|
creator |
Anstett, Tobias
| | Karastoyanova, Dimka
| | Leymann, Frank
| | Mietzner, Ralph
| | Monakova, Ganna
| | Schleicher, Daniel
| | Strauch, Steve
| date |
2009-11-24
| | | description |
Outsourcing parts of a company's processes becomes more and
more important in a globalized, distributed economy. While archi-
tectural styles and technologies such as service-oriented
architecture and Web services facilitate the distribution of
business process over several departments, enterprises and
countries, these business processes still need to comply with
various regulations. These regulations can be company regulations,
national, or international regulations. When outsourcing
IT-functions, enterprises must ensure that the overall regulations
are met. Therefore they need evidence from their outsourcing
partners that supports the proof of compliance to regulations.
Furthermore it must be possible to enforce the adherence to
compliance rules at partners. In this paper we introduce so-called
compliance interfaces that can be used by customers to subscribe to
evidence at a provider and to enforce regulations at a provider. We
introduce a general compliance architecture that allows compliance
to be monitored and enforced at services deployed in any emerging
cloud delivery model.
| |