Skip to main content

SLA-Ready: Making Cloud SLAs readily usable in the EU private sector

Periodic Reporting for period 1 - SLA-Ready (SLA-Ready: Making Cloud SLAs readily usable in the EU private sector)

Reporting period: 2015-01-01 to 2015-12-31

Cloud computing has now reached a point where it is truly accessible to all types of organisations and pretty much a staple in the start-up culture, radically reducing the barriers to entry in any sector. However, negotiating a Cloud Service Level Agreement (Cloud SLA) is usually the reserve of large organisations with negotiating powers. By contrast, most small firms are typically offered a standard agreement, which they either accept or decline.
SLA-Ready aims to change this state of play by providing a common understanding of Service Level Agreements (SLAs) for Cloud services with greater standardisation and transparency so small firms can make an informed decision on what services to use, what to expect and what to trust. SLA-Ready aims to provide a service-oriented approach to cloud services and service level agreements that match the specific and evidence-based needs of the private sector in Europe. Meeting these needs is key to overcoming the different barriers to the uptake of cloud services, whether that be lack of knowledge or a lack of understanding of cloud contracts/SLAs. SLA-Ready services will support SMEs with practical guides, and a social marketplace, encouraging them to carefully plan their journey and make it strategic through an informed, stepping-stone approach, so the Cloud and applications grow with their business.
From SLA-Ready DoA Part B.
The overriding goal of SLA-Ready is to increase cloud customers understanding of SLAs and boost uptake especially in the European private sector. SLA-Ready will have the following four objectives in order to achieve its main goal, through a set of concrete sustainable and exploitable outputs:
• Objective 1: To elicit sector-specific technological, socio-economic and legal requirements supporting the definition of a reference model for SLAs.
• Objective 2: To improve the uptake of cloud computing in the European private sector by developing the SLA-Ready reference model, an integrated set of SLA components (e.g. common vocabularies, SLO service metrics and measurements), plus best practices and relevant standards to fill identified gaps in the current cloud SLA landscape.
• Objective 3: To improve the competitive position of Europe in the cloud sector, with a set of actions that include actively engaging, influencing and ensuring coordinated, global collaborations with relevant standardization bodies and technical recommendations initiatives in the cloud SLA field.
• Objective 4: To educate and empower (prospective) cloud customers with services, tutorials (web-based and hands-on) and showcases to facilitate the management and make informed decision about SLAs throughout the service lifecycle.
The above objectives will help ensure SLA-Ready’s envisioned sustainable social marketplace for cloud SLA, through community-focused digital platforms and concrete partner exploitation plans. This will also ensure that we promote the SLA-Ready message to the European business community by building on an extensive partner network and focused communication tools.
The consortium will be assisted by a group of external partners – the SLA-Ready Advisory Board (AB) - chosen for their unique know-how and expertise in relevant areas of cloud computing (e.g. standardisation and technology), covering issues also related to privacy and security. The broad interest base of the AB members will enable the project not only to widen its scope, but also to have the makings of the broadcast channels back into the CC domains of the private sector.
SLA-Ready is a 24-month project. The main achievements in M1-12 are outlined below:
Identifying requirements emerging from an analysis of the state-of-the-art
D2.1 and 2.2 have built on top of relevant best-practice works (reports, projects, standards, in particular the ISO/IEC 19086 standard) and recommendations (in particular the EC report on Cloud SLA and the Cloud Select Industry Group (CSIG) SLA “Cloud SLA Standardisation Guidelines”). The deliverable also utilises SLAs gathered from a representative set of worldwide public Cloud Service Providers (CSPs).
D2.2 is the final compilation of the State of Practice (SoP) of SLA attributes covering the areas of security, personal data protection, legal, sociological and economic aspects with a particular focus on metrics. The sociological analysis elicits requirements mainly from a cloud service customer, especially the levels understanding and acceptance of the Cloud SLA in the early stages of the lifecycle. Eliciting requirements in these phases can help shed light on barriers to the adoption of cloud services and how we might overcome them. Relevant findings from both D2.1 and D2.2 will feed into D2.3 (a Common Reference Model (CRM) along with a set of use cases that will also feed into WP4 activities.
Findings include:
• Compiling a set of SLA-related information spanning the state-of-the-art/practice (SoA/SoP), to elicit the key SLA requirements: technical (performance, security and privacy), legal and socio-economic.
• Definition of a Cloud SLA management service life cycle that is used to elicit the Common Reference Model (CRM) requirements
• Definition of a methodology to retrieve CRM requirements based on a template, considering the SLA life cycle and also contextualized to the Use Cases reported by ETSI CSC.
• Identifying & structuring the SLA legal ecosystem.
• Developing & validating the SLA life cycle.
• Establishing CRM requirements on the four main SLO categories: Performance, Cybersecurity, Data management and (personal) data protection.
• Defining the foundations of the CRM based on the analysis of elicited requirements
• Initial design of a public repository of SLAs
Contributing to a trusted cloud by contributing to standardisation activities
A core activity within SLA-Ready is international co-operation and standardisation with the aim of building consensus on best/good practices through an-depth analysis of the current standards landscape and industry-led initiatives. The SLA-Ready strategy focuses on the project’s contribution to a selected group of SSOs, as well as a methodological approach to develop and orchestrate the actual contribution. This was based on a cloud SLA standardisation landscape which considers standardisation bodies, working groups developing related best practices, and research initiatives (e.g. past/on-going EU-funded projects) also working on this particular field (contribution to Cloud SLA standards) (See D3.1). The strategy also took into account how opportune contribution is based on revision status of said standard. Standards/best practices followed by SLA-Ready are listed in tables 3 & 8, D3.2) with activities focussing in particular on ISO/IEC 19086 Part 1-4, ETSI CSC Phase II, CSA CloudTrust and Cloud Trust Protocol Working Groups, C-SIG SLA (D3.2). SLA-Ready has also contributed to international consensus on cloud SLAs through support to NIST’s Cloud service metrics (CSM) working group.
To support project activities, SLA-Ready has set up an advisory board of international experts on cloud SLAs. The board has been active in the first 12 months by contributing firstly to the identification of relevant standards and best practices most suitable for timely contributions; guidance on the type of engagement with standards groups, in particular ISO/IEC 19086 and also ETSI CSC and NIST CSM. In addition , the experts validated user requirements identified as part of D2.1 with the final list published in D2.2.
Community building
SLA-Ready has laid the foundations for the wide dissemination of project outputs being rolled out in year two in several ways. Firstly, we have played an active role at 29 events, educating industry audiences on multi-faceted cloud SLAs and advocating SLAs as key to building trust around cloud services.
Secondly, we have started to build up an engaged community covering both the demand and supply sides of cloud services. This community spans EU28 and non-EU Cloud Service Providers, current and prospective customers, policy and decision makers, business and IT associations, and leading standards organisations.
Thirdly, we have established strategic alliances with relevant EU projects, most notably the DPSP Cluster with joint event hosting and inputs. In the international arena, we have engaged with NIST on SLA-related issues.
SLA-Ready Marketplace
SLA-Ready has focused on the requirements for the design and development of the marketplace, its tools and services based on the current evidence collected. We have given priority to services that fill identified gaps in today’s landscape, especially from an SME perspective, leveraging also our networked community. We have identified like-minded, industry-focused initiatives for future linking of the marketplace as part of the sustainability plan and defined plans to exploit related project
SLA-Ready aims to raise awareness and understanding of cloud SLAs which in turn can promote greater transparency and trust of CSPs for CSCs. With three key deliverables submitted in M12 (D2.2 3.2 and 4.2) the project is now at a key stage in the development of the Common Reference Model (D2.3 & 2.4) which will benefit industry by integrating a set of SLA components, such as common vocabularies, metrics and measurements for service level objectives, as well as best practices and relevant standards to fill identified gaps in the current SLA landscape. The aim is to encourage the industry to adopt standardised Cloud SLAs that are measurable and comparable. This will also be translated into the practical SLA-Ready marketplace which guides current and prospective CSCs through the entire service life cycle, drawing also on the analyses in D2.1 and D2.2 considering also human factors. This is a critical step towards better understanding the level of security and data protection offered by the CSP, and for monitoring the provider’s performance and security levels.
The SLA-Ready marketplace (T4.1 & D4.3) will be much more than an aggregator of SLAs. SLA-Ready will develop the notion of an “SLA Readiness index” as a quantitative metric to assess the conformance of a CSP SLA to SLA-Ready’s Common Reference Model (CRM). The SLA-Ready marketplace, and more in particular its SLA Repository, will contain analysed SLA information in the form on CSP’s self-assessments based on the CRM to be developed in D2.3 and D2.4.
By engaging directly with CSPs we hope to foster a culture of transparency, encouraging the implementation of standard terms and metrics in SLAs. This can help CSPs create services which will empower SMEs to make informed choices about SLAs, even compare them more easily and build trust and understanding in cloud services which can lead to greater adoption and economic growth. From a customer perspective, especially SMEs, we aim to ensure that this very dynamic sector of the EU economy becomes SLA-aware, including in terms of security and data protection levels.