SW Stack Compliance and Deployment
Publication Date: 2013-Mar-26
The IP.com Prior Art Database
Proposed is a system and a method which enable a corporate cloud provider to automatically send compliant software master images to a partner cloud environment, and run automated compliance checks for said master images and derived from those customized partner images in the partner cloud environment.
Page 01 of 4
Ensuring Software Stack Compliance in a Multi-Cloud Environment
Complex data centers hosting partner cloud environments of multiple providers (partners), where said partner cloud environments are operated in the same governance context of one corporate cloud provider.
Multi-provider cloud environments use multi-provider policies, e.g. for security requirements. A corporate cloud provider has a strong vital interest, that the corporate policies are implemented by each partner cloud provider. Often, communication from the corporate cloud provider to the partner cloud provider is based on documents like DOUs and policy agreements. Where each of both parties rely on each other that said documented policies are followed. At the same time, electronic communication between corporate and partner cloud environments is lacking, because the adherence to the corporate compliance policies of the partner cloud environment is unclearly documented and cannot be electronically managed.
Because said documents are maintained and applied manually by human, their currency and misinterpretation is high.
Therefore, a corporate cloud provider runs a manual compliance check based on the deliverables of each partner cloud provider. This is error-prone and time consuming. For said corporate cloud provider this process is an extra workload, and for the partner cloud provider it is a waste of time.
Proposed is a system Fig. 1 and a method Fig. 2 which enable a corporate cloud provider to automatically send compliant software master images to a partner cloud environment, and run automated compliance checks for said master images and derived from those customized partner images in the partner cloud environment. Said method utilizes new program interfaces provided by the partner cloud provider.
All manual steps are eliminated. As a result, human error is eliminated. Also, human processing time requirements are eliminated. Thus, deployment time of software stacks in partner cloud environments is accelerated, error rate is reduced, and compliance to corporate policies is ensured.
Page 02 of 4
Fig 1: Solution Overview
In Fig. 1, one or more OS vendors 5 provide either an initial OS 10 and/or updates 11 of an existing OS. A Corporate Cloud System 80 uses an initial OS 10 to build an OS Master Image 12 or integrates updates to an existing OS Master Image 12. Optionally a Security Stack 14, an Application Stack Variants 16 and Optimization Stack 18 are applied to the OS Master Image 12. This Master image is managed by a Corporate Master Image Management 20 that runs on a Corporate IT Master Server. Within the Corporate Cloud System 80 an OS Master Image is deployed on static/dedicated End- Users Corporate Server 22. A "System Agent" on each of the Corporate Server Variants reports server information, e.g. resource (CPU, memory, disk, …) usage of an end u...