SLA-Oriented Resource Provisioning for Cloud Computing: Challenges, Architecture, and Solutions

Cloud computing systems promise to offer subscription-oriented, enterprise-quality computing services to users worldwide. With the increased demand for delivering services to a large number of users, they need to offer differentiated services to users and meet their quality expectations. Existing resource management systems in data centers are yet to support Service Level Agreement (SLA)-oriented resource allocation, and thus need to be enhanced to realize cloud computing and utility computing. In addition, no work has been done to collectively incorporate customer-driven service management, computational risk management, and autonomic resource management into a market-based resource management system to target the rapidly changing enterprise requirements of Cloud computing. This paper presents vision, challenges, and architectural elements of SLA-oriented resource management. The proposed architecture supports integration of marketbased provisioning policies and virtualisation technologies for flexible allocation of resources to applications. The performance results obtained from our working prototype system shows the feasibility and effectiveness of SLA-based resource provisioning in Clouds.Comment: 10 pages, 7 figures, Conference Keynote Paper: 2011 IEEE International Conference on Cloud and Service Computing (CSC 2011, IEEE Press, USA), Hong Kong, China, December 12-14, 201

An inter-cloud bridge system for heterogeneous cloud platforms

Over the years, more cloud computing systems have been developed providing flexible interfaces for inter-cloud interaction. This work approaches the concept of inter-cloud by utilizing APIs, open source specifications and exposed interfaces from cloud platforms such as OpenStack, OpenNebula and others. Despite other works in the area of inter-cloud, that are mainly resource management-centric, we focus on designing and developing a service-centric architecture. We implement an inter-cloud bridge system that is elastic, easy to be upgraded and managed. We develop a prototype composed not only from heterogeneous cloud platforms but also from independent cloud services. These are developed by different cloud service providers and offered as open source Software as a Service (SaaS). The proposed Inter-Cloud Mediation Service uses Future Internet SaaS such as a Context Broker for registrations and subscriptions to services and a Complex Event Processing engine for event management. We present an experimental analysis to show interactions with various heterogeneous cloud platforms and we evaluate the performance of inter-cloud services separately and as a whole

A reference architecture for multi-level SLA management

There is a global trend towards service-orientation, both for organizing business interactions but also in modern IT architectures. At the business-level, service industries are becoming the dominating sector in which solutions are flexibly composed out of networked services. At the IT level, the paradigms of Service-Oriented Architecture and Cloud Computing realize service-orientation for both software and infrastructure services. Again, flexible composition across different layers is a major advantage of this paradigm. Service Level Agreements (SLA) are a common approach for specifying the exact conditions under which services are to be delivered and, thus, are a prerequisite for supporting the flexible trading of services. However, typical SLAs are just specified at a single layer and do not allow service providers to manage their service stack accordingly. They have no insight on how SLAs at one layer translate to metrics or parameters at the various lower layers of the service stack. In this paper, we present a reference architecture for a multi-level SLA management framework. We discuss the fundamental concepts and detail the main architectural components and interfaces. Furthermore, we show how the framework can be flexibly used for different industrial scenarios

An interoperable and self-adaptive approach for SLA-based service virtualization in heterogeneous Cloud environments

Cloud computing is a newly emerged computing infrastructure that builds on the latest achievements of diverse research areas, such as Grid computing, Service-oriented computing, business process management and virtualization. An important characteristic of Cloud-based services is the provision of non-functional guarantees in the form of Service Level Agreements (SLAs), such as guarantees on execution time or price. However, due to system malfunctions, changing workload conditions, hard- and software failures, established SLAs can be violated. In order to avoid costly SLA violations, flexible and adaptive SLA attainment strategies are needed. In this paper we present a self-manageable architecture for SLA-based service virtualization that provides a way to ease interoperable service executions in a diverse, heterogeneous, distributed and virtualized world of services. We demonstrate in this paper that the combination of negotiation, brokering and deployment using SLA-aware extensions and autonomic computing principles are required for achieving reliable and efficient service operation in distributed environments. © 2012 Elsevier B.V. All rights reserved

Security and risk analysis in the cloud with software defined networking architecture

Cloud computing has emerged as the actual trend in business information technology service models, since it provides processing that is both cost-effective and scalable. Enterprise networks are adopting software-defined networking (SDN) for network management flexibility and lower operating costs. Information technology (IT) services for enterprises tend to use both technologies. Yet, the effects of cloud computing and software defined networking on business network security are unclear. This study addresses this crucial issue. In a business network that uses both technologies, we start by looking at security, namely distributed denial-of-service (DDoS) attack defensive methods. SDN technology may help organizations protect against DDoS assaults provided the defensive architecture is structured appropriately. To mitigate DDoS attacks, we offer a highly configurable network monitoring and flexible control framework. We present a dataset shift-resistant graphic model-based attack detection system for the new architecture. The simulation findings demonstrate that our architecture can efficiently meet the security concerns of the new network paradigm and that our attack detection system can report numerous threats using real-world network data

A cloud-enabled small cell architecture in 5G networks for broadcast/multicast services

© 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes,creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.The evolution of 5G suggests that communication networks become sufficiently flexible to handle a wide variety of network services from various domains. The virtualization of small cells as envisaged by 5G, allows enhanced mobile edge computing capabilities, thus enabling network service deployment and management near the end user. This paper presents a cloud-enabled small cell architecture for 5G networks developed within the 5G-ESSENCE project. This paper also presents the conformity of the proposed architecture to the evolving 5G radio resource management architecture. Furthermore, it examines the inclusion of an edge enabler to support a variety of virtual network functions in 5G networks. Next, the improvement of specific key performance indicators in a public safety use case is evaluated. Finally, the performance of a 5G enabled evolved multimedia broadcast multicast services service is evaluated.Peer ReviewedPostprint (author's final draft

Security Audit Compliance for Cloud Computing

Cloud computing has grown largely over the past three years and is widely popular amongst today's IT landscape. In a comparative study between 250 IT decision makers of UK companies they said, that they already use cloud services for 61% of their systems. Cloud vendors promise "infinite scalability and resources" combined with on-demand access from everywhere. This lets cloud users quickly forget, that there is still a real IT infrastructure behind a cloud. Due to virtualization and multi-tenancy the complexity of these infrastructures is even increased compared to traditional data centers, while it is hidden from the user and outside of his control. This makes management of service provisioning, monitoring, backup, disaster recovery and especially security more complicated. Due to this, and a number of severe security incidents at commercial providers in recent years there is a growing lack of trust in cloud infrastructures. This thesis presents research on cloud security challenges and how they can be addressed by cloud security audits. Security requirements of an Infrastructure as a Service (IaaS) cloud are identified and it is shown how they differ from traditional data centres. To address cloud specific security challenges, a new cloud audit criteria catalogue is developed. Subsequently, a novel cloud security audit system gets developed, which provides a flexible audit architecture for frequently changing cloud infrastructures. It is based on lightweight software agents, which monitor key events in a cloud and trigger specific targeted security audits on demand - on a customer and a cloud provider perspective. To enable these concurrent cloud audits, a Cloud Audit Policy Language is developed and integrated into the audit architecture. Furthermore, to address advanced cloud specific security challenges, an anomaly detection system based on machine learning technology is developed. By creating cloud usage profiles, a continuous evaluation of events - customer specific as well as customer overspanning - helps to detect anomalies within an IaaS cloud. The feasibility of the research is presented as a prototype and its functionality is presented in three demonstrations. Results prove, that the developed cloud audit architecture is able to mitigate cloud specific security challenges

Hardware as a service - enabling dynamic, user-level bare metal provisioning of pools of data center resources.

We describe a “Hardware as a Service (HaaS)” tool for isolating pools of compute, storage and networking resources. The goal of HaaS is to enable dynamic and flexible, user-level provisioning of pools of resources at the so-called “bare-metal” layer. It allows experimental or untrusted services to co-exist alongside trusted services. By functioning only as a resource isolation system, users are free to choose between different system scheduling and provisioning systems and to manage isolated resources as they see fit. We describe key HaaS use cases and features. We show how HaaS can provide a valuable, and somehwat overlooked, layer in the software architecture of modern data center management. Documentation and source code for HaaS software are available at: https://github.com/CCI-MOC/haasPartial support for this work was provided by the MassTech Collaborative Research Matching Grant Program, National Science Foundation award #1347525 and several commercial partners of the Mass Open Cloud who may be found at http://www.massopencloud.org.http://www.ieee-hpec.org/2014/CD/index_htm_files/FinalPapers/116.pd

kube-volttron: Rearchitecting the VOLTTRON Building Energy Management System for Cloud Native Deployment

Managing the energy consumption of the built environment is an important source of flexible load and decarbonization, enabling building managers and utilities to schedule consumption to avoid costly demand charges and peak times when carbon emissions from grid generated electricity are highest. A key technology component in building energy management is the building energy management system. Eclipse VOLTTRON is a legacy software platform which enables building energy management. It was developed for the US Department of Energy (DOE) at Pacific Northwest National Labs (PNNL) written in Python and based on a monolithic build-configure-and-run-in-place system architecture that predates cloud native architectural concepts. Yet the software architecture is componentized in a way that anticipates modular containerized applications, with software agents handling functions like data storage, web access, and communication with IoT devices over specific IoT protocols such as BACnet and Modbus. The agents communicate among themselves over a message bus. This paper describes a proof-of-concept prototype to rearchitect VOLTTRON into a collection of microservices suitable for deployment on the Kubernetes cloud native container orchestration platform. The agents are packaged in redistributable containers that perform specific functions and which can be configured when they are deployed. The deployment architecture consists of single Kubernetes cluster containing a central node, nominally in a cloud-based VM, where a microservice containing the database agent (called a "historian") and the web site agent for the service run, and gateway nodes running on sites in buildings where a microservice containing IoT protocol-specific agents handles control and data collection to and from devices, and communication back to the central node