Serverless computing for the Internet of Things

Cloud-based services have evolved significantly over the years. Cloud computing models such as IaaS, PaaS and SaaS are serving as an alternative to traditional in-house infrastructure-based approach. Furthermore, serverless computing is a cloud computing model for ephemeral, stateless and event-driven applications that scale up and down instantly. In contrast to the infinite resources of cloud computing, the Internet of Things is the network of resource-constrained, heterogeneous and intelligent devices that generate a significant amount of data. Due to the resource-constrained nature of IoT devices, cloud resources are used to process data generated by IoT devices. However, data processing in the cloud also has few limitations such as latency and privacy concerns. These limitations arise a requirement of local processing of data generated by IoT devices. A serverless platform can be deployed on a cluster of IoT devices using software containers to enable local processing of the sensor data. This work proposes a hybrid multi-layered architecture that not only establishes the possibility of local processing of sensor data but also considers the issues such as heterogeneity, resource constraint nature of IoT devices. We use software containers, and multi-layered architecture to provide the high availability and fault tolerance in our proposed solution

Hard-Real-Time Computing Performance in a Cloud Environment

The United States Department of Defense (DoD) is rapidly working with DoD Services to move from multi-year (e.g., 7-10) traditional acquisition programs to a commercial industrybased approach for software development. While commercial technologies and approaches provide an opportunity for rapid fielding of mission capabilities to pace threats, the suitability of commercial technologies to meet hard-real-time requirements within a surface combat system is unclear. This research establishes technical data to validate the effectiveness and suitability of current commercial technologies to meet the hard-real-time demands of a DoD combat management system. (Moreland Jr., 2013) conducted similar research; however, microservices, containers, and container orchestration technologies were not on the DoD radar at the time. Updated knowledge in this area will inform future DoD roadmaps and investments. A mission-based approach using Mission Engineering will be used to set the context for applied research. A hypothetical yet operationally relevant Strait Transit scenario has been established to provide context for definition of experimental parameters to be set while assessing the hypothesis. System models federated to form a system-of-systems architecture and data from a cloud computing environment are used to collect data for quantitative analysis

Scalability of an in-house infrastructure to the cloud

Durant els últims anys, les tecnologies al núvol han anat a l'auge. El gran nombre de serveis que ofereixen i les seves múltiples possibilitats fan impossible obviar-los a l'hora de desenvolupar projectes. Des del punt de vista de l'empresa Technology 2 Client, els sistemes actualment funcionant en entorns físics han de deixar lloc a estructures ubicades al núvol. Tot i això, la rapidesa amb la que aquesta tecnologia ha a arribat també ha portat un gran desconeixement al seu respecte. En aquest treball es vol familiaritzar amb tecnologies de contenidors i posar de manifest com es pot desplegar un projecte al núvol de manera senzilla i intuïtiva. Durant les següents pàgines es detallaran les especificacions dels sistemes que es volen crear, els passos a seguir, les justificacions de les tecnologies emprades i les conclusions extretes de tot el procés.Over the last few years, cloud technologies have been on the rise. The large number of services they offer and their multiple possibilities make it impossible to ignore when developing a project. From the point of view of the company Technology 2 Client, the systems currently operating in physical environments have to give way to structures located in the cloud. Even so, the speed with which this technology has arrived has also led to a great lack of knowledge about it. This paper aims to familiarize with container technologies and to show how a project can be deployed in the cloud in a simple and intuitive way. The following pages will detail the specifications of the systems to be created, the steps to follow, the justifications of the technologies used and the conclusions drawn from the whole process

TAXONOMY OF SECURITY AND PRIVACY ISSUES IN SERVERLESS COMPUTING

The advent of cloud computing has led to a new era of computer usage. Networking and physical security are some of the IT infrastructure concerns that IT administrators around the world had to worry about for their individual environments. Cloud computing took away that burden and redefined the meaning of IT administrators. Serverless computing as it relates to secure software development is creating the same kind of change. Developers can quickly spin up a secure development environment in a matter of minutes without having to worry about any of the underlying infrastructure setups. In the paper, we will look at the merits and demerits of serverless computing, what is drawing the demand for serverless computing among developers, the security and privacy issues of serverless technology, and detail the parameters to consider when setting up and using a secure development environment based on serverless computin

BUILDING TRUST IN CLOUD COMPUTING -ISOLATION IN CONTAINER BASED VIRTUALISATION

Container-based virtualisation has weak isolation compare with traditional VMs. Container-based virtualisation is based on kernel OS. Share kernel OS could increase the possibility of attacks. Therefore, the container-based virtualisation provides weak isolation. The lack of isolation from the host could be increase security threats on the container-based virtualisation. The attacker could gain access to all system in the container-based virtualisation because share the kernel OS. The container is a good idea to isolate the applications. However, container-based virtualisation does not provide isolation for users within containers. Therefore, each user can gain all container resources if the user gains access to the container. Cloud computing is revolutionizing many ecosystems through offering companies computing resources that are easy to use, connect, configure, and are automatic and chosen to a suitable scale. In this project, a prototype that could represent a real world data centre is implemented by using container-based virtualisation. TAIC allows each user in the system can perform particular actions within the container. Each user should have permission to do specific tasks within the containers. Only authorised users can access the resources within the containers that lead to making the user data availability. Set of rules using in this architecture that responsible for protecting user data and making it privacy. User data could not be changed by other users that make the user data integrity. Secure containers lead to build a secure environment that could be used in cloud computing and build trust relationships between cloud service provider and users. This architecture modification raises a wide range of security and privacy issues that need to be put into consideration. Isolation in container-based virtualisation is a critical issue. Therefore, the thesis will also present a novel Trust Architecture for Isolation in Containers (TAIC) system to protect the containers from malicious guests and isolate users within the containers to boost the security of data that is stored in them through provide policies that allow each user to perform a specific tasks within containers and provision of data protection and security to cloud computing. Further, due to the centralised nature of data stored in cloud infrastructures, my proposed design will minimise data leakage and improve monitoring

Secure FaaS orchestration in the fog: how far are we?

AbstractFunction-as-a-Service (FaaS) allows developers to define, orchestrate and run modular event-based pieces of code on virtualised resources, without the burden of managing the underlying infrastructure nor the life-cycle of such pieces of code. Indeed, FaaS providers offer resource auto-provisioning, auto-scaling and pay-per-use billing at no costs for idle time. This makes it easy to scale running code and it represents an effective and increasingly adopted way to deliver software. This article aims at offering an overview of the existing literature in the field of next-gen FaaS from three different perspectives: (i) the definition of FaaS orchestrations, (ii) the execution of FaaS orchestrations in Fog computing environments, and (iii) the security of FaaS orchestrations. Our analysis identify trends and gaps in the literature, paving the way to further research on securing FaaS orchestrations in Fog computing landscapes

A Microservice based Architecture for a Presence Service in the Cloud

Presence service enables sharing of, and a subscription to the end users presence (online or offline) status. Primarily used for instant messaging applications, the presence service now finds its way into innovative solutions for domains such as wireless sensor networks and Internet of Things. The growth in users of instant messaging applications is ever increasing since the advent of social media networks. Presence service needs to be highly scalable to handle growing load of the users. Moreover, the user activity is inherently dynamic in nature which requires the presence service to be highly elastic to utilise resources efficiently. Traditional presence services are built as monoliths. Monolithic architectures by design are difficult to scale, lacks elasticity and are resource inefficient. Moreover, overprovisioning of resources to handle unanticipated loads further adds to resource inefficiency. Cloud computing and microservices are emerging paradigms that can help tackling the challenges above. Cloud computing with three key facets: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) enable rapid provisioning and release of resources (e.g. storage, compute, network) on demand. Microservices is an approach of developing applications as a set of smaller, independent, and individually scalable services which communicate with each other using lightweight protocols. The on-demand nature of cloud computing provides a platform to achieve elastic scalability whereas microservices increase the scalability of the architecture. This thesis presents a microservice architecture for a presence service in the cloud. The architecture is based on a state of the art business model. The proposed architecture has three main components: A stateless front-end, a repository and a cache. The front end is built as a set of microservices exposed as SaaS. The front end, to remain technology agnostic, communicates with the repository using the Representational State Transfer (REST) interface. The cache provides fast data access to the front end. The front end microservices use message queues to communicate with each other. Besides, to check the feasibility of the architecture, a proof of concept prototype is implemented for a Session Initiation Protocol for Instant Messaging and Presence (SIMPLE) based presence service. Performance measurements have been made for the proposed and traditional architectures. Also, a comparative analysis of the results is done. The analysis of the results shows that the proposed architecture provides the desired scalability and elasticity to the presence service. Moreover, the proposed architecture provides lower response time and higher throughput in comparison to the traditional architecture