{ "access": { "embargo": { "active": false, "reason": null }, "files": "public", "record": "public", "status": "open" }, "created": "2017-07-28T09:18:25.722394+00:00", "custom_fields": { "meeting:meeting": { "acronym": "IEEE CLOUD 2017", "dates": "25-30 June 2017", "place": "Honolulu/Hawaii", "title": "10th IEEE International Conference on Cloud Computing", "url": "http://www.thecloudcomputing.org/2017/" } }, "deletion_status": { "is_deleted": false, "status": "P" }, "files": { "count": 1, "enabled": true, "entries": { "Mantus-Putting-Aspects-to-Work-for-Flexible-Multi-Cloud-Deployment.pdf": { "checksum": "md5:cd28fb12f2871f8bb273e2d57119ae23", "ext": "pdf", "id": "ef5e8d6e-e98f-4c2d-b086-793331dda94a", "key": "Mantus-Putting-Aspects-to-Work-for-Flexible-Multi-Cloud-Deployment.pdf", "metadata": null, "mimetype": "application/pdf", "size": 668652 } }, "order": [], "total_bytes": 668652 }, "id": "835729", "is_draft": false, "is_published": true, "links": { "access": "https://zenodo.org/api/records/835729/access", "access_links": "https://zenodo.org/api/records/835729/access/links", "access_request": "https://zenodo.org/api/records/835729/access/request", "access_users": "https://zenodo.org/api/records/835729/access/users", "archive": "https://zenodo.org/api/records/835729/files-archive", "archive_media": "https://zenodo.org/api/records/835729/media-files-archive", "communities": "https://zenodo.org/api/records/835729/communities", "communities-suggestions": "https://zenodo.org/api/records/835729/communities-suggestions", "doi": "https://doi.org/10.5281/zenodo.835729", "draft": "https://zenodo.org/api/records/835729/draft", "files": "https://zenodo.org/api/records/835729/files", "latest": "https://zenodo.org/api/records/835729/versions/latest", "latest_html": "https://zenodo.org/records/835729/latest", "media_files": "https://zenodo.org/api/records/835729/media-files", "parent": "https://zenodo.org/api/records/835728", "parent_doi": "https://zenodo.org/doi/10.5281/zenodo.835728", "parent_html": "https://zenodo.org/records/835728", "requests": "https://zenodo.org/api/records/835729/requests", "reserve_doi": "https://zenodo.org/api/records/835729/draft/pids/doi", "self": "https://zenodo.org/api/records/835729", "self_doi": "https://zenodo.org/doi/10.5281/zenodo.835729", "self_html": "https://zenodo.org/records/835729", "self_iiif_manifest": "https://zenodo.org/api/iiif/record:835729/manifest", "self_iiif_sequence": "https://zenodo.org/api/iiif/record:835729/sequence/default", "versions": "https://zenodo.org/api/records/835729/versions" }, "media_files": { "count": 0, "enabled": false, "entries": {}, "order": [], "total_bytes": 0 }, "metadata": { "creators": [ { "affiliations": [ { "name": "Orange Labs" } ], "person_or_org": { "family_name": "Palesandro", "given_name": "Alex", "name": "Palesandro, Alex", "type": "personal" } }, { "affiliations": [ { "name": "Orange Labs" } ], "person_or_org": { "family_name": "Lacoste", "given_name": "Marc", "name": "Lacoste, Marc", "type": "personal" } }, { "affiliations": [ { "name": "Universit\u00e9 de Lyon, CNRS, INSA-Lyon, LIRIS" } ], "person_or_org": { "family_name": "Bennani", "given_name": "Nadia", "name": "Bennani, Nadia", "type": "personal" } }, { "affiliations": [ { "name": "Universit\u00e9 de Lyon, CNRS, IAE" } ], "person_or_org": { "family_name": "Guegan", "given_name": "Chirine Ghedira", "name": "Guegan, Chirine Ghedira", "type": "personal" } }, { "affiliations": [ { "name": "Orange Labs" } ], "person_or_org": { "family_name": "Bourge", "given_name": "Denis", "name": "Bourge, Denis", "type": "personal" } } ], "description": "
Cloud provider barriers still stand. After a decade of cloud computing, customers struggle to overcome the challenge
\nof crossing multi-provider clouds to benefit from fine-grained resource distribution, business independence from CSPs and cost savings. Although increasingly popular, most adopted IaaS intercloud solutions are generally limited to specific public cloud providers or present maintainability issues. Remaining hurdles include complexity of management and operations of such infrastructures, in presence of per-customer customizations and provider configurations. The\u00a0 Infrastructure as Code (IaC) paradigm is emerging as key enabler for IaaS multi-clouds, to develop and manage infrastructure configurations. However, due to complexity of the infrastructure life-cycle, to heterogeneity of composing resources and to user-customizations, this approach is far from being viable. In this paper, we explore an aspect-oriented
\napproach to IaC deployment and management. We propose Mantus, a IaC-based multi-cloud builder composed of an aspectoriented Domain-Specific Language called TML, or TOSCA Manipulation Language, and a corresponding aspect weaver to inject flexibly non-functional services in TOSCA infrastructure templates. We show the practical feasibility of our approach, with also good results in terms of performance and scalability.
SUPERCLOUD aims to support user-centric deployments across multi-clouds, enabling the composition of innovative trustworthy services, to uplift Europe’s innovation capacity and thus improve its competitiveness. SUPERCLOUD will thus build a security management architecture and infrastructure to fulfil the vision of user-centric secure and dependable cloud of clouds.
\r\n\r\nMotivation:
\r\nDespite many benefits in terms of business, distributed cloud computing raises many security and dependability concerns. At stake are an increase in complexity and a lack of interoperability between heterogeneous, often proprietary infrastructure technologies. The SUPERCLOUD project proposes new security and dependability infrastructure management paradigms that are:
\r\n\r\n
Concept:
\r\n\r\nOur approach will be to de\u001f ne a new distributed architectural plane, the SUPERCLOUD, providing an end-to-end interface both between user-centric and provider-centric views of multiple clouds. Its role will be both to provide a distributed resource abstraction and \u001d exible but uni\u001f ed control for management
\r\nof security and resilience.
Objectives:
\r\n\r\nSelf-Service Security: Implementation of a cloud architecture that gives users the \u001d flexibility to define their own protection requirements and instantiate policies accordingly.
\r\nSelf-Managed Security: Development of an autonomic security management framework that operates seamlessly over compute, storage and network layers, and across provider domains to ensure compliance with security policies.
\r\nEnd-to-End Security: Proposition of trust models and security mechanisms that enable composition of services and trust statements across different administrative provider domains.
\r\nResilience: Implementation of a resource management framework that composes provider-agnostic resources in a robust manner using primitives from diverse cloud providers.