Elastic Business Process Management: State of the Art and Open Challenges for BPM in the Cloud

With the advent of cloud computing, organizations are nowadays able to react rapidly to changing demands for computational resources. Not only individual applications can be hosted on virtual cloud infrastructures, but also complete business processes. This allows the realization of so-called elastic processes, i.e., processes which are carried out using elastic cloud resources. Despite the manifold benefits of elastic processes, there is still a lack of solutions supporting them. In this paper, we identify the state of the art of elastic Business Process Management with a focus on infrastructural challenges. We conceptualize an architecture for an elastic Business Process Management System and discuss existing work on scheduling, resource allocation, monitoring, decentralized coordination, and state management for elastic processes. Furthermore, we present two representative elastic Business Process Management Systems which are intended to counter these challenges. Based on our findings, we identify open issues and outline possible research directions for the realization of elastic processes and elastic Business Process Management.Comment: Please cite as: S. Schulte, C. Janiesch, S. Venugopal, I. Weber, and P. Hoenisch (2015). Elastic Business Process Management: State of the Art and Open Challenges for BPM in the Cloud. Future Generation Computer Systems, Volume NN, Number N, NN-NN., http://dx.doi.org/10.1016/j.future.2014.09.00

Modeling and Simulation of an Integrated Gate Turnaround Management Concept

An Integrated Gate Turnaround Management (IGTM) prototype was developed at NASA Ames Simulation Laboratories (SimLabs) using Dallas Ft. Worth International Airport (DFW) to demonstrate the IGTM concepts feasibility and benefits. The simulation architecture includes: the IGTM controller, an Airline Operations Control (AOC) application, Big DataAnalytics Input (BAI) application, a terminal traffic simulation or known as NASA-developed Surface Operation Simulator and Scheduler (SOSS), and a Database Server. ActiveMQ, a Java messaging service, was used to emulate the System Wide Information Management (SWIM) data network messaging. This paper describes the modeling and simulation of the IGTM concept, and illustrates selected use cases to demonstrate the feasibility and benefits of the IGTM concept for optimizing gate turnaround operations

Improving Reuse of Distributed Transaction Software with Transaction-Aware Aspects

Implementing crosscutting concerns for transactions is difficult, even using Aspect-Oriented Programming Languages (AOPLs) such as AspectJ. Many of these challenges arise because the context of a transaction-related crosscutting concern consists of loosely-coupled abstractions like dynamically-generated identifiers, timestamps, and tentative value sets of distributed resources. Current AOPLs do not provide joinpoints and pointcuts for weaving advice into high-level abstractions or contexts, like transaction contexts. Other challenges stem from the essential complexity in the nature of the data, operations on the data, or the volume of data, and accidental complexity comes from the way that the problem is being solved, even using common transaction frameworks. This dissertation describes an extension to AspectJ, called TransJ, with which developers can implement transaction-related crosscutting concerns in cohesive and loosely-coupled aspects. It also presents a preliminary experiment that provides evidence of improvement in reusability without sacrificing the performance of applications requiring essential transactions. This empirical study is conducted using the extended-quality model for transactional application to define measurements on the transaction software systems. This quality model defines three goals: the first relates to code quality (in terms of its reusability); the second to software performance; and the third concerns software development efficiency. Results from this study show that TransJ can improve the reusability while maintaining performance of TransJ applications requiring transaction for all eight areas addressed by the hypotheses: better encapsulation and separation of concern; loose Coupling, higher-cohesion and less tangling; improving obliviousness; preserving the software efficiency; improving extensibility; and hasten the development process

From supply chains to demand networks. Agents in retailing: the electrical bazaar

A paradigm shift is taking place in logistics. The focus is changing from operational effectiveness to adaptation. Supply Chains will develop into networks that will adapt to consumer demand in almost real time. Time to market, capacity of adaptation and enrichment of customer experience seem to be the key elements of this new paradigm. In this environment emerging technologies like RFID (Radio Frequency ID), Intelligent Products and the Internet, are triggering a reconsideration of methods, procedures and goals. We present a Multiagent System framework specialized in retail that addresses these changes with the use of rational agents and takes advantages of the new market opportunities. Like in an old bazaar, agents able to learn, cooperate, take advantage of gossip and distinguish between collaborators and competitors, have the ability to adapt, learn and react to a changing environment better than any other structure. Keywords: Supply Chains, Distributed Artificial Intelligence, Multiagent System.Postprint (published version

A Holistic Approach to Service Survivability

We present SABER (Survivability Architecture: Block, Evade, React), a proposed survivability architecture that blocks, evades and reacts to a variety of attacks by using several security and survivability mechanisms in an automated and coordinated fashion. Contrary to the ad hoc manner in which contemporary survivable systems are built--using isolated, independent security mechanisms such as firewalls, intrusion detection systems and software sandboxes--SABER integrates several different technologies in an attempt to provide a unified framework for responding to the wide range of attacks malicious insiders and outsiders can launch. This coordinated multi-layer approach will be capable of defending against attacks targeted at various levels of the network stack, such as congestion-based DoS attacks, software-based DoS or code-injection attacks, and others. Our fundamental insight is that while multiple lines of defense are useful, most conventional, uncoordinated approaches fail to exploit the full range of available responses to incidents. By coordinating the response, the ability to survive even in the face of successful security breaches increases substantially. We discuss the key components of SABER, how they will be integrated together, and how we can leverage on the promising results of the individual components to improve survivability in a variety of coordinated attack scenarios. SABER is currently in the prototyping stages, with several interesting open research topics

Making Data Storage Efficient in the Era of Cloud Computing

We enter the era of cloud computing in the last decade, as many paradigm shifts are happening on how people write and deploy applications. Despite the advancement of cloud computing, data storage abstractions have not evolved much, causing inefficiencies in performance, cost, and security. This dissertation proposes a novel approach to make data storage efficient in the era of cloud computing by building new storage abstractions and systems that bridge the gap between cloud computing and data storage and simplify development. We build four systems to address four data inefficiencies in cloud computing. The first system, Grandet, solves the data storage inefficiency caused by the paradigm shift from upfront provisioning to a variety of pay-as-you-go cloud services. Grandet is an extensible storage system that significantly reduces storage costs for web applications deployed in the cloud. Under the hood, it supports multiple heterogeneous stores and unifies them by placing each data object at the store deemed most economical. Our results show that Grandet reduces their costs by an average of 42.4%, and it is fast, scalable, and easy to use. The second system, Unic, solves the data inefficiency caused by the paradigm shift from single-tenancy to multi-tenancy. Unic securely deduplicates general computations. It exports a cache service that allows cloud applications running on behalf of mutually distrusting users to memoize and reuse computation results, thereby improving performance. Unic achieves both integrity and secrecy through a novel use of code attestation, and it provides a simple yet expressive API that enables applications to deduplicate their own rich computations. Our results show that Unic is easy to use, speeds up applications by an average of 7.58x, and with little storage overhead. The third system, Lambdata, solves the data inefficiency caused by the paradigm shift to serverless computing, where developers only write core business logic, and cloud service providers maintain all the infrastructure. Lambdata is a novel serverless computing system that enables developers to declare a cloud function's data intents, including both data read and data written. Once data intents are made explicit, Lambdata performs a variety of optimizations to improve speed, including caching data locally and scheduling functions based on code and data locality. Our results show that Lambdata achieves an average speedup of 1.51x on the turnaround time of practical workloads and reduces monetary cost by 16.5%. The fourth system, CleanOS, solves the data inefficiency caused by the paradigm shift from desktop computers to smartphones always connected to the cloud. CleanOS is a new Android-based operating system that manages sensitive data rigorously and maintains a clean environment at all times. It identifies and tracks sensitive data, encrypts it with a key, and evicts that key to the cloud when the data is not in active use on the device. Our results show that CleanOS limits sensitive-data exposure drastically while incurring acceptable overheads on mobile networks

Revision of Security Risk-oriented Patterns for Distributed Systems

Turvariskide haldamine on oluline osa tarkvara arendusest. Arvestades, et enamik tänapäeva ettevõtetest sõltuvad suuresti infosüsteemidest, on turvalisusel oluline roll sujuvalt toimivate äriprotsesside tagamisel. Paljud inimesed kasutavad e-teenuseid, mida pakuvad näiteks pangad ja haigekassa. Ebapiisavatel turvameetmetel infosüsteemides võivad olla soovimatud tagajärjed nii ettevõtte mainele kui ka inimeste eludele.\n\rTarkvara turvalisusega tuleb tavaliselt tegeleda kogu tarkvara arendusperioodi ja tarkvara eluea jooksul. Uuringute andmetel tegeletakse tarkvara turvaküsimustega alles tarkvara arenduse ja hooldus etappidel. Kuna turvariskide vähendamine kaasneb tavaliselt muudatustena informatsioonisüsteemi spetsifikatsioonis, on turvaanalüüsi mõistlikum teha tarkvara väljatöötamise algusjärgus. See võimaldab varakult välistada ebasobivad lahendused. Lisaks aitab see vältida hilisemaid kulukaid muudatusi tarkvara arhitektuuris.\n\rKäesolevas töös käsitleme turvalise tarkvara arendamise probleemi, pakkudes lahendusena välja turvariskidele orienteeritud mustreid. Need mustrid aitavad leida turvariske äriprotsessides ja pakuvad välja turvariske vähendavaid lahendusi. Turvamustrid pakuvad analüütikutele vahendit turvanõuete koostamiseks äriprotsessidele. Samuti vähendavad nad riskianalüüsiks vajalikku töömahtu. Oma töös joondame me turvariskidele orienteeritud mustrid vastu hajussüsteemide turvaohtude mustreid. See võimaldab meil täiustada olemasolevaid turvariski mustreid ja võtta kasutusele täiendavaid mustreid turvariskide vähendamiseks hajussüsteemides.\n\rTurvariskidele orienteeritud mustrite kasutatavust on kontrollitud lennunduse äriprotsessides. Tulemused näitavad, et turvariskidele orienteeritud mustreid saab kasutada turvariskide vähendamiseks hajussüsteemides.Security risk management is an important part of software development. Given that majority of modern organizations rely heavily on information systems, security plays a big part in ensuring smooth operation of business processes. Many people rely on e-services offered by banks and medical establishments. Inadequate security measures in information systems could have unwanted effects on an organization’s reputation and on people’s lives. Security concerns usually need to be addressed throughout the development and lifetime of a software system. Literature reports however, that security is often considered during implementation and maintenance stages of software development. Since security risk mitigation usually results with changes to an IS’s specification, security analysis is best done at an early phase of the development process. This allows an early exclusion of inadequate system designs. Additionally, it helps prevent the need for fundamental and expensive design changes later in the development process. In this thesis, we target the secure system development problem by suggesting application of security risk-oriented patterns. These patterns help find security risk occurrences in business processes and present mitigations for these risks. They provide business analysts with means to elicit and introduce security requirements to business processes. At the same time, they reduce the efforts needed for risk analysis. We confront the security risk-oriented patterns against threat patterns for distributed systems. This allows us to refine the collection of existing patterns and introduce additional patterns to mitigate security risks in processes of distributed systems. The applicability of these security risk-oriented patterns is validated on business processes from aviation turnaround system. The validation results show that the security risk-oriented patterns can be used to mitigate security risks in distributed systems

Probabilistic grid scheduling based on job statistics and monitoring information

This transfer thesis presents a novel, probabilistic approach to scheduling applications on computational Grids based on their historical behaviour, current state of the Grid and predictions of the future execution times and resource utilisation of such applications. The work lays a foundation for enabling a more intuitive, user-friendly and effective scheduling technique termed deadline scheduling. Initial work has established motivation and requirements for a more efficient Grid scheduler, able to adaptively handle dynamic nature of the Grid resources and submitted workload. Preliminary scheduler research identified the need for a detailed monitoring of Grid resources on the process level, and for a tool to simulate non-deterministic behaviour and statistical properties of Grid applications. A simulation tool, GridLoader, has been developed to enable modelling of application loads similar to a number of typical Grid applications. GridLoader is able to simulate CPU utilisation, memory allocation and network transfers according to limits set through command line parameters or a configuration file. Its specific strength is in achieving set resource utilisation targets in a probabilistic manner, thus creating a dynamic environment, suitable for testing the scheduler’s adaptability and its prediction algorithm. To enable highly granular monitoring of Grid applications, a monitoring framework based on the Ganglia Toolkit was developed and tested. The suite is able to collect resource usage information of individual Grid applications, integrate it into standard XML based information flow, provide visualisation through a Web portal, and export data into a format suitable for off-line analysis. The thesis also presents initial investigation of the utilisation of University College London Central Computing Cluster facility running Sun Grid Engine middleware. Feasibility of basic prediction concepts based on the historical information and process meta-data have been successfully established and possible scheduling improvements using such predictions identified. The thesis is structured as follows: Section 1 introduces Grid computing and its major concepts; Section 2 presents open research issues and specific focus of the author’s research; Section 3 gives a survey of the related literature, schedulers, monitoring tools and simulation packages; Section 4 presents the platform for author’s work – the Self-Organising Grid Resource management project; Sections 5 and 6 give detailed accounts of the monitoring framework and simulation tool developed; Section 7 presents the initial data analysis while Section 8.4 concludes the thesis with appendices and references