Optimization of Elastic Cloud Brokerage Mechanisms for Future Telecommunication Service Environments

Dieser Beitrag ist mit Zustimmung des Rechteinhabers aufgrund einer (DFG geförderten) Allianz- bzw. Nationallizenz frei zugänglich.This publication is with permission of the rights owner freely accessible due to an Alliance licence and a national licence (funded by the DFG, German Research Foundation) respectively.Cloud computing mechanisms and cloud-based services are currently revolutionizing Web as well as telecommunication service platforms and service offerings. Apart from providing infrastructures, platforms and software as a service, mechanism for dynamic allocation of compute and storage resources on-demand, commonly termed as “elastic cloud computing” account for the most important cloud computing functionalities. Resource elasticity allows not only for efficient internal compute and storage resource consumption, but also, through so called hybrid cloud computing mechanisms, for dynamic utilization of external resources on-demand. This capability is especially useful in order to cost-efficiently cope with peakworkloads, allowing service providers to significantly reduce usually required over-provisioned service infrastructures, allowing for “pay-per-use” cost models. With a steadily growing number of cloud providers and with the proliferation of unified cloud computing interfaces, service providers are given free choice of flexibly selecting and utilizing cloud resources from different cloud providers. Cloud brokering systems allow for dynamic selection and utilization of cloud computing resources based on functional (e.g. QoS, SLA, energy consumption) as well as nonfunctional criteria (e.g. costs). The presented work focuses on enhanced cloud brokering mechanisms for telecommunication service platforms, enabling quality telecommunication service assurance, still optimizing cloud resources consumption, i.e. saving costs and energy. Furthermore this work shows that by combining cloud brokering mechanisms with standardized telecommunication service brokering mechanisms an even greater benefit for telecommunication service providers can be achieved as this enables an even better cost-efficiency since different user segments can seamlessly be served by allocating different cloud resources to them in a policy-driven manner

The case for cloud service trustmarks and assurance-as-a-service

Cloud computing represents a significant economic opportunity for Europe. However, this growth is threatened by adoption barriers largely related to trust. This position paper examines trust and confidence issues in cloud computing and advances a case for addressing them through the implementation of a novel trustmark scheme for cloud service providers. The proposed trustmark would be both active and dynamic featuring multi-modal information about the performance of the underlying cloud service. The trustmarks would be informed by live performance data from the cloud service provider, or ideally an independent third-party accountability and assurance service that would communicate up-to-date information relating to service performance and dependability. By combining assurance measures with a remediation scheme, cloud service providers could both signal dependability to customers and the wider marketplace and provide customers, auditors and regulators with a mechanism for determining accountability in the event of failure or non-compliance. As a result, the trustmarks would convey to consumers of cloud services and other stakeholders that strong assurance and accountability measures are in place for the service in question and thereby address trust and confidence issues in cloud computing

Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644429 and No 780351, MUSA project and ENACT project, respectively. We would also like to acknowledge all the members of the MUSA Consortium and ENACT Consortium for their valuable help

Certifying Services in Cloud: The Case for a Hybrid, Incremental and Multi-layer Approach

The use of clouds raises significant security concerns for the services they provide. Addressing these concerns requires novel models of cloud service certification based on multiple forms of evidence including testing and monitoring data, and trusted computing proofs. CUMULUS is a novel infrastructure for realising such certification models

Cloud Security : A Review of Recent Threats and Solution Models

The most significant barrier to the wide adoption of cloud services has been attributed to perceived cloud insecurity (Smitha, Anna and Dan, 2012). In an attempt to review this subject, this paper will explore some of the major security threats to the cloud and the security models employed in tackling them. Access control violations, message integrity violations, data leakages, inability to guarantee complete data deletion, code injection, malwares and lack of expertise in cloud technology rank the major threats. The European Union invested €3m in City University London to research into the certification of Cloud security services. This and more recent developments are significant in addressing increasing public concerns regarding the confidentiality, integrity and privacy of data held in cloud environments. Some of the current cloud security models adopted in addressing cloud security threats were – Encryption of all data at storage and during transmission. The Cisco IronPort S-Series web security appliance was among security solutions to solve cloud access control issues. 2-factor Authentication with RSA SecurID and close monitoring appeared to be the most popular solutions to authentication and access control issues in the cloud. Database Active Monitoring, File Active Monitoring, URL Filters and Data Loss Prevention were solutions for detecting and preventing unauthorised data migration into and within clouds. There is yet no guarantee for a complete deletion of data by cloud providers on client requests however; FADE may be a solution (Yang et al., 2012)

Semantic Gateway as a Service architecture for IoT Interoperability

The Internet of Things (IoT) is set to occupy a substantial component of future Internet. The IoT connects sensors and devices that record physical observations to applications and services of the Internet. As a successor to technologies such as RFID and Wireless Sensor Networks (WSN), the IoT has stumbled into vertical silos of proprietary systems, providing little or no interoperability with similar systems. As the IoT represents future state of the Internet, an intelligent and scalable architecture is required to provide connectivity between these silos, enabling discovery of physical sensors and interpretation of messages between things. This paper proposes a gateway and Semantic Web enabled IoT architecture to provide interoperability between systems using established communication and data standards. The Semantic Gateway as Service (SGS) allows translation between messaging protocols such as XMPP, CoAP and MQTT via a multi-protocol proxy architecture. Utilization of broadly accepted specifications such as W3C's Semantic Sensor Network (SSN) ontology for semantic annotations of sensor data provide semantic interoperability between messages and support semantic reasoning to obtain higher-level actionable knowledge from low-level sensor data.Comment: 16 page

Security and Privacy Issues in Cloud Computing

Cloud computing transforming the way of information technology (IT) for consuming and managing, promising improving cost efficiencies, accelerate innovations, faster time-to-market and the ability to scale applications on demand (Leighton, 2009). According to Gartner, while the hype grew ex-ponentially during 2008 and continued since, it is clear that there is a major shift towards the cloud computing model and that the benefits may be substantial (Gartner Hype-Cycle, 2012). However, as the shape of the cloud computing is emerging and developing rapidly both conceptually and in reality, the legal/contractual, economic, service quality, interoperability, security and privacy issues still pose significant challenges. In this chapter, we describe various service and deployment models of cloud computing and identify major challenges. In particular, we discuss three critical challenges: regulatory, security and privacy issues in cloud computing. Some solutions to mitigate these challenges are also proposed along with a brief presentation on the future trends in cloud computing deployment