of policies with each state representing a data lifecycle stage. Data assurance related policies including data retention, data migration, and data appropriateness for use can be described in this framework and enforced correspondingly. The approach has been implemented in a prototype tool and evaluated in a distributed services environment.
PDF
download
878987797
028-85220240
