Evolving multi-tenant SaaS cloud applications using model-driven engineering

Cloud computing promotes multi-tenancy for efficient resource utilization by sharing hardware and software infrastructure among multiple clients. Multi-tenant applications running on a cloud infrastructure are provided to clients as Software-as-a-Service (SaaS) over the network. Despite its benefits, multi-tenancy introduces additional challenges, such as p artitioning, extensibility, and customizability during the application development. Over time, after the application deployment, new requirements of clients and changes in business environment result application evolution. As the application evolves, its complexity also increases. In multi-tenancy, evolution demanded by individual clients should not affect availability , security , and performance of the application for other clients. Thus, the multi- tenancy concerns add more complexity by causing variability in design decisions. Managing this complexity requires adequate approaches and tools. In this paper, we propose modeling techniques from software product lines (SPL) and model-driven engineering (MDE) to manage variability and support evolution of multi-tenant applications and their requirements. Specifically, SPL was ap p lied to define technological and concep tual variabilities during the application design, where MDE was suggested to manage these variabilities. We also present a process of how MDE can address evolution of multi-tenant applications using variability models

Secure Cloud-Edge Deployments, with Trust

Assessing the security level of IoT applications to be deployed to heterogeneous Cloud-Edge infrastructures operated by different providers is a non-trivial task. In this article, we present a methodology that permits to express security requirements for IoT applications, as well as infrastructure security capabilities, in a simple and declarative manner, and to automatically obtain an explainable assessment of the security level of the possible application deployments. The methodology also considers the impact of trust relations among different stakeholders using or managing Cloud-Edge infrastructures. A lifelike example is used to showcase the prototyped implementation of the methodology

Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644429 and No 780351, MUSA project and ENACT project, respectively. We would also like to acknowledge all the members of the MUSA Consortium and ENACT Consortium for their valuable help

CyberGuarder: a virtualization security assurance architecture for green cloud computing

Cloud Computing, Green Computing, Virtualization, Virtual Security Appliance, Security Isolation