Hybrid clouds for data-Intensive, 5G-Enabled IoT applications: an overview, key issues and relevant architecture

Hybrid cloud multi-access edge computing (MEC) deployments have been proposed as efficient means to support Internet of Things (IoT) applications, relying on a plethora of nodes and data. In this paper, an overview on the area of hybrid clouds considering relevant research areas is given, providing technologies and mechanisms for the formation of such MEC deployments, as well as emphasizing several key issues that should be tackled by novel approaches, especially under the 5G paradigm. Furthermore, a decentralized hybrid cloud MEC architecture, resulting in a Platform-as-a-Service (PaaS) is proposed and its main building blocks and layers are thoroughly described. Aiming to offer a broad perspective on the business potential of such a platform, the stakeholder ecosystem is also analyzed. Finally, two use cases in the context of smart cities and mobile health are presented, aimed at showing how the proposed PaaS enables the development of respective IoT applications.Peer ReviewedPostprint (published version

Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644429 and No 780351, MUSA project and ENACT project, respectively. We would also like to acknowledge all the members of the MUSA Consortium and ENACT Consortium for their valuable help

BETaaS: A Platform for Development and Execution of Machine-to-Machine Applications in the Internet of Things

The integration of everyday objects into the Internet represents the foundation of the forthcoming Internet of Things (IoT). Such “smart” objects will be the building blocks of the next generation of applications that will exploit interaction between machines to implement enhanced services with minimum or no human intervention in the loop. A crucial factor to enable Machine-to-Machine (M2M) applications is a horizontal service infrastructure that seamlessly integrates existing IoT heterogeneous systems. The authors present BETaaS, a framework that enables horizontal M2M deployments. BETaaS is based on a distributed service infrastructure built on top of an overlay network of gateways that allows seamless integration of existing IoT systems. The platform enables easy deployment of applications by exposing to developers a service oriented interface to access things (the Things-as-a-Service model) regardless of the technology and the physical infrastructure they belong

A Role-Based Approach for Orchestrating Emergent Configurations in the Internet of Things

The Internet of Things (IoT) is envisioned as a global network of connected things enabling ubiquitous machine-to-machine (M2M) communication. With estimations of billions of sensors and devices to be connected in the coming years, the IoT has been advocated as having a great potential to impact the way we live, but also how we work. However, the connectivity aspect in itself only accounts for the underlying M2M infrastructure. In order to properly support engineering IoT systems and applications, it is key to orchestrate heterogeneous 'things' in a seamless, adaptive and dynamic manner, such that the system can exhibit a goal-directed behaviour and take appropriate actions. Yet, this form of interaction between things needs to take a user-centric approach and by no means elude the users' requirements. To this end, contextualisation is an important feature of the system, allowing it to infer user activities and prompt the user with relevant information and interactions even in the absence of intentional commands. In this work we propose a role-based model for emergent configurations of connected systems as a means to model, manage, and reason about IoT systems including the user's interaction with them. We put a special focus on integrating the user perspective in order to guide the emergent configurations such that systems goals are aligned with the users' intentions. We discuss related scientific and technical challenges and provide several uses cases outlining the concept of emergent configurations.Comment: In Proceedings of the Second International Workshop on the Internet of Agents @AAMAS201

Fog computing pour l'intégration d'agents et de services Web dans un middleware réflexif autonome

International audienceService Oriented Architecture (SOA) has emerged as a dominant architecture for interoperability between applications, by using a weak-coupled model based on the flexibility provided by Web Services, which has led to a wide range of applications, what is known as cloud computing. On the other hand, Multi-Agent System (MAS) is widely used in the industry, because it provides an appropriate solution to complex problems, in a proactive and intelligent way. Specifically, Intelligent Environments (Smart City, Smart Classroom, Cyber Physical System, and Smart Factory, among others) obtain great benefits by using both architectures, because MAS endows intelligence to the environment, while SOA enables users to interact with cloud services, which improve the capabilities of the devices deployed in the environment. Additionally, the fog computing paradigm extends the cloud computing paradigm to be closer to the things that produce and act on the intelligent environment, allowing to deal with issues like mobility, real time, low latency, geo-localization, among other aspects. In this sense, in this article we present a middleware, which not only is capable of allowing MAS and SOA to communicate in a bidirectional and transparent way, but also, it uses the fog computing paradigm autonomously, according to the context and to the system load factor. Additionally, we analyze the performance of the incorporation of the fog-computing paradigm in our middleware and compare it with other works

ADVANCED SLA MANAGEMENT IN CLOUD COMPUTING

The advent of high-performance technologies and the increase in volume of data used by organizations led to the need for migration from an internal structure to Cloud environment. The continuous development of tools, methods and techniques have expanded the understanding of the various functions, structures and processes related to Cloud Computing. However, the increase in computing power led to the development and use of more complex models, including this scope the complexity of Service Level Agreements (SLA). The need for understanding at a high level of SLAs established between customers and service providers in Cloud led to different studies on the definition and standardization of these agreements. Nowadays, cloud computing technologies are becoming more and more popular, especially with respect to data storage. However, the processes used to determine the Cloud Service Agreements do not consider the final customer\u2019s needs, considering only the supply capacity of the service provider. For these reasons, the development of service agreements that meets the needs of customers should be designed in order to increase the usability of Cloud environments, and enabling the discovery of new areas of application in accordance with market demand. In this context, the use of ontologies that describes the information that composes each type of service, and thus enable an understanding of the agreements reached, is configured as an approach to be considered. Moreover, the generalization and abstraction of information that can be observed in different services allows a broader vision for managing SLAs. For these reasons, this thesis aims to find innovative methods for the composition of Service Level Agreements in Cloud Computing. In particular, the methods presented allow demonstrate the convergence of several consolidated techniques in research on Cloud SLA using a new approach that considers new demands on Cloud and allows control of the established agreements, in addition to effectively ensure the application of the concept of XaaS (everything as a service). The originality of the approach allows the registration, search, composition and control of services in Cloud using the same structure. The new approach presented in this thesis allows the understanding of the impact of the new services requested by customers, giving the provider the possibility of simulating the use of the necessary resources to meet the new services\u2019 requests. From the presentation of a conceptual framework we can demonstrate the use of our approach through the examples of different situations presented in the real world and considering the new market possibilities

Dynamic collaboration and secure access of services in multi-cloud environments

The cloud computing services have gained popularity in both public and enterprise domains and they process a large amount of user data with varying privacy levels. The increasing demand for cloud services including storage and computation requires new functional elements and provisioning schemes to meet user requirements. Multi-clouds can optimise the user requirements by allowing them to choose best services from a large number of services offered by various cloud providers as they are massively scalable, can be dynamically configured, and delivered on demand with large-scale infrastructure resources. A major concern related to multi-cloud adoption is the lack of models for them and their associated security issues which become more unpredictable in a multi-cloud environment. Moreover, in order to trust the services in a foreign cloud users depend on their assurances given by the cloud provider but cloud providers give very limited evidence or accountability to users which offers them the ability to hide some behaviour of the service. In this thesis, we propose a model for multi-cloud collaboration that can securely establish dynamic collaboration between heterogeneous clouds using the cloud on-demand model in a secure way. Initially, threat modelling for cloud services has been done that leads to the identification of various threats to service interfaces along with the possible attackers and the mechanisms to exploit those threats. Based on these threats the cloud provider can apply suitable mechanisms to protect services and user data from these threats. In the next phase, we present a lightweight and novel authentication mechanism which provides a single sign-on (SSO) to users for authentication at runtime between multi-clouds before granting them service access and it is formally verified. Next, we provide a service scheduling mechanism to select the best services from multiple cloud providers that closely match user quality of service requirements (QoS). The scheduling mechanism achieves high accuracy by providing distance correlation weighting mechanism among a large number of services QoS parameters. In the next stage, novel service level agreement (SLA) management mechanisms are proposed to ensure secure service execution in the foreign cloud. The usage of SLA mechanisms ensures that user QoS parameters including the functional (CPU, RAM, memory etc.) and non-functional requirements (bandwidth, latency, availability, reliability etc.) of users for a particular service are negotiated before secure collaboration between multi-clouds is setup. The multi-cloud handling user requests will be responsible to enforce mechanisms that fulfil the QoS requirements agreed in the SLA. While the monitoring phase in SLA involves monitoring the service execution in the foreign cloud to check its compliance with the SLA and report it back to the user. Finally, we present the use cases of applying the proposed model in scenarios such as Internet of Things (IoT) and E-Healthcare in multi-clouds. Moreover, the designed protocols are empirically implemented on two different clouds including OpenStack and Amazon AWS. Experiments indicate that the proposed model is scalable, authentication protocols result only in a limited overhead compared to standard authentication protocols, service scheduling achieves high efficiency and any SLA violations by a cloud provider can be recorded and reported back to the user.My research for first 3 years of PhD was funded by the College of Engineering and Technology

Service level agreement specification for IoT application workflow activity deployment, configuration and monitoring

PhD ThesisCurrently, we see the use of the Internet of Things (IoT) within various domains such as healthcare, smart homes, smart cars, smart-x applications, and smart cities. The number of applications based on IoT and cloud computing is projected to increase rapidly over the next few years. IoT-based services must meet the guaranteed levels of quality of service (QoS) to match users’ expectations. Ensuring QoS through specifying the QoS constraints using service level agreements (SLAs) is crucial. Also because of the potentially highly complex nature of multi-layered IoT applications, lifecycle management (deployment, dynamic reconfiguration, and monitoring) needs to be automated. To achieve this it is essential to be able to specify SLAs in a machine-readable format. currently available SLA specification languages are unable to accommodate the unique characteristics (interdependency of its multi-layers) of the IoT domain. Therefore, in this research, we propose a grammar for a syntactical structure of an SLA specification for IoT. The grammar is based on a proposed conceptual model that considers the main concepts that can be used to express the requirements for most common hardware and software components of an IoT application on an end-to-end basis. We follow the Goal Question Metric (GQM) approach to evaluate the generality and expressiveness of the proposed grammar by reviewing its concepts and their predefined lists of vocabularies against two use-cases with a number of participants whose research interests are mainly related to IoT. The results of the analysis show that the proposed grammar achieved 91.70% of its generality goal and 93.43% of its expressiveness goal. To enhance the process of specifying SLA terms, We then developed a toolkit for creating SLA specifications for IoT applications. The toolkit is used to simplify the process of capturing the requirements of IoT applications. We demonstrate the effectiveness of the toolkit using a remote health monitoring service (RHMS) use-case as well as applying a user experience measure to evaluate the tool by applying a questionnaire-oriented approach. We discussed the applicability of our tool by including it as a core component of two different applications: 1) a contextaware recommender system for IoT configuration across layers; and 2) a tool for automatically translating an SLA from JSON to a smart contract, deploying it on different peer nodes that represent the contractual parties. The smart contract is able to monitor the created SLA using Blockchain technology. These two applications are utilized within our proposed SLA management framework for IoT. Furthermore, we propose a greedy heuristic algorithm to decentralize workflow activities of an IoT application across Edge and Cloud resources to enhance response time, cost, energy consumption and network usage. We evaluated the efficiency of our proposed approach using iFogSim simulator. The performance analysis shows that the proposed algorithm minimized cost, execution time, networking, and Cloud energy consumption compared to Cloud-only and edge-ward placement approaches