This Wiki should serve as a starting point and be based on the Zachman framework in order to create a common understanding regarding the technical realisation for BPaaS in the cloud.

The topics of this Wiki address four communities:

1. the business process management community addressing BPaaS - Design by providing definitions, standards tools, approaches and samples. Business and IT alignment aspects are considered via semantic lifting of business process models, ITinfrastructure model, workflow models and cloud service component modelsfor the BPaaS Allocation a modeldriven approach in order to create BPaaS Cloudlets is described by elaborating the use of UML concept models, semantics and smart mechanisms to check the consistency and correctness.

1. for the BPaaS execution the workflow and SOA community providers the computer orchestration view point with standards and tools. Multi-cloud access and the service management across several cloud-infrastructures are described and approaches are pointed out the BPaaS Evaluation Environment defines how QoS and SLA need to be lifted to QoBP and how meta model extractioncanbe used for process monitoring in a multi-Cloud environment.

1. for the BPaaS execution the workflowand SOA community providers the computer orchestration view point with standards and tools. Multi-cloud access and the service management across several cloud-infrastructures are described and approaches are pointed out

1. the BPaaS Evaluation Environment defines how QoS and SLA need to be lifted to QoBP and how meta model extractioncan be used for process monitoring in a multi-Cloud environment.

Service Models (as in D1.5):\\ #

Software as a Service (SaaS):  #

Software as a Service (SaaS) is defined by NIST as The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications  are  accessible  from  various  client  devices  through either  a  thin  client interface,  such  as  a  web  browser  (e.g.,  web-based  email),  or a  program  interface. The  consumer  does  not  manage  or  control  the  underlying  cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities,  with  the  possible  exception  of  limited userspecific  application configuration settings.

Beside  the  application  specific  data  protection  challenges  and  control  of  certain  connectivity constraints (such as enforcing encrypted communications over the web front-end using https) the consumer must delegate the enforcement completely to the provider  as  the  underlying  infrastructure  and  services  are  unknown  in  terms  of  technology,  geographical  location.  An  assessment  of  the  data  protection  is  not possible via the client interfaces.  

Platform as a Service (PaaS) #

Platform as a Service (PaaS) is defined by NIST as "The capability provided to the consumer  is  to  deploy  onto  the  cloud  infrastructure  consumer created  or  acquired applications  created  using  programming  languages,  libraries, services,  and  tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control  over  the  deployed  applications  and  possibly configuration  settings  for  the application-hosting environment."

Similar to the SaaS model the consumer has only a very limited ability to control the enforcement and enactment of data protection policies and must rely on the provider to deliver the services in accordance to the required procedures and levels.

Infrastructure as a Service (IaaS):  #

Infrastructure as a Service (IaaS) is defined by NIST as "The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing  resources  where  the  consumer  is  able  to  deploy  and run  arbitrary software, which can include operating systems and applications. The consumer does not  manage  or  control  the  underlying  cloud  infrastructure  but has  control  over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls)."

As  this  model  provides  more  control  to  the  consumer  it  also comes  with  more possibilities  to  enforce  data  protection  independently  from  the IaaS  provider.  For example  on  top  of  the  provided  storage  infrastructure  (e.g. Dropbox)  a  user  can perform  the  necessary  encryption  or  distribution  of  data  parts to  meet  certain requirements but has no control about constraining the physical location of the server,  the surroundings of the server (e.g. type of room, thickness of the walls around the servers, access policies of system administrators etc.) 

Operation Models #

• Private Cloud
• Public Cloud
• Community Cloud
• Hybrid Cloud

Data Types and Classification #

• Protection Level 3 (extreme Impact)
• Protection Level 2 (high Impact)
• Protection Level 1 (moderate Impact)
• Protection Level 0 (limited Impact)