170 likes | 190 Vues
This document discusses the importance of considering law enforcement interception (LI) in the context of mobile clouds. It provides definitions of cloud computing and explores its essential characteristics, service models, and deployment models.
 
                
                E N D
3GPP/SA3-LI#42 Tdoc SA3LI11_103 Malta, 30 Aug – 01 Sep 2011 Discussion on LI for Mobile Clouds Source: Rogers Wireless Contact: Ed O’Leary (ed.oleary@rci.rogers.com), George Babut (gbabut@rci.rogers.com)
Introduction • This document tries to show the relevance of considering start of SA3-LI work on aspects of Mobile Clouds Discussion on LI for Mobile Clouds
Definition of “Cloud Computing” • According to NIST: “Cloud Computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.” Discussion on LI for Mobile Clouds
Cloud Essential Characteristics (NIST) • On-demand self-service. • A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service’s provider. • Broad network access. • Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs). • Resource pooling. • The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, network bandwidth, and virtual machines. • Rapid elasticity. • Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out, and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time. • Measured Service. • Cloud systems automatically control and optimize resource use by leveraging a metering capability1 at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service. Discussion on LI for Mobile Clouds
Service Models (NIST) • Cloud Software as a Service (SaaS) • The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. • Cloud Platform as a Service (PaaS) • The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider • Cloud Infrastructure as a Service (IaaS) • The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. Discussion on LI for Mobile Clouds
Cloud Software as a Service (SaaS) / NIST • Cloud Software as a Service (SaaS) • The applications are accessible from various client devices through a thin client interface such as a web browser (e.g., web-based email). • The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings. Discussion on LI for Mobile Clouds
Cloud Platform as a Service (PaaS) / NIST • The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations. Discussion on LI for Mobile Clouds
Cloud Infrastructure as a Service (IaaS) / NIST • The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (e.g., host firewalls). Discussion on LI for Mobile Clouds
Deployment Models (NIST) • Private cloud. • The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise. • Community cloud. • The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be managed by the organizations or a third party and may exist on premise or off premise. • Public cloud. • The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services. • Hybrid cloud. • The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds). Discussion on LI for Mobile Clouds
Cloud Providers (SaaS, PaaS) Service Providers APIs Users Enterprises Cloud Computing Discussion on LI for Mobile Clouds
Enabling Mobile Cloud • Mobile Cloud • It enables the cloud services to be ubiquitously available across multiple, separate mobile network operator domains • Mobile Cloud Providers (MCP) are the “intermediaries” facilitating the implementation of a Mobile Cloud through agreements with individual network operators (based upon wholesale models) • By using a MCP the Service Providers (SPs) can have a single interface and single business relationship, but interwork with multiple network operators Discussion on LI for Mobile Clouds
Inter-Cloud? • It is a concept based on the aggregation of deployed clouds • From a service user's perspective, we can look at the Inter-Cloud as an on-demand environment where various services controlled by other organizations can be leveraged and composed. •  Services that are outside of an organization's own boundaries, operated and controlled by other organizations can become part of the aggregated portfolio of services of that organization Discussion on LI for Mobile Clouds
Mobile Cloud MNO MNO MNO MNO Mobile Cloud Cloud Providers (SaaS, PaaS) Service Providers APIs Users Enterprises Discussion on LI for Mobile Clouds
Mobile Clouds Examples relevant to 3GPP • GSMA’s OneAPI’s objective is to provide a cross-operator domains framework for Mobile Cloud Computing • Based upon OneAPI, the GSMA is acting as a Mobile Cloud Provider/Aggregator, providing SPs access to network resources and charging capabilities (NaaS type of cloud) of multiple mobile operators Discussion on LI for Mobile Clouds
Cloud Legal Aspects • It is to be expected that many cloud computing scenarios will span the laws of multiple jurisdictions. • The laws at the users’ location, at the location of the cloud provider, etc, may all potentially apply. • The same data may be stored in multiple jurisdictions at the same time and the actual location of a user’s data may be difficult to determine Discussion on LI for Mobile Clouds
Recommendations on Specific LI Aspects for Clouds • SA3-LI should start looking at LI aspects of the already deployed or soon-to-be deployed MNO cloud scenarios • The specific MNO cloud work to be done in SA3-LI may be part of the Rel 11 comprehensive LI WI, or part of Rel 12 • There are specific LI aspects for clouds to be studied, due to: • Cross-operational features of the clouds across multiple MNOs, SPs, etc • Cross-jurisdictional features of the clouds • A set of relevant Cloud Use Cases for LI purposes should be identified • Relevant LI requirements to cover the identified cloud use cases should be drawn Discussion on LI for Mobile Clouds
List of Potential Cloud Use Cases relevant to LI Work • Use Case 1: File Sharing with single MNO • Use Case 2: MNO uses a Cloud server • Use Case 3: MNO uses a Cloud server that provides redirection • Use Case 4: The MNO hosts a cloud in its network • Use Case 5: SMB or Enterprise use multiple MNO networks • Use Case 6: Same as Use Case 4, but each MNO has a Cloud Server that proxies (extension of Use Case 2) • Use Case 7: Same as use case 6, however MNO cloud server provides redirection (extension of Use Case 2a) to the 3rd party cloud App server • Use Case 8: SMB or Enterprise use multiple MNO with their own Clouds (extension of Use Case 4) • Use Case 9: Enterprise extension to the cloud • Use Case 10; Local Break Out • Note: This is not an exhaustive list of use cases Discussion on LI for Mobile Clouds