Moved the legal requirements into a common section in Arch guide.

Change-Id: Iccca40c56673b61bb5626d032a085b8a5318784e Implements: blueprint arch-guide
2015-08-13 13:16:46 +10:00 · 2015-08-13 13:16:46 +10:00 · 1a23ae9cd7
commit 1a23ae9cd7
parent d9ef521591
2 changed files with 49 additions and 0 deletions
--- a/doc/arch-design/bk-openstack-arch-design.xml
+++ b/doc/arch-design/bk-openstack-arch-design.xml
@ -73,6 +73,7 @@
         these types of statements. -->
    <xi:include href="../common/ch_preface.xml"/>
    <xi:include href="ch_introduction.xml"/>
+    <xi:include href="ch_legal-security-requirements.xml"/>
    <xi:include href="ch_generalpurpose.xml"/>
    <xi:include href="ch_compute_focus.xml"/>
    <xi:include href="ch_storage_focus.xml"/>
--- a/doc/arch-design/ch_legal-security-requirements.xml
+++ b/doc/arch-design/ch_legal-security-requirements.xml
@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<chapter xmlns="http://docbook.org/ns/docbook"
+         xmlns:xi="http://www.w3.org/2001/XInclude"
+         xmlns:xlink="http://www.w3.org/1999/xlink"
+         version="5.0"
+         xml:id="security-legal-requirements">
+  <?dbhtml stop-chunking?>
+  <title>Security and legal requirements</title>
+  <para>This chapter discusses the legal and security requirements you
+    need to consider for the different OpenStack scenarios.</para>
+  <section xml:id="legal-requirements">
+    <title>Legal requirements</title>
+    <para>Many jurisdictions have legislative and regulatory
+    requirements governing the storage and management of data in
+    cloud environments. Common areas of regulation include:</para>
+    <itemizedlist>
+      <listitem>
+        <para>Data retention policies ensuring storage of
+        persistent data and records management to meet data
+        archival requirements.</para>
+      </listitem>
+      <listitem>
+        <para>Data ownership policies governing the possession and
+        responsibility for data.</para>
+      </listitem>
+      <listitem>
+        <para>Data sovereignty policies governing the storage of
+        data in foreign countries or otherwise separate
+        jurisdictions.</para>
+      </listitem>
+      <listitem>
+        <para>Data compliance policies governing certain types of
+        information needing to reside in certain locations due to
+        regulatory issues - and more importantly, cannot reside in
+        other locations for the same reason.</para>
+      </listitem>
+    </itemizedlist>
+    <para>Examples of such legal frameworks include the <link
+      xlink:href="http://ec.europa.eu/justice/data-protection/">data
+      protection framework</link> of the European Union and the
+    requirements of the <link
+      xlink:href="http://www.finra.org/Industry/Regulation/FINRARules/">
+      Financial Industry Regulatory Authority</link> in the United
+    States. Consult a local regulatory body for more information.
+    </para>
+  </section>
+</chapter>
+