Design Criteria of SOA for Cloud Based Infrastructure Resource Management as a Service

Service Oriented Architecture and Cloud Computing are two popular design paradigms in order to fulfill the user’s requirement that includes for high cost and heavy infrastructure applications. SOA is demanding for the different in built approach and cloud is includes for security and infrastructure measures . In this paper, we try to compare the previous existing solution for resource management as a service.. Again we aim to propose a architecture by aggregate these two approaches for low cost and efficient access of infrastructures

Risk management and architecture design in securing cloud platforms: Case study of cloud models

Utilization of cloud environment has become more relevant for different companies and industries and should be considered when building new projects and migrating service from different service providers. As companies are trying to utilize cloud environments the knowledge about these might be lacking and thus increasing knowledge and introducing possible solutions is essential. This means that increasing knowledge about different approaches possible in cloud also different issues can be identified. Based on this kind of knowledge can the discussion about the possibility for utilizing cloud environments be improved. The use case for this study is the risk management and architecture design comparing of different cloud types and models based on a case study. Also, based on these different kinds of cloud types and models the security issues and countermeasures are discussed in a way that these measures could help to control or mitigate issues from happening. For finding feasible architecture designs these measures are to be considered alongside the responsibilities for different cloud models with the help of risk management. Risk management itself introduces risks and issues that are identified from cases and discussed as of how to control them within different cases. This thesis studies the possible issues and risks through a literature review that are associated with different cloud types and models. Also, introducing case study of three different cases that utilize these approaches and introduces such issues and risks associated with those cases. For identified issues and risks also relevant security methods and measures are studied through literature review and introduced to be utilized in risk management and architecture design. Based on these reviews a risk management is conducted to introduced cases where issues and risks are introduced with identification of real-world use case. Also, architecture design is introduced in a way that utilizes identified risks, control, and mitigation measures for protecting resources. What different possibilities and components to consider depending on different cases are also discussed as not all the risks can be mitigated with certain measures and would need more thought on as of what cloud type and model to utilize. Thesis also discusses about the three identified topics of risks, security measures and architecture and identifies relevant information from them for consideration. Thesis discusses about three different cases that were studied in a way as of how they differentiate from each other in the common field of risks, security measures and architecture design as they utilize the cloud in a different way. Discussion introduces the results and more detailed discussion that were identified from these three main topics. Detailed discussion itself contains similarities and differences identified from different cases and introduces more discussions based on those topics

SecFlow: Adaptive Security-Aware Workflow Management System in Multi-Cloud Environments

In this paper, we propose an architecture for a security-aware workflow management system (WfMS) we call SecFlow in answer to the recent developments of combining workflow management systems with Cloud environments and the still lacking abilities of such systems to ensure the security and privacy of cloud-based workflows. The SecFlow architecture focuses on full workflow life cycle coverage as, in addition to the existing approaches to design security-aware processes, there is a need to fill in the gap of maintaining security properties of workflows during their execution phase. To address this gap, we derive the requirements for such a security-aware WfMS and design a system architecture that meets these requirements. SecFlow integrates key functional components such as secure model construction, security-aware service selection, security violation detection, and adaptive response mechanisms while considering all potential malicious parties in multi-tenant and cloud-based WfMS.Comment: 16 pages, 6 figure

Middleware Technologies for Cloud of Things - a survey

The next wave of communication and applications rely on the new services provided by Internet of Things which is becoming an important aspect in human and machines future. The IoT services are a key solution for providing smart environments in homes, buildings and cities. In the era of a massive number of connected things and objects with a high grow rate, several challenges have been raised such as management, aggregation and storage for big produced data. In order to tackle some of these issues, cloud computing emerged to IoT as Cloud of Things (CoT) which provides virtually unlimited cloud services to enhance the large scale IoT platforms. There are several factors to be considered in design and implementation of a CoT platform. One of the most important and challenging problems is the heterogeneity of different objects. This problem can be addressed by deploying suitable "Middleware". Middleware sits between things and applications that make a reliable platform for communication among things with different interfaces, operating systems, and architectures. The main aim of this paper is to study the middleware technologies for CoT. Toward this end, we first present the main features and characteristics of middlewares. Next we study different architecture styles and service domains. Then we presents several middlewares that are suitable for CoT based platforms and lastly a list of current challenges and issues in design of CoT based middlewares is discussed.Comment: http://www.sciencedirect.com/science/article/pii/S2352864817301268, Digital Communications and Networks, Elsevier (2017

Middleware Technologies for Cloud of Things - a survey

The next wave of communication and applications rely on the new services provided by Internet of Things which is becoming an important aspect in human and machines future. The IoT services are a key solution for providing smart environments in homes, buildings and cities. In the era of a massive number of connected things and objects with a high grow rate, several challenges have been raised such as management, aggregation and storage for big produced data. In order to tackle some of these issues, cloud computing emerged to IoT as Cloud of Things (CoT) which provides virtually unlimited cloud services to enhance the large scale IoT platforms. There are several factors to be considered in design and implementation of a CoT platform. One of the most important and challenging problems is the heterogeneity of different objects. This problem can be addressed by deploying suitable "Middleware". Middleware sits between things and applications that make a reliable platform for communication among things with different interfaces, operating systems, and architectures. The main aim of this paper is to study the middleware technologies for CoT. Toward this end, we first present the main features and characteristics of middlewares. Next we study different architecture styles and service domains. Then we presents several middlewares that are suitable for CoT based platforms and lastly a list of current challenges and issues in design of CoT based middlewares is discussed.Comment: http://www.sciencedirect.com/science/article/pii/S2352864817301268, Digital Communications and Networks, Elsevier (2017

BcBIM: A Blockchain-Based Big Data Model for BIM Modification Audit and Provenance in Mobile Cloud

Building Information Modeling (BIM) is envisioned as an indispensable opportunity in the architecture, engineering, and construction (AEC) industries as a revolutionary technology and process. Smart construction relies on BIM for manipulating information flow, data flow, and management flow. Currently, BIM model has been explored mainly for information construction and utilization, but rare works pay efforts to information security, e.g., critical model audit and sensitive model exposure. Moreover, few BIM systems are proposed to chase after upcoming computing paradigms, such as mobile cloud computing, big data, blockchain, and Internet of Things. In this paper, we make the first attempt to propose a novel BIM system model called bcBIM to tackle information security in mobile cloud architectures. More specifically, bcBIM is proposed to facilitate BIM data audit for historical modifications by blockchain in mobile cloud with big data sharing. The proposed bcBIM model can guide the architecture design for further BIM information management system, especially for integrating BIM cloud as a service for further big data sharing. We propose a method of BIM data organization based on blockchains and discuss it based on private and public blockchain. It guarantees to trace, authenticate, and prevent tampering with BIM historical data. At the same time, it can generate a unified format to support future open sharing, data audit, and data provenance

Using Microservices to Customize Multi-Tenant SaaS: From Intrusive to Non-Intrusive

Customization is a widely adopted practice on enterprise software applications such as Enterprise resource planning (ERP) or Customer relation management (CRM). Software vendors deploy their enterprise software product on the premises of a customer, which is then often customized for different specific needs of the customer. When enterprise applications are moving to the cloud as mutli-tenant Software-as-a-Service (SaaS), the traditional way of on-premises customization faces new challenges because a customer no longer has an exclusive control to the application. To empower businesses with specific requirements on top of the shared standard SaaS, vendors need a novel approach to support the customization on the multi-tenant SaaS. In this paper, we summarize our two approaches for customizing multi-tenant SaaS using microservices: intrusive and non-intrusive. The paper clarifies the key concepts related to the problem of multi-tenant customization, and describes a design with a reference architecture and high-level principles. We also discuss the key technical challenges and the feasible solutions to implement this architecture. Our microservice-based customization solution is promising to meet the general customization requirements, and achieves a balance between isolation, assimilation and economy of scale

Designing cloud computing architecture for bank industry the case of Dashen bank

Technology makes life easy. People contact banks in their day to day life activity. And also the banks are committed to serve their customers with the help of currently advanced technology. The aim of a bank is to give consistent and satisfactory banking services for the customers. The use of advanced technology in banking requires sophisticated knowledge of the technology and expertise and a large number of employees are required for implementation and management of that system. Cloud computing makes easy the management of IT infrastructure and the bank sector systems. Cloud service providers provide three basic types of services: infrastructure as a service, software as a service and platform as a service. In a cloud environment, there are concerns in the security and confidentiality of the data placed at the cloud. The main purpose of the study is design the cloud computing architecture for Dashen bank, which will reduce the labor need for managing IT infrastructure and system and enhance the use of technology with the required security verification. The study focused on designing aspects of cloud computing. The study used interview, observation and document analysis to gather the data. The interview was conducted on the selected department and employee of the bank. The observation was at the data center of the Dashen bank using a checklist. All the required data was collected from the head quarter of Dashen bank. The study revealed the management of the bank recognized the potential benefit of cloud computing and has started dealing with companies like Microsoft and IBM to adopt the technology. However, because of the absence of regulatory framework and security concerns, immediate adoption of cloud computing tend to difficult. Future researcher needs to focus on assessing and developing an appropriate security system for bank sector. In addition, appropriate policy and procedure needs to be crafted by the regulatory body like NBE and MICT