Improving IT Service Management Architecture in Cloud Environment on Top of
Current Frameworks
Fatemeh Arabalidousti 1 and Ramin Nasiri
2
1Department of Computer Engineering, Islamic Azad University, Central Tehran Branch, Tehran, Iran
2Department of Computer Engineering, Islamic Azad University, Central Tehran Branch, Tehran, Iran
ABSTRACT
The key characteristic of cloud computing is provision
of IT infrastructure and its applications as a scalable
service. Since this environment is conceived service-
oriented, service management and delivery of
comprehensive architecture for this environment are
important. To provide better services in cloud
computing, any proposed architecture may be based on
IT service management frameworks and reference
models, to improve the management of services in
cloud computing. Hence, IT service management
reference models and frameworks are first compared in
this paper and according to the comparisons; PRM-IT
may be selected among other frameworks such as ITIL
v3, HP, MOF as a more complete reference and used
set forth in the operational section of the proposed
architecture. Also, processes of the eTOM process
framework are more complete than other frameworks
while considering billing & revenue management as
two critical modules in cloud based accounting Also.
COBIT5 used in this architecture to enrich governance
capability. On the other hand, a few of recent cloud
architectures compared to find out current drawbacks
and pitfalls and Finally, a comprehensive architecture
is being proposed for cloud to provide a nearly more
effective architecture resulted by composition of these
frameworks in a wise layout. This architecture is in the
context of SOA.
KEYWORDS
Cloud Computing Architecture, IT Service
Management Frameworks, Reference Model, SOA.
1 INTRODUCTION
Based on the various definitions of cloud
computing, ―Cloud Computing is a model for
enabling ubiquitous, convenient, on-demand
network access to a shared pool of configurable
computing resources (e.g., networks, servers,
storage, applications, and services) that can be
rapidly provisioned and released with minimal
management effort or service provider interaction.
This cloud model promotes availability and is
composed of five essential characteristics, three
service models, and four deployment models [1].‖
Service models are known as Cloud Infrastructure
as a Service (IaaS), Cloud Platform as a Service
(PaaS), and Cloud Software as a Service (SaaS).
The service models, and the fact that cloud
computing is discussed in terms of the creation,
delivery and consumption of cloud services,
means cloud computing supports service
orientation. If cloud environment is more
structured, delivery of service would be more
reliable. Considering importance of cloud
environment to build trust of the customers,
Frameworks and reference models such as PRM-
IT, ITIL v3, HP, MOF may be deployed to
manage IT services in organizations.
Also, a Varity of architectures such as IBM,
Oracle, NIST, HP are used for cloud computing.
In this paper IT service management is improved
by using ITSM frameworks and proposed
architecture.
The next section presents related work in the cloud
and then proposed architecture is introduced.
ISBN: 978-0-9891305-1-6 ©2013 SDIWC 77
2 RELATED WORK
PRM-IT, IBM Process Reference Model, is an
overall view of the processes involved in the
information technology management. This model
was proposed by IBM in 2008 [2]. ITIL
(Information Technology Infrastructure library)
has been provided by OGC focusing on the
support and provision of service. The latest
version of this document was published in 2007 .
ITIL v3 deals with IT Service Management in five
main phases [3-7]. Microsoft Operations
Framework (MOF) was introduced in 2008 , which
manages IT services in 3 main phases and 1
managerial layer [8]. HP IT Service Management
Reference Model is composed of five services,
which was published in 2000 [9]. On the other
hand, different architectures have been presented
for cloud computing environment. IBM Cloud
Computing Reference Architecture defines the
basic elements of cloud computing architecture.
This architecture has been structured modularly
such that main roles and elements have been
defined in the highest level of abstraction [10]. In
the NIST Reference Model, there are five main
actors: consumers, cloud broker, cloud auditor,
cloud carrier and cloud provider .Each actor may
be a person or an organization that plays role in
transactions or functions available in the cloud
[11]. The key components of Oracle architecture
are physical resources, cloud builder, cloud
application builder, SaaS consumers, cloud
management infrastructure and cloud application
management. This architecture provides three key
perspectives on consumer, provider and broker
[12]. Cloud System is an integrated system for the
management of cloud services across private,
public and hybrid clouds. HP Cloud System is a
composition of servers, storages, and network.
The result of this composition is perfect solution
for cloud which can provide cloud driven services
for organizations [13]. Cisco has developed the
depiction of a cloud reference architecture model,
which portrays the architectural layers, connected
via APIs and repositories. Cisco’s layer are Data
center technology architecture, security layer,
service orchestration layer, Service delivery and
management layer and cloud services consumer
layer [14]. The Storage Networking Industry
Association (SNIA) announced at SNW Spring
2010 , the formal approval of the Cloud Data
Management Interface (CDMI) as a SNIA
Architecture standard. This milestone marks the
first industry-developed open standard for cloud
computing and will allow for interoperable cloud
storage implementations from cloud service
providers and storage vendors. SNIA proposes a
formal term for cloud storage, i.e. Data Storage as
a Service (DaaS), which means ―delivery over a
network of appropriately configured virtual
storage and related data services, based on a
request for a given service level [15]."
3 PROPOSED ARCHITECTURE
First, IT service management models and
frameworks are evaluated. According to different
mappings between ITIL v3, PRM-IT, HP and
MOF, PRM-IT has been chosen as a
comprehensive reference model for the proposed
architecture.
COBIT5 has been considered as a comprehensive
governance framework in architecture because it is
a robust business framework for management and
governance of IT organizations. Therefore, its
governance processes are used in this architecture
[16]. eTOM focuses on trade relations used by
service providers, communication between
different processes, definition of interfaces and
information processing on clients, services,
resources, suppliers and partners. Billing and
revenue management processes in eTOM are
responsible for the collection of appropriate usage
records, determining charging and billing
information, production of timely and accurate
bills, for processing their payments, and
performing payment collections [17]. In other
models like PRM-IT, bill-related issues have not
been included as it is in eTOM . This architecture
uses eTOM processes associated with bills
management. The architectures of a few cloud
computing environments are compared in the
following table. Strengths of each architectures
rarely have been considered in other architectures.
These obvious differences are given in the last
column of the following table. Attempt is made to
improve IT service management in cloud and
place them in the comprehensive architecture. The
ISBN: 978-0-9891305-1-6 ©2013 SDIWC 78
following table summarizes the architectures of
the cloud [17]: Table 1: Comparison between cloud Architectures
Key
Difference
Comparison on
Architecture
level
Comparison
Business
level
Model
Compared to
use case
group’s
model, adds
more details
for
Service
management
Defines actors (cc
provider/user/
develop), cloud
components,
service
models, business/
operational
support
Services for cloud
providers.
For general
cc
system
IBM
The only
layered
architecture
Defines a layered
model which
considers
resources,
security, service ,
and consumers
layer.
For general
cc
system
Cisco
Compared to
IBM, Elastra
considers
only cloud
Management
Defines a
management
framework
for enterprise
clouds, which
focuses
on management of
diff. components
And lifecycles.
Specially for
enterprise
cloud
Elastra
1st industry-
developed
open
Standard for
cloud
computing .
Focuses on
cloud storage
Defines ―DaaS‖,&
CDMI which is
the
interface for
accessing and
managing
Cloud storage.
Specially for
cloud
storage
SNIA
Focuses on
security
Architecture
Defines actors
(users/system
architects/develop
ers/3rd party
auditors), security
policies at each
Step following
info traffic flow.
Specifically
for
cloud
security
OSA
Refers to
the
composition
of system
components
to support
the Cloud
Providers
activities
Defines actors (cc
consumer/
provider / carrier/
auditor
/ broker).
For general
cc
system
NIST
In the following section, the relationship between
service-oriented architecture and cloud computing
are presented.
4 CLOUD AND SOA
Cloud services, according to The Open Group
definition, are SOA services. However, not all
SOA services are Cloud service because they
require automated deployment and management as
well as offering support in order to support the
Cloud characteristics. On the architecture
continuum, Cloud architectures are more concrete
than The Open Group’s SOA reference
architecture, a domain architecture scoped to
service delivery and management. Principles and
architectural decisions have been premade already
to enable the Cloud computing architecture to be
self service, network accessible, and scalable.
Architectural building blocks have already been
identified for Cloud solution architects to use for
operational and business support. The benefit of
recognizing the heritage of Cloud from SOA is
that the existing experience over the last 6 years
and standards already available for SOA and SOA
solutions can be applied to Cloud Computing and
Cloud solutions [10].
The SOA RA, as being standardized by The Open
Group, applies to Cloud architectures and is the
underlying architecture for proposed Cloud
architectures.
The functional concerns: operational systems,
service components, services, business processes
and consumer interfaces; all exist in and are
relevant to functional concerns for cloud
architecture’s.
For the Cloud architecture, there has been special
focus on the [10]:
Operational Layer: Infrastructure often
highlighted in Cloud architectures because
Cloud imposes new requirements on
infrastructure to enable broad network
access, resource pooling, rapid elasticity,
virtualization and scalability.
Service Layer: The common cloud service
types, *aaS, are identified in the services
layer. These cloud service types, like other
services, use and sometimes expose assets
ISBN: 978-0-9891305-1-6 ©2013 SDIWC 79
in the Operational systems layer. For cloud
services, which assets are exposed is often
the focus of the service type, i.e. within
operational systems, hardware
infrastructure is exposed as IaaS, and
middleware is exposed as PaaS, and
business process as BPaaS.
Business Process: Business processes
participate in a Cloud solution much like
they do in SOA solutions, they can be
provided as a service (BPaaS) or be the
consumer of services (whether they care
cloud services or not). Additionally,
business processes within a cloud provider
organization need to be restructured and
streamlined in novel ways to meet much
faster time-to-deliver, time-to-change and
cost objectives.
Consumer Layer: The consumer layer is
more strictly and carefully separated from
the services and service provider to allow
pooling and substitution of cloud services
or providers.
Figure 1: The Functional Concept of SOA and Cloud
Architecture
For the cloud ecosystem, they cloud service
consumers, providers, auditors and developers are
the common high level roles identified in the
cloud architectures. It is important to look at
Cloud in the context of SOA, and Cloud solutions
in the context of the larger SOA solutions
underpinning them. This diagram shows the QOS
layer details that are essential to understand for
Cloud, as well as the *aaS [10]. The basic
elements and concepts of proposed architecture
aren’t defined completely but derived from service
oriented architecture.
Figure 2: Details of Quality of Service Layer
This Proposed Architecture defines four main
roles: Cloud Service Consumer, Cloud Service
Provider, Cloud Service Developer and Cloud
Service Auditor. Each role can be fulfilled by a
single person or can be fulfilled by a group of
people or an organization. The roles defined here
intend to capture the common set of roles typically
encountered in any cloud computing environment.
Therefore it is important to note that depending on
a particular cloud computing scenario or specific
cloud implementation, there may be project-
specific sub-roles defined.
Cloud Service Consumer: A cloud service
consumer is an organization, a human being or an
IT system that consumes service instances
delivered by a particular cloud service.
Cloud Service Provider: The Cloud Service
Provider has the responsibility of providing cloud
services to Cloud Service Consumers [10].
Cloud Service Developer: The Cloud Service
Developer is responsible for creating a cloud
service, which can be run by a Cloud Service
Provider and by that exposed to Cloud Service
Consumers. Typically, Cloud Service Developers
build their cloud services by leveraging
functionality which is exposed by a Cloud Service
Provider.
ISBN: 978-0-9891305-1-6 ©2013 SDIWC 80
Cloud Service Auditor: Cloud Service Auditor
can conduct independent assessment of cloud
services, information system operation,
performance and security of cloud
implementation.
Figure 3: The Proposed Architecture Model
5 ARCHITECTURE COMPONENTS
Architecture Components are examined separately
in six sections.
5.1 . Architectural Components in cloud Service
Consumer Section:
Figure 4: Details of Cloud Service Consumer in the
Proposed Architecture Model
Cloud Service Integration Tools
From the perspective of a Cloud Service
Consumer, it is important to be able to integrate
cloud services with their on-premise IT. The
functionality of Cloud Service Integration Tools is
specifically relevant in the context of hybrid
clouds, where seamless integrated management,
usage and interoperability of cloud services in
integration with on-premise IT is critical [10].
Consumer In-house IT
Besides IT capabilities consumed as cloud
services, consumers of such IT may continue to
have in-house IT, which can be managed in a
traditional non-cloud fashion. In case functionality
of the existing in-house IT should be integrated
with cloud services consumed from a cloud
service provider, the aforementioned cloud service
integration tools are required. Consumer in-house
IT exists across all layers of the technology stack
(infrastructure, middleware, applications, business
processes, service management), therefore
integration with cloud services can take place on
each of these layers [10].
5.2 . Architecture Components in cloud Service
Provider Section:
Figure 5: Details of Cloud Service Provider in the Proposed
Architecture Model
ISBN: 978-0-9891305-1-6 ©2013 SDIWC 81
5.2.1 . Service Orchestration
Service Orchestration refers to the composition
of system components to support the Cloud
Providers activities in arrangement, coordination
and management of computing resources in order
to provide cloud services to Cloud Consumers
[11].
Figure 6: Details of Service Orchestration in the Proposed
Architecture Model
5.2.1 .1. Services:
Infrastructure-as-a-Service:
The capability provided to the consumer is to rent
processing, storage, networks, and other
fundamental computing resources where the
consumer is able to deploy and run arbitrary
software, which can include operating systems and
applications. The consumer does not manage or
control the underlying cloud infrastructure but has
control over operating systems, storage, deployed
applications, and possibly select networking
components (e.g., firewalls, load balancers) [10].
Platform-as-a-Service
The capability provided to the consumer is to
deploy onto the cloud infrastructure consumer-
created applications using programming languages
and tools supported by the provider (e.g., java,
python, .Net). The consumer does not manage or
control the underlying cloud infrastructure,
network, servers, operating systems, or storage,
but the consumer has control over the deployed
applications and possibly application hosting
environment configurations [10].
Software-as-a-Service:
The capability provided to the consumer is to use
the provider's applications running on a cloud
infrastructure and accessible from various client
devices through a thin client interface such as a
Web browser (e.g., web-based email). The
consumer does not manage or control the
underlying cloud infrastructure, network, servers,
operating systems, storage, or even individual
application capabilities, with the possible
exception of limited user-specific application
configuration settings [10].
Business-Process-as-a-Service:
Business process services are any business process
delivered through the Cloud service model (Multi-
tenant, self-service provisioning, elastic scaling
and usage metering or pricing) via the Internet
with access via Web-centric interfaces and
exploiting Web-oriented cloud architecture. The
BPaaS provider is responsible for the related
business function(s) [10].
Data Storage-as-a-Service:
Data Storage as a Service (DaaS), which means
delivery over a network of appropriately
configured virtual storage and related data
services, based on a request for a given service
level [15].
5.2 .1.2 . Infrastructure:
This layer includes all the physical computing
resources. It has two elements.
Hardware: This layer includes hardware
resources, such as computers (CPU and
memory), networks (routers, firewalls, switches,
network links and interfaces), storage
components (hard disks) and other physical
computing infrastructure elements.
Facility: It also includes facility resources, such as
heating, ventilation and air conditioning (HVAC),
power, communications, and other aspects of the
physical plant [11]
5.2.2 . Cloud Provision and Management
This part exposes a set of business and operational
management focused services. These functions
ISBN: 978-0-9891305-1-6 ©2013 SDIWC 82
must be exploited by Cloud Services to run within
the context of the respective cloud service
provider.
5.2.2.1 . Businesses Support Services:
Business Support Services represents the set of
business-related services, which are needed by
Cloud Service Developer to implement a cloud
service.
Figure 7: Details of Business Support Services in the
Proposed Architecture Model
Account Management:
This section describes the processes involved in
managing of client accounts. These processes are
part of the IBM architecture model.
Billing and Revenue Management:
This section is responsible for the collection of
appropriate usage records, determining charging
and billing information, production of timely and
accurate bills, for providing pre-bill use
information and billing to customers, for
processing their payments, and performing
payment collections, These processes are part of
the eTOM process framework [17].
5.2.2.2 . Operational Support Services:
Operational Support Services represents the set of
operational management / technical-related
services, which are needed by Cloud Service
Developer to implement a cloud service. These
services use PRM-IT Reference Model process.
This model covers many management frameworks
(ITIL v3, HP, MOF).
Figure 8: Details of Operational Support Services the
Proposed Architecture Model
Customer relationships: The Customer
Relationships process category gives IT service
providers a mechanism to understand, monitor,
perform and compete effectively in the
marketplace they serve. Through active
communication and interaction with customers,
this process category provides the IT enterprise
with valuable, current information concerning
customer wants, needs, and requirements [2].
Direction: The Direction process category
provides guidance on the external technology
marketplace, aligns the IT outcomes to support the
business strategy, minimizes risk exposures, and
manages the IT Architecture and IT Portfolio [2].
Realization Management: The Realization
process category exists to create solutions that will
satisfy the requirements of IT customers and
stakeholders, including both the development of
new solutions and the enhancements or
maintenance of existing ones [2].
Transition Management: The Transition
category of processes exists to support any aspect
related to a life cycle status change in solutions
and services. The processes provide defined and
repeatable approaches to planning, effecting and
ISBN: 978-0-9891305-1-6 ©2013 SDIWC 83
recording these transitions and can be applied to
all stages of the life cycle [2].
Operation Management: This category contains
the operational service processes that enable daily
IT activities using available infrastructure,
applications, and services to meet service level
agreements (SLAs) and business objectives [2].
Resilience Management: The Resilience category
of processes describes the analysis and proactive
planning required to enable resilient infrastructure,
applications, and services. Each process covers a
range of activities from handling everyday
adjustments as required by service operations
through anticipating the potential future demands
upon its specific domain [2].
Administration: The Administration process
category brings together the processes that look
after many of the non-technical resources: people,
finances, and contracts, among others that support
IT service delivery [2].
5.3 . Architectural Components in cloud Service
Developer Section:
The service developer creates, publishes and
monitors the cloud service. This section includes
three parts. Development environments for service
creation vary. If developers are creating a SaaS
application, they are most likely writing code for
an environment hosted by a cloud provider [15].
Figure 9: Details of Cloud Service Developer in the
Proposed Architecture Model
Service Creation: Developers create cloud
services.
Service publishing: Cloud services, will be
published by the developers.
Service Analytics: During service creation,
analytics involve remote debugging to test the
service before it is published to consumers. Once
the service is published, analytics allow
developers to monitor the performance of their
service and make changes as necessary.
5.4. Architectural Components in cloud
Auditor Section:
A cloud auditor is a party that can perform an
independent examination of cloud service controls
with the intent to express an opinion thereon.
Audits are performed to verify conformance to
standards through review of objective evidence
[11]. This section has three parts:
Figure 10: Details of Cloud Auditor in the Proposed
Architecture Model
Security Audit: A cloud auditor can make an
assessment of the security controls in the
information system to determine the extent to
which the controls are implemented correctly,
operating as intended, and producing the
desired outcome with respect to the security
requirements for the system [2].
Privacy Impact Audit: A privacy impact audit
can help organization comply with applicable
privacy laws and regulations governing an
ISBN: 978-0-9891305-1-6 ©2013 SDIWC 84
individual’s privacy, and to ensure
confidentiality and integrity[2].
Performance Audit: To evaluate the performance
takes place [2].
5.5. Security, Resiliency, Performance &
Consumability:
These non-functional aspects must be viewed from
an end-to-end perspective including the structure
of architecture by itself, the way the hardware
infrastructure is set up (e.g. in terms of isolation,
network zoning setup, data center setup for
disaster recovery, etc.) and how the cloud services
are implemented[10].
5.6. Governance of IT:
Deal with the stakeholder governance
objectives—value delivery, risk optimisation and
resource optimisation—and include practices and
activities aimed at evaluating strategic options,
providing direction to IT and monitoring the
outcome[16]. This domain contains five
governance components.
Figure 11: Details of Governance of IT in the Proposed
Architecture Model
Ensure Governance Framework Setting and
Maintenance : Analyse and articulate the
requirements for the governance of enterprise IT,
and put in place and maintain effective enabling
structures, principles, processes and practices,
with clarity of responsibilities and authority to
achieve the enterprise’s mission, goals and
objectives [16].
Ensure Benefits Delivery: Optimise the value
contribution to the business from the business
processes, IT services and IT assets resulting from
investments made by IT at acceptable costs [16].
Ensure Risk Optimisation: Ensure that the
enterprise’s risk appetite and tolerance are
understood, articulated and communicated, and
that risk to enterprise value related to the use of IT
is identified and managed [16].
Ensure Resource Optimisation: Ensure that
adequate and sufficient IT-related capabilities
(people, process and technology) are available to
support enterprise objectives effectively at optimal
cost [16].
Ensure Stakeholder Transparency: Ensure that
enterprise IT performance and conformance
measurement and reporting are transparent, with
stakeholders approving the goals and metrics and
the necessary remedial actions [16].
6 CONCLUSION
Since cloud computing is service-oriented, service
management is very important in this
environment. In this paper, service management
frameworks and related models scrutinized and a
few of them are selected to use in proposed
architecture. In addition, few important cloud
architecture are compared, the strengths of each
have been obtained and deployed in proposed
architecture. Billing processes of eTOM
framework been used in the business support
services . PRM-IT was seen in operational support
service. COBIT5 was used for governance of IT
section. Combination of ITSM framework
improve IT services management and provide
better services in cloud computing. This is an
ongoing research and further results would be
published shortly.
ISBN: 978-0-9891305-1-6 ©2013 SDIWC 85
7 REFERENCES
1. Peter Mell, Timothy Grance,‖The NIST Definition of
Cloud Computing‖, September 2011 .
2. IBM Advisory Group, ‖PRM – IT IBM Process
Reference Model for IT‖, IBM Corporation 2008
3. ITIL Advisory Group, ―Service Strategy of ITIL® V3‖,
The UK Chapter of the itSMF, 2007
4. ITIL Advisory Group, ―Service Design Overview of
ITIL® V3‖, The UK Chapter of the itSMF, 2007
5. ITIL Advisory Group, ―Service Transition of ITIL®
V3‖, The UK Chapter of the itSMF, 2007
6. ITIL Advisory Group, ―Service Operation of ITIL®
V3‖, The UK Chapter of the itSMF, 2007
7. ITIL Advisory Group, ―Service Improvement of ITIL®
V3‖, The UK Chapter of the itSMF, 2007
8. MOF Advisory Group, ―Microsoft® Operations
Framework overview‖, Microsoft, April 2008
9. HP Advisory Group, ―The HP IT Service Management
Reference Model‖, HP, 2000 .
10. IBM Advisory Group, ―Introduction and Architecture
Overview IBM Cloud Computing Reference
Architecture 2.0‖, 2011
11. NIST Advisory Group, ―NIST Cloud Computing
Reference Architecture‖, 2011
12. ORACLE Advisory Group, ―Oracle® Reference
Architecture‖, 2011
13. HP Advisory Group, ―Understanding the HP cloud
System Reference Architecture‖, 2011
14. Cisco Advisory Group, ―Cisco Cloud Computing - Data
Center Strategy, Architecture, and Solutions‖, 2009
15. NIST Advisory Group, ―Cloud Architecture Reference
Models‖, NIST CCRATWG
16. ISACA, ―COBIT5,Enabling Process‖, 2012
17. TM Forum Advisory Group, “eTOM (Business Process
Framework)”, TM Forum 2012
ISBN: 978-0-9891305-1-6 ©2013 SDIWC 86