A modeling language for multi-tenant data architecture evolution in cloud applications

Multi-tenancy enables efficient resource utilization by sharing application resources across multiple customers (i.e., tenants). Hence, applications built using this pat- tern can be offered at a lower price and reduce maintenance effort as less application instances and supporting cloud resources must be maintained. These properties en- courage cloud application providers to adopt multi-tenancy to their existing applications, yet introducing this pattern requires significant changes in the application structure to address multi-tenancy requirements such as isolation of tenants, extensibility of the application, and scalability of the solution. In cloud applications, the data layer is often the prime candidate for multi-tenancy, and it usually comprises a combination of different cloud storage solutions such as blob storage, relational and non-relational databases. These storage types are conceptually and tangibly divergent, each requiring its own partitioning schemes to meet multi-tenancy requirements. Currently, multi-tenant data architectures are implemented using manual coding methods, at times following guidance and patterns offered by cloud providers. However, such manual implementation approach tends to be time consuming and error prone. Several modeling methods based on Model-Driven Engineer- ing (MDE) and Software Product Line Engineering (SPLE) have been proposed to capture multi-tenancy in cloud applications. These methods mainly generate cloud deployment configurations from an application model, though they do not automate implementation or evolution of applications. This thesis aims to facilitate development of multi-tenant cloud data architectures using model-driven engineering techniques. This is achieved by designing and implementing a novel modeling language, CadaML, that provides concepts and notations to model multi-tenant cloud data architectures in an abstract way. CadaML also provides a set of tools to validate the data architecture and automatically produce corresponding data access layer code. The thesis demonstrates the feasibility of the modeling language in a practical setting and adequacy of multi-tenancy implementation by the generated code on an industrial business process analyzing application. Moreover, the modeling language is empirically compared against manual implementation methods to inspect its effect on developer productivity, development effort, reliability of the application code, and usability of the language. These outcomes provide a strong argument that the CadaML modeling language effectively mitigates the high overhead of manual implementation of multi-tenant cloud data layers, significantly reducing the required development complexity and time

Enabling Usable and Performant Trusted Execution

A plethora of major security incidents---in which personal identifiers belonging to hundreds of millions of users were stolen---demonstrate the importance of improving the security of cloud systems. To increase security in the cloud environment, where resource sharing is the norm, we need to rethink existing approaches from the ground-up. This thesis analyzes the feasibility and security of trusted execution technologies as the cornerstone of secure software systems, to better protect users' data and privacy. Trusted Execution Environments (TEE), such as Intel SGX, has the potential to minimize the Trusted Computing Base (TCB), but they also introduce many challenges for adoption. Among these challenges are TEE's significant impact on applications' performance and non-trivial effort required to migrate legacy systems to run on these secure execution technologies. Other challenges include managing a trustworthy state across a distributed system and ensuring these individual machines are resilient to micro-architectural attacks. In this thesis, I first characterize the performance bottlenecks imposed by SGX and suggest optimization strategies. I then address two main adoption challenges for existing applications: managing permissions across a distributed system and scaling the SGX's mechanism for proving authenticity and integrity. I then analyze the resilience of trusted execution technologies to speculative execution, micro-architectural attacks, which put cloud infrastructure at risk. This analysis revealed a devastating security flaw in Intel's processors which is known as Foreshadow/L1TF. Finally, I propose a new architectural design for out-of-order processors which defeats all known speculative execution attacks.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/155139/1/oweisse_1.pd

A Task Offloading Framework for Energy Saving on Mobile Devices using Cloud Computing

Over the last decade, mobile devices have become popular among people, and their number is ever growing because of the computing functionality they offer beyond primary voice communication. However, mobile devices are unable to accommodate most of the computing demand as long as they suffer the limited energy supply caused by the capacity of their small battery to store only a relatively small amount of energy. The literature describes several specialist techniques proposed in academia and industry that save the mobile device energy and solve this problem to some extent but not satisfactorily. Task offloading from mobile devices to cloud computing is a promising technique for tackling the problem especially with the emergence of high-speed wireless networks and the ubiquitous resources from the cloud computing. Since task offloading is in its nascent age, it lacks evaluation and development in-depth studies. In this dissertation, we proposed an offloading framework to make task offloading possible to save energy for mobile devices. We achieved a great deal of progress toward developing a realistic offloading framework. First, we examined the feasibility of exploiting the offloading technique to save mobile device energy using the cloud as the place to execute the task instead of executing it on the mobile device. Our evaluation study reveals that the offloading does not always save energy; in cases where the energy for the computation is less than the energy for communication no energy is saved. Therefore, the need for the offloading decision is vital to make the offloading beneficial. Second, we developed mathematical models for the energy consumption of a mobile device and its applications. These models were then used to develop mathematical models that estimate the energy consumption on the networking and the computing activities at the application level. We modelled the energy consumption of the networking activity for the Transmission Control Protocol (TCP) over Wireless Local Area Network (WLAN), the Third Generation (3G), and the Fourth Generation (4G) of mobile telecommunication networks. Furthermore, we modelled the energy consumption of the computing activity for the mobile multi-core Central Processing Unit (CPU) and storage unit. Third, we identified and classified the system parameters affecting the offloading decision and built our offloading framework based on them. In addition, we implemented and validated the proposed framework experimentally using a real mobile device, cloud, and application. The experimental results reveal that task offloading is beneficial for mobile devices given that in some cases it saves more than 70% of the energy required to execute a task. Additionally, our energy models accurately estimate the energy consumption for the networking and computing activities. This accuracy allows the offloading framework to make the correct decision as to whether or not offloading a given task saves energy. Our framework is built to be applicable to modern mobile devices and expandable by considering all system parameters that have impact on the offloading decision. In fact, the experimental validation proves that our framework is practical to real life scenarios. This framework gives researchers in the field useful tools to design energy efficient offloading systems for the coming years when the offloading will be common.4 month