Managed access dependability for critical services in wireless inter domain environment

The Information and Communications Technology (ICT) industry has through the last decades changed and still continues to affect the way people interact with each other and how they access and share information, services and applications in a global market characterized by constant change and evolution. For a networked and highly dynamic society, with consumers and market actors providing infrastructure, networks, services and applications, the mutual dependencies of failure free operations are getting more and more complex. Service Level Agreements (SLAs) between the various actors and users may be used to describe the offerings along with price schemes and promises regarding the delivered quality. However, there is no guarantee for failure free operations whatever efforts and means deployed. A system fails for a number of reasons, but automatic fault handling mechanisms and operational procedures may be used to decrease the probability for service interruptions. The global number of mobile broadband Internet subscriptions surpassed the number of broadband subscriptions over fixed technologies in 2010. The User Equipment (UE) has become a powerful device supporting a number of wireless access technologies and the always best connected opportunities have become a reality. Some services, e.g. health care, smart power grid control, surveillance/monitoring etc. called critical services in this thesis, put high requirements on service dependability. A definition of dependability is the ability to deliver services that can justifiably be trusted. For critical services, the access networks become crucial factors for achieving high dependability. A major challenge in a multi operator, multi technology wireless environment is the mobility of the user that necessitates handovers according to the physical movement. In this thesis it is proposed an approach for how to optimize the dependability for critical services in multi operator, multi technology wireless environment. This approach allows predicting the service availability and continuity at real-time. Predictions of the optimal service availability and continuity are considered crucial for critical services. To increase the dependability for critical services dual homing is proposed where the use of combinations of access points, possibly owned by different operators and using different technologies, are optimized for the specific location and movement of the user. A central part of the thesis is how to ensure the disjointedness of physical and logical resources so important for utilizing the dependability increase potential with dual homing. To address the interdependency issues between physical and logical resources, a study of Operations, Administrations, and Maintenance (OA&M) processes related to the access network of a commercial Global System for Mobile Communications (GSM)/Universal Mobile Telecommunications System (UMTS) operator was performed. The insight obtained by the study provided valuable information of the inter woven dependencies between different actors in the delivery chain of services. Based on the insight gained from the study of OA&M processes a technological neutral information model of physical and logical resources in the access networks is proposed. The model is used for service availability and continuity prediction and to unveil interdependencies between resources for the infrastructure. The model is proposed as an extension of the Media Independent Handover (MIH) framework. A field trial in a commercial network was conducted to verify the feasibility in retrieving the model related information from the operators' Operational Support Systems (OSSs) and to emulate the extension and usage of the MIH framework. In the thesis it is proposed how measurement reports from UE and signaling in networks are used to define virtual cells as part of the proposed extension of the MIH framework. Virtual cells are limited geographical areas where the radio conditions are homogeneous. Virtual cells have radio coverage from a number of access points. A Markovian model is proposed for prediction of the service continuity of a dual homed critical service, where both the infrastructure and radio links are considered. A dependability gain is obtained by choosing a global optimal sequence of access points. Great emphasizes have been on developing computational e cient techniques and near-optimal solutions considered important for being able to predict service continuity at real-time for critical services. The proposed techniques to obtain the global optimal sequence of access points may be used by handover and multi homing mechanisms/protocols for timely handover decisions and access point selections. With the proposed extension of the MIH framework a global optimal sequence of access points providing the highest reliability may be predicted at real-time

Ecotopia: An Ecological Framework for Change Management in Distributed Systems

Abstract. Dynamic change management in an autonomic, service-oriented infrastructure is likely to disrupt the critical services delivered by the infrastructure. Furthermore, change management must accommodate complex real-world systems, where dependability and performance objectives are managed across multiple distributed service components and have specific criticality/value models. In this paper, we present Ecotopia, a framework for change management in complex service-oriented architectures (SOA) that is ecological in its intent: it schedules change operations with the goal of minimizing the service-delivery disruptions by accounting for their impact on the SOA environment. The change-planning functionality of Ecotopia is split between multiple objective-advisors and a system-level change-orchestrator component. The objective advisors assess the change-impact on service delivery by estimating the expected values of the Key Performance Indicators (KPIs), during and after change. The orchestrator uses the KPI estimations to assess the per-objective and overall business-value changes over a long time-horizon and to identify the scheduling plan that maximizes the overall business value. Ecotopia handles both external change requests, like software upgrades, and internal changes requests, like fault-recovery actions. We evaluate the Ecotopia framework using two realistic change-management scenarios in distributed enterprise systems

Strategies for Cloud Services Adoption in Saudi Arabia

The adoption rate of cloud computing is low among business organizations in Saudi Arabia, despite the cost-saving benefits of using cloud services. The purpose of this multiple case study was to explore the strategies that information technology (IT) leaders in the manufacturing industry in Saudi Arabia used to adopt cloud computing to reduce IT costs. The target population of this study consisted of 5 IT leaders from 5 different manufacturing companies in Saudi Arabia who successfully adopted cloud computing in their companies to reduce IT costs. Rogers\u27s diffusion of innovation theory was the conceptual framework for this research. Data collected from face-to-face, semistructured interviews and a review of relevant corporate documentation were analyzed using Yin\u27s 5-step data analysis method, which included compiling, disassembling, reassembling, interpreting, and concluding the data. Five themes emerged from the data analysis: identify business needs and requirements, apply value realization metrics, plan for migration, choose the right cloud service provider, and provide adequate training and awareness sessions. The implications of this study for positive social change include the potential to improve the local economy in Saudi Arabia by ensuring the sustainability of firms in the manufacturing industry through the implementation of cost-saving strategies associated with cloud computing adoption

Security in Cloud Computing: Evaluation and Integration

Au cours de la dernière décennie, le paradigme du Cloud Computing a révolutionné la manière dont nous percevons les services de la Technologie de l’Information (TI). Celui-ci nous a donné l’opportunité de répondre à la demande constamment croissante liée aux besoins informatiques des usagers en introduisant la notion d’externalisation des services et des données. Les consommateurs du Cloud ont généralement accès, sur demande, à un large éventail bien réparti d’infrastructures de TI offrant une pléthore de services. Ils sont à même de configurer dynamiquement les ressources du Cloud en fonction des exigences de leurs applications, sans toutefois devenir partie intégrante de l’infrastructure du Cloud. Cela leur permet d’atteindre un degré optimal d’utilisation des ressources tout en réduisant leurs coûts d’investissement en TI. Toutefois, la migration des services au Cloud intensifie malgré elle les menaces existantes à la sécurité des TI et en crée de nouvelles qui sont intrinsèques à l’architecture du Cloud Computing. C’est pourquoi il existe un réel besoin d’évaluation des risques liés à la sécurité du Cloud durant le procédé de la sélection et du déploiement des services. Au cours des dernières années, l’impact d’une efficace gestion de la satisfaction des besoins en sécurité des services a été pris avec un sérieux croissant de la part des fournisseurs et des consommateurs. Toutefois, l’intégration réussie de l’élément de sécurité dans les opérations de la gestion des ressources du Cloud ne requiert pas seulement une recherche méthodique, mais aussi une modélisation méticuleuse des exigences du Cloud en termes de sécurité. C’est en considérant ces facteurs que nous adressons dans cette thèse les défis liés à l’évaluation de la sécurité et à son intégration dans les environnements indépendants et interconnectés du Cloud Computing. D’une part, nous sommes motivés à offrir aux consommateurs du Cloud un ensemble de méthodes qui leur permettront d’optimiser la sécurité de leurs services et, d’autre part, nous offrons aux fournisseurs un éventail de stratégies qui leur permettront de mieux sécuriser leurs services d’hébergements du Cloud. L’originalité de cette thèse porte sur deux aspects : 1) la description innovatrice des exigences des applications du Cloud relativement à la sécurité ; et 2) la conception de modèles mathématiques rigoureux qui intègrent le facteur de sécurité dans les problèmes traditionnels du déploiement des applications, d’approvisionnement des ressources et de la gestion de la charge de travail au coeur des infrastructures actuelles du Cloud Computing. Le travail au sein de cette thèse est réalisé en trois phases.----------ABSTRACT: Over the past decade, the Cloud Computing paradigm has revolutionized the way we envision IT services. It has provided an opportunity to respond to the ever increasing computing needs of the users by introducing the notion of service and data outsourcing. Cloud consumers usually have online and on-demand access to a large and distributed IT infrastructure providing a plethora of services. They can dynamically configure and scale the Cloud resources according to the requirements of their applications without becoming part of the Cloud infrastructure, which allows them to reduce their IT investment cost and achieve optimal resource utilization. However, the migration of services to the Cloud increases the vulnerability to existing IT security threats and creates new ones that are intrinsic to the Cloud Computing architecture, thus the need for a thorough assessment of Cloud security risks during the process of service selection and deployment. Recently, the impact of effective management of service security satisfaction has been taken with greater seriousness by the Cloud Service Providers (CSP) and stakeholders. Nevertheless, the successful integration of the security element into the Cloud resource management operations does not only require methodical research, but also necessitates the meticulous modeling of the Cloud security requirements. To this end, we address throughout this thesis the challenges to security evaluation and integration in independent and interconnected Cloud Computing environments. We are interested in providing the Cloud consumers with a set of methods that allow them to optimize the security of their services and the CSPs with a set of strategies that enable them to provide security-aware Cloud-based service hosting. The originality of this thesis lies within two aspects: 1) the innovative description of the Cloud applications’ security requirements, which paved the way for an effective quantification and evaluation of the security of Cloud infrastructures; and 2) the design of rigorous mathematical models that integrate the security factor into the traditional problems of application deployment, resource provisioning, and workload management within current Cloud Computing infrastructures. The work in this thesis is carried out in three phases

Language support for service-level agreements for application-service provision

My thesis is that practical language support can be provided for Service-Level Agreements (SLAs) for Application-Service Provision (ASP), which is better than that provided by pre-existing languages in that: it provides greater assistance in expressing conditions that mitigate the risks inherent in ASP; and disputes related to agreements expressed in this manner may be more easily resolved in so as to respect the original intent of the parties. I support this thesis by establishing requirements for SLAs for ASP based on an account of a typical ASP infrastructure and business model. These identify the particular risks inherent in ASP, permit comparisons between ASP SLA languages, and guide the development of an abstract, extensible, domain-specific language, SLAng. SLAng is defined using a meta-modelling approach that allows a high degree of precision in the specification of its semantics, traceability from SLA to language specification, and the testing of the language and SLAs to ensure they capture the original intent of the parties. SLAng supports the expression of mutually-monitorable SLAs, for which the determination of compliance depends only on events visible to both client and provider of the service. I demonstrate that such SLAs are the most monitorable possible in a typical ASP scenario, given current monitoring technology, and describe an approximately-monitorable constraint on the accuracy of evidence used to administer such SLAs. SLAng is shown to be of practical use in a case study, evaluated against the original requirements, and compared with pre-existing languages. The evaluation of SLAng is enhanced using metrics developed to assist in assessing the contribution of a domain-specific language specification to encoding the meaning of statements in that language

From Resilience-Building to Resilience-Scaling Technologies: Directions -- ReSIST NoE Deliverable D13

This document is the second product of workpackage WP2, "Resilience-building and -scaling technologies", in the programme of jointly executed research (JER) of the ReSIST Network of Excellence. The problem that ReSIST addresses is achieving sufficient resilience in the immense systems of ever evolving networks of computers and mobile devices, tightly integrated with human organisations and other technology, that are increasingly becoming a critical part of the information infrastructure of our society. This second deliverable D13 provides a detailed list of research gaps identified by experts from the four working groups related to assessability, evolvability, usability and diversit

Production Engineering and Management

It is our pleasure to introduce the 8th edition of the International Conference on Production Engineering and anagement (PEM), an event that is the result of the joint effort of the OWL University of Applied Sciences and the University of Trieste. The conference has been established as an annual meeting under the Double Degree Master Program “Production Engineering and Management” by the two partner universities. This year the conference is hosted at the university campus in Lemgo, Germany. The main goal of the conference is to offer students, researchers and professionals in Germany, Italy and abroad, an opportunity to meet and exchange information, discuss experiences, specific practices and technical solutions for planning, design, and management of manufacturing and service systems and processes. As always, the conference is a platform aimed at presenting research projects, introducing young academics to the tradition of symposiums and promoting the exchange of ideas between the industry and the academy. This year’s special focus is on Supply Chain Design and Management in the context of Industry 4.0, which are currently major topics of discussion among experts and professionals. In fact, the features and problems of Industry 4.0 have been widely discussed in the last editions of the PEM conference, in which sustainability and efficiency also emerged as key factors. With the further study and development of Direct Digital Manufacturing technologies in connection with new Management Practices and Supply Chain Designs, the 8th edition of the PEM conference aims to offer new and interesting scientific contributions. The conference program includes 25 speeches organized in seven sessions. Two are specifically dedicated to “Direct Digital Manufacturing in the context of Industry 4.0”. The other sessions are covering areas of great interest and importance to the participants of the conference, which are related to the main focus: “Supply Chai n Design and Management”, “Industrial Engineering and Lean Management”, “Wood Processing Technologies and Furniture Production”, and “Management Practices and Methodologies”. The proceedings of the conference include the articles submitted and accepted after a careful double-blind refereeing process

Framework for Security Transparency in Cloud Computing

The migration of sensitive data and applications from the on-premise data centre to a cloud environment increases cyber risks to users, mainly because the cloud environment is managed and maintained by a third-party. In particular, the partial surrender of sensitive data and application to a cloud environment creates numerous concerns that are related to a lack of security transparency. Security transparency involves the disclosure of information by cloud service providers about the security measures being put in place to protect assets and meet the expectations of customers. It establishes trust in service relationship between cloud service providers and customers, and without evidence of continuous transparency, trust and confidence are affected and are likely to hinder extensive usage of cloud services. Also, insufficient security transparency is considered as an added level of risk and increases the difficulty of demonstrating conformance to customer requirements and ensuring that the cloud service providers adequately implement security obligations. The research community have acknowledged the pressing need to address security transparency concerns, and although technical aspects for ensuring security and privacy have been researched widely, the focus on security transparency is still scarce. The relatively few literature mostly approach the issue of security transparency from cloud providers’ perspective, while other works have contributed feasible techniques for comparison and selection of cloud service providers using metrics such as transparency and trustworthiness. However, there is still a shortage of research that focuses on improving security transparency from cloud users’ point of view. In particular, there is still a gap in the literature that (i) dissects security transparency from the lens of conceptual knowledge up to implementation from organizational and technical perspectives and; (ii) support continuous transparency by enabling the vetting and probing of cloud service providers’ conformity to specific customer requirements. The significant growth in moving business to the cloud – due to its scalability and perceived effectiveness – underlines the dire need for research in this area. This thesis presents a framework that comprises the core conceptual elements that constitute security transparency in cloud computing. It contributes to the knowledge domain of security transparency in cloud computing by proposing the following. Firstly, the research analyses the basics of cloud security transparency by exploring the notion and foundational concepts that constitute security transparency. Secondly, it proposes a framework which integrates various concepts from requirement engineering domain and an accompanying process that could be followed to implement the framework. The framework and its process provide an essential set of conceptual ideas, activities and steps that can be followed at an organizational level to attain security transparency, which are based on the principles of industry standards and best practices. Thirdly, for ensuring continuous transparency, the thesis proposes an essential tool that supports the collection and assessment of evidence from cloud providers, including the establishment of remedial actions for redressing deficiencies in cloud provider practices. The tool serves as a supplementary component of the proposed framework that enables continuous inspection of how predefined customer requirements are being satisfied. The thesis also validates the proposed security transparency framework and tool in terms of validity, applicability, adaptability, and acceptability using two different case studies. Feedbacks are collected from stakeholders and analysed using essential criteria such as ease of use, relevance, usability, etc. The result of the analysis illustrates the validity and acceptability of both the framework and tool in enhancing security transparency in a real-world environment