The main objective of the DECIDE project is to provide a new generation of a multi-cloud service-based software framework, enabling techniques and mechanisms to design, develop, and dynamically deploy multi-cloud aware applications in an ecosystem of reliable, interoperable, and legally compliant cloud services.
DECIDE is a research and innovation action aimed at creating a DevOps software framework enabling and facilitating the development of Multi-Cloud native applications. Multi-Cloud native applications means that these applications are programmed in such a way that they can dynamically distribute their components (often referred to as micro-services) over heterogeneous cloud resources (i.e. different Cloud services/resources, potentially from different Cloud Service Providers) and still hold the functional and non-functional properties (including business needs of the user of the application) declared in their Service Level Agreements. Additionally, DECIDE also takes into account legally relevant aspects of the Cloud resources, mapping its compliance level. By reducing the reliance on one Cloud resource (and on one Cloud Service Provider), Multi-Cloud native applications can reduce cost, increase efficiency, reliability and reduce vendor lock-in compared to monolithic applications. Especially industries with great needs in terms of reliability (e.g. banking, e-health, manufacturing), great fluctuations in terms of computational need in time (e.g. online gaming, online retail) or special legal compliance sensitivity (banking, e-health) can benefit from DECIDE.
DECIDE provides a framework containing architectural patterns for the programming of such Multi-Cloud native applications and tools to develop and operate Multi-Cloud native applications, including the Advanced Cloud Service meta-Intermediator (ACSmI), an ecosystem of trusted, interoperable and legally compliant cloud services which may safely be used to deploy the application. The DECIDE framework, through its various tools, links the functional and non-functional requirements (including business needs such as cost and reliability or legal requirements) of the application as defined by the developer of the application to this ecosystem, outlining which of the services in the ACSmI catalogue may be considered for deployment. Thus, only services that fulfil all requirements will be considered, demarcating parts of the ACSmI catalogue as relevant while excluding the other available resources. For example, a cloud resource that fulfils the applications functional and business needs (e.g. availability, cost) but not the set legal needs, will not be considered for deployment. This enables companies to decide what elements are most important to them. A start-up webshop may for example have less compliance risks that a bank, and attach more importance to a low running cost, even at the cost of some lower availability guarantees, whereas the bank will likely value a high legal compliance level and high availability and attach comparatively less importance to the cost of the Cloud resources. This enables DECIDE users to perfectly implement their business model in their choice of resources for their Multi-Cloud solution.
Moreover, DECIDE enables not only the best combination of Cloud resources for a given application, creating the aforementioned benefits, but also facilitates that the application may dynamically self-adapt the combination of cloud resources it is using, re-deploy automatically when this is optimal, taking into account the development of the performance, price and other characteristics of the available cloud resources. This option may be deactivated for sensitive applications (e.g. healthcare, banking) although the automatic re-deployment does not affect user experience.
Timelex is involved in DECIDE as the legal partner, dealing with all questions that may arise in terms of contracts (and terms of use/general terms and conditions), intellectual property and most importantly, data protection and cybersecurity. Timelex’s main input into the project consists of providing a reasoning behind the legal assessment of Cloud resources and the assigning of a legal level to these services. This reasoning will be detailed in the project’s deliverables and once commercialized, will be made available publicly, so the users of the DECIDE framework may ascertain what the legal assessment of Cloud resources covers. The end goal of this is to enable the application developer to determine which legal level of services the application needs, thus pre-selecting the Cloud resources that may still be considered for deployment.
In this way, organizations with a certain sensitivity (e.g. healthcare, banks) are supported in ensuring that their legal compliance needs are met, while organizations with lower compliance needs and/or a greater legal risk appetite can indicate this in the system, potentially saving even more on the cost of running the application.
The legal level relates to i.a. exit clauses, portability, liability, location, certification, and data processing terms of the Cloud resources.
More information about the DECIDE project can be found on the CORDIS website: https://cordis.europa.eu/project/id/731533.
Funded by the European Union. This project has received funding from the European Commission’s Horizon 2020 programme under Grant Agreement No. 731533. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Commission. Neither the European Union nor the granting authority can be held responsible for them.