Modeling Accountable Cloud Services Based on Dynamic Logic for Accountability

Modeling Accountable Cloud Services Based on Dynamic Logic for Accountability

Jun Zou (Department of Computing, Macquarie University, Sydney, Australia), Yan Wang (Department of Computing, Macquarie University, Sydney, Australia) and Mehmet A. Orgun (Department of Computing, Macquarie University, Sydney, Australia)
Copyright: © 2015 |Pages: 30
DOI: 10.4018/IJWSR.2015070103
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

Cloud computing services have been increasingly considered by businesses as a viable option for reducing IT expenditure. However, there are often associated problems with unmanaged accountability. This paper first analyses the accountability properties of a cloud service and then proposes the accountable cloud service (ACS) model to address those problems. In addition, the authors argue that from an accountability perspective a cloud service is a proactive system that needs to be modeled differently from the traditional reactive systems. They extend traditional structural operational semantics to cater for modeling of actors as well as scenarios of inaction and exception in state transitions. This leads to the creation of a new form of a process algebra called Accountable Process Algebra (APA). They also propose an Obligation Flow Diagram (OFD) as a simple method for conflict resolution and verification for the ACS model. The ACS model enables obligation specification, validation, decomposition, machine-interpretation, monitoring and reasoning, and ultimately facilitates accountability in cloud service consumption. Using Amazon S3 service as a case study, they show how to address those known accountability problems by using our ACS model. Finally the authors discuss the applicability of their model to cloud services in general.
Article Preview

1. Introduction

1.1. Background

Recently cloud computing has emerged as a new business model that turns IT capabilities into e-services. The sustainability of this business model largely depends on whether the accountability of cloud services can match that of the traditional IT services. By accountability, we mean a clear disclosure of service obligations; faithfully honoring disclosed obligations, or otherwise assuming the liability for the unsatisfactory performance of the obligations (Zou, Wang & Lin, 2010). Traditionally, accountability in service is achieved through the enforcement of a legal and paper-based contract. In a cloud service context, using a paper-based contract is no longer effective. The current practice is for service providers to publish a terms and conditions page and a text-based SLA for their offerings on their web-site like Amazon’s S3 (seehttps://aws.amazon.com/cn/s3-sla) does. This form of contract is called a web-enabled paper-based contract. In its plain-text form, a web-enabled paper-based contract can neither be interpreted by software agents, nor used as a basis for monitoring the execution of a contract. Although policy management tools, such as Ponder and KAoS, can be adopted to represent obligations in a formal manner, their strengths lie in specifying policies on fine-grained objects, lacking generality (Phan et al.,2008) and an overarching process view that is required in dealing with service participants’ obligations in service collaborations.

While Service Level Agreement (SLA) is an extensively researched topic and it can be represented by existing approaches such as WSLA, WS-Agreement, SLAng (Skene, Raimondi, and Emmerich, 2009), in essence, the service level only covers non-functional requirements, missing the crucial functional requirements for business. Thus, the existing approaches neither enable the disclosure of service obligations, nor allow a software agent to decide which party is responsible for what action, and which party is liable for what result. This is evident in today’s cloud market, where there are no formal policy based or SLA languages used in representing service contracts. Hence the consumer has no effective means to detect the violation of service obligations, and service provider can hardly be held accountable. As such, currently the accountability of cloud services on the market is a serious concern. This may become a major obstacle for enterprise customers to take up those cloud services. Therefore it is critical to build an accountability model for cloud services.

Such an accountability model should provide:

  • 1.

    A representation language that is declarative and machine interpretable so that the obligation statements in a cloud service contract can be checked and interpreted automatically;

  • 2.

    A collaboration process and diagram notation that clearly illustrate the interaction behavior between the service provider and the consumer, and therefore facilitating reasoning about obligation fulfillment and liability assignment; and

  • 3.

    A tool for enabling the validation of the consistency of the model.

We call this model an accountable cloud service (ACS) model.

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 14: 4 Issues (2017)
Volume 13: 4 Issues (2016)
Volume 12: 4 Issues (2015)
Volume 11: 4 Issues (2014)
Volume 10: 4 Issues (2013)
Volume 9: 4 Issues (2012)
Volume 8: 4 Issues (2011)
Volume 7: 4 Issues (2010)
Volume 6: 4 Issues (2009)
Volume 5: 4 Issues (2008)
Volume 4: 4 Issues (2007)
Volume 3: 4 Issues (2006)
Volume 2: 4 Issues (2005)
Volume 1: 4 Issues (2004)
View Complete Journal Contents Listing