Are you SLA-Ready? Nicholas Ferguson Trust-IT Services & SLA-Ready
SLA-Ready Workshop | Cloud Forward 2016 19 August 2016 | Madrid, Spain
What is SLA-Ready? Making SLAs readily usable in the EU private sector Contribute to creating greater transparency & trust in cloud SLAs Provide a SLA Common Reference Model Educate and empower (prospective) cloud customers Encourage a culture of trust & transparency amongst providers Contribute to standardisation in cloud SLAs.
1/1/2015 – 31/12/2016
Partners SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016
Cloud as an enabler of IoT, BigData and innovation SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016
The times they are a changin’
Source: Blue Skies Ahead? The State of Cloud Adoption, Intel Security 2016; Cyber Security Breaches Survey, UK Gov 2016
BUT! Is it really so clear cut? SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016
SMEs need more support
Complex terminology & legal uncertainty
Are my data secure and how are SLOs monitored?
How to unsubscribe/change provider?
How do we overcome these challenges? SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016
“You won’t need an IT guy. You’ll need a SLA expert!” Raj Samani - CTO at INTEL Security @SecureCloud2016 Dublin Ireland
TRANSPARENCY & TRUST IN CLOUD SLAs SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016
The SLA Common Reference Model Service Contact credit availability Choice of Update law frequency Personal data SLOs Roles & SLA Unilateral Language responsibilitie change sMachine-readable SLA duration SLO metrics
Security SLOs
Case studies, state of practice, standards & best practice Technical, Security, Legal, Socio-economic user requirements: 30 essential elements of an SLA were identified and divided into 8 groups www.slaready.eu/commonreference-model
The foundation for support to customers and providers 8
SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016
Help to cloud customers Over 20 cloud SLA use cases
Use cases mapped & soon to be searchable by: •User type •User maturity •Cloud lifecycle phase •Cloud usage
Helping customers see what others are http://www.sla-ready.eu/sla9 doing SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016 ready-new-use-cases
Help to cloud customers SLA-AID – Online tool 30 Questions to navigate your way through cloud SLAs • Questions cover Common Reference Model elements • Helping customers decide on importance for each element • Recommendations reflect good practice for each element • Recommendations ordered by priority for end-user • Customised downloadable Leading customers in a step-wise report available approach to comparing SLAs http://sla-aid.sla-ready.eu/
10
SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016
Supporting Cloud Service Providers provide transparent and trusted SLAs SLA Self-assessment service CSP SLA questionnaire based on Reference Model Repository of assessed SLAs SLA-Readiness Index ranks SLA on transparency Sustained beyond SLAReady through the CSA Encouraging a culture of transparent Star Watch and trusted cloud SLAs 11
SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016
SME workshops for customers & providers Promoting SLA-Ready tools & services to European ICT Clusters and National Trade Associations
12
SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016
Thank you! Nicholas Ferguson, Trust-IT Services
[email protected] @SLAReady ready.eu
www.sla-
SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016
SLA-Ready Common Reference Model Cloud Forward 19 October 2016
SLAs and the Cloud Contracts and Service Level Agreements (SLAs) are key components defining cloud services, but….. SLAs are the least understood cloud attributes Complex language and terms of service (technical and legal)
Lack of widely accepted standard frameworks, vocabularies Uncertainties as to what is regulated, who is responsible and which laws actually apply
Diminish trust in cloud services and limit its uptake
10/24/2016
SLA-Ready
15
SLA-Ready Common Reference Model (CRM) CRM is a reference specification for building Cloud SLAs Compiles: Standards & Best practices Research activities Analysis of economical, sociological and legal domains
10/24/2016
SLA-Ready
16
SLA-Ready CRM: Inception Standardizatio EC n bodies ISO/IEC ETSI TR 103 SMART 125
EC C19086-1 CSCC SIG
EU projects SPECS A4Cloud Cumulus SLALOM
Industry
Technical perspectiv e
Economic perspectiv e
Legal practices Market feedback
Sociologic al perspectiv e
Legal and governanc e perspectiv e
CRM 10/24/2016
SLA-Ready
17
SLA-Ready CRM hierarchy: elements Groups (8) General
Freshness Readability Support Credits
CRM Elements (30) SLA URL Findable Choice of Roles and Cloud SLA Law responsibilitie Definitions s Revision Update Previous versions and SLA Duration date Frequency revisions
SLA Machine-readable format Number of pages Language Contact support Contact availability Service Credit
Service credit assignment
Changes
SLA change notifications
Reporting
Service levels reporting
SLO & Metrics 10/24/2016
Specifi ed SLO metrics
Service level continuous Gener reporting Performan al ce SLOs SLA-Ready
Max. Service credits provided
Unilateral change Feasibility of General carvespecials and outs customizatio nsReliabilit Data Securit PD y
Mgmnt y .
P 18
SLA-Ready CRM: Elements and components of the SLO & Metrics group
10/24/2016
SLA-Ready GM - Darmstadt
19
Using the CRM
Analysis Recommendatio n
CRM
Readiness index Evaluation techniques
Ranking Comparison s Repository
10/24/2016
SLA-Ready
20
Using the CRM
Analysis Recommendatio n
CRM
Readiness index Evaluation techniques
Ranking Comparison s Repository
10/24/2016
SLA-Ready
21
Recommendation based on the CRM Problem: SME wants to offer/use cloud services What SLA to offer? What elements to include?
Solution: recommendation based on the CRM Result: Level of importance of every element of the CRM based on the type of business case Easy: Requires just a high level description of the business case Precise: Technique based on machine learning 10/24/2016
SLA-Ready
22
Recommendation methodology A company will provide cloud services to hospitals for genetic testing on its patients, by combining public and private cloud applications
Use cases studied
High level description of a business case
Recommende r
CRM Recommendation
Red: high importance. Yellow: medium importance. Green: low importance
10/24/2016
SLA-Ready
23
Using the CRM
Analysis Recommendatio n
CRM
Readiness index Evaluation techniques
Ranking Comparison s Repository
10/24/2016
SLA-Ready
24
CSP evaluation based on the CRM Inputs available: Surveys to CSPs about the adoption of the CRM Self assessment of CSPs based on the CRM using: Publicly available information (i.e., Web site) SLA repositories (i.e., CSA STAR repository)
Assessment technique used: QHP (Quantitative Hierarchy Process) Developed in DEEDS (TUDA) for security assessment Adapted to use the CRM as input Allows to evaluate at any level of the CRM 10/24/2016
SLA-Ready
25
Results of CSP evaluation Evaluation at the SLO & Metrics group
Global score Evaluation at group level
10/24/2016
SLA-Ready
26
Thank you!
Our panellists Frank Bennett, iCloud Ltd & Deputy Chair of Cloud Industry Forum – Market perspective Janneke Breeuwsma, Arthur’s Legal & SLA-Ready – Legal perspective Carlos Rubia Marcos, Wellness Telecom & ENTICE project - Provider perspective Paweł Skrzypek, 7Bulls – Provider perspective George Suciu, Beia Consult & SWITCH Project – Customer perspective Ruben Trapero, Technical University of Darmstadt & SLA-Ready – Technical perspective SLA-Ready Workshop @ Cloud Forward 2016, 19 August 2016