The present invention relates generally to the field of cloud orchestration, and more particularly to cloud orchestration with consideration to geography and applicable legislation, rules, and regulations.
Cloud orchestration may be described as the manual or automated arrangement, coordination and management of complex computer systems, middleware and services. In more simple terms, cloud orchestration is assigning and managing resources such as databases, hypervisors, architectures, operating systems, and applications, to perform a function over the internet. The resources may be assigned based on cost, availability and service level agreements (SLA) between a client and a cloud provider. In this scenario, it is left to either the cloud provider or an automatic orchestration tool (i.e., cloud orchestrator) to select the resources for the cloud computing system and it is incumbent on the provider to select the proper resources. This process may lead to instances where cloud resources, which violate laws, rules or regulations, are deployed for a client and this may result in unintended negative consequences for both the client and the cloud provider.
United States Patent Application Publication 2012/0303776 A1, titled Methods and Systems for Data Compliance Management Associated with Cloud Migration Events states the following: “A compliance tool can verify compliance with jurisdictional transfer and storage requirements for data migration into or within a cloud. The compliance tool can monitor and check data transfers and storage to determine if the data transfer and/or storage will cross jurisdictional boundaries. If the transfers or storage crosses jurisdictional boundaries, the compliance tool can identify the transfer and storage requirements of any jurisdictions involved with the transfer and/or storage. The compliance tool can verify that the data transfers complies with the identified transfer and storage requirements. If the data transfer and/or storage does not comply with the identified transfer and storage requirements, the compliance tool can terminate the data transfer and/or storage, modify the data transfer and/or storage, and/or modify the data, itself to comply with the identified transfer and storage requirements.” This publication concerns compliance of data migration in a cloud but neglects rules and regulations regarding the cloud infrastructure itself.