Elastic Business Process Management: State of the Art and Open Challenges for BPM in the Cloud

With the advent of cloud computing, organizations are nowadays able to react rapidly to changing demands for computational resources. Not only individual applications can be hosted on virtual cloud infrastructures, but also complete business processes. This allows the realization of so-called elastic processes, i.e., processes which are carried out using elastic cloud resources. Despite the manifold benefits of elastic processes, there is still a lack of solutions supporting them. In this paper, we identify the state of the art of elastic Business Process Management with a focus on infrastructural challenges. We conceptualize an architecture for an elastic Business Process Management System and discuss existing work on scheduling, resource allocation, monitoring, decentralized coordination, and state management for elastic processes. Furthermore, we present two representative elastic Business Process Management Systems which are intended to counter these challenges. Based on our findings, we identify open issues and outline possible research directions for the realization of elastic processes and elastic Business Process Management.Comment: Please cite as: S. Schulte, C. Janiesch, S. Venugopal, I. Weber, and P. Hoenisch (2015). Elastic Business Process Management: State of the Art and Open Challenges for BPM in the Cloud. Future Generation Computer Systems, Volume NN, Number N, NN-NN., http://dx.doi.org/10.1016/j.future.2014.09.00

Business process specification, verification, and deployment in a mono-cloud, multi-edge context

© 2020, ComSIS Consortium. All rights reserved. Despite the prevalence of cloud and edge computing, ensuring the satisfaction of time-constrained business processes, remains challenging. Indeed, some cloud/edge-based resources might not be available when needed leading to delaying the execution of these processes’ tasks and/or the transfer of these processes’ data. This paper presents an approach for specifying, verifying, and deploying time-constrained business processes in a mono-cloud, multi-edge context. First, the specification and verification of processes happen at design-time and run-time to ensure that these processes’ tasks and data are continuously placed in a way that would mitigate the violation of time constraints. This mitigation might require moving tasks and/or data from one host to another to reduce time latency, for example. A host could be either a cloud, an edge, or any. Finally, the deployment of processes using a real case-study allowed to confirm the benefits of the early specification and verification of these processes in mitigating time constraints violations

Exploring a resource allocation security protocol for secure service migration in commercial cloud environments

Recently, there has been a significant increase in the popularity of cloud computing systems that offer Cloud services such as Networks, Servers, Storage, Applications, and other available on-demand re-sources or pay-as-you-go systems with different speeds and Qualities of Service. These cloud computing environments share resources by providing virtualization techniques that enable a single user to ac-cess various Cloud Services Thus, cloud users have access to an infi-nite computing resource, allowing them to increase or decrease their resource consumption capacity as needed. However, an increasing number of Commercial Cloud Services are available in the market-place from a wide range of Cloud Service Providers (CSPs). As a result, most CSPs must deal with dynamic resource allocation, in which mobile services migrate from one cloud environment to another to provide heterogeneous resources based on user requirements. A new service framework has been proposed by Sardis about how ser-vices can be migrated in Cloud Infrastructure. However, it does not address security and privacy issues in the migration process. Fur-thermore, there is still a lack of heuristic algorithms that can check requested and available resources to allocate and deallocate before the secure migration begins. The advent of Virtual machine technol-ogy, for example, VMware, and container technology, such as Docker, LXD, and Unikernels has made the migration of services possible. As Cloud services, such as Vehicular Cloud, are now being increasingly offered in highly mobile environments, Y-Comm, a new framework for building future mobile systems, has developed proactive handover to support the mobile user. Though there are many mechanisms in place to provide support for mobile services, one way of addressing the challenges arising because of this emerging application is to move the computing resources closer to the end-users and find how much computing resources should be allocated to meet the performance re-quirements/demands. This work addresses the above challenges by proposing the development of resource allocation security protocols for secure service migration that allow the safe transfer of servers and monitoring of the capacity of requested resources to different Cloud environments. In this thesis, we propose a Resource Allocation Secu-rity Protocol for secure service migration that allows resources to be allocated efficiently is analyzed. In our research, we use two differ-ent formal modelling and verification techniques to verify an abstract protocol and validate the security properties such as secrecy, authen-tication, and key exchange for secure service migration. The new protocol has been verified in AVISPA and ProVerif formal verifier and is being implemented in a new Service Management Framework Prototype to securely manage and allocate resources in Commercial Cloud Environments. And then, a Capability-Based Secure Service Protocol (SSP) was developed to ensure that capability-based service protocol proves secrecy, authentication, and authorization, and that it can be applied to any service. A basic prototype was then devel-oped to test these ideas using a block storage system known as the Network Memory Service. This service was used as the backend of a FUSE filesystem. The results show that this approach can be safely implemented and should perform well in real environments

Specification and Analysis of Resource Utilization Policies for Human-Intensive Systems

Contemporary systems often require the effective support of many types of resources, each governed by complex utilization policies. Sound management of these resources plays a key role in assuring that these systems achieve their key goals. To help system developers make sound resource management decisions, I provide a resource utilization policy specification and analysis framework for (1) specifying very diverse kinds of resources and their potentially complex resource utilization policies, (2) dynamically evaluating the policies’ effects on the outcomes achieved by systems utilizing the resources, and (3) formally verifying various kinds of properties of these systems. Resource utilization policies range from simple, e.g., first-in-first-out, to extremely complex, responding to changes in system environment, state, and stimuli. Further, policies may at times conflict with each other, requiring conflict resolution strategies that add extra complexity. Prior specification approaches rely on relatively simple resource models that prevent the specification of complex utilization and conflict resolution policies. My approach (1) separates resource utilization policy concerns from resource characteristic and request specifications, (2) creates an expressive specification notation for constraint policies, and (3) creates a resource constraint conflict resolution capability. My approach enables creating specifications of policies that are sufficiently precise and detailed to support static and dynamic analyses of how these policies affect the properties of systems constrained or governed by these policies. I provide a process- and resource-aware discrete-event simulator for simulating system executions that adhere to policies of resource utilization. The simulator integrates the existing JSim simulation engine with a separate resource management system. The separate architectural component makes it easy to keep track of resource utilization traces during a simulation run. My simulation framework facilitates considerable flexibility in the evaluation of diverse resource management decisions and powerful dynamic analyses. Dynamic verification through simulation is inherently limited because of the impossibility of exhaustive simulation of all scenarios. I complement this approach with static verification. Prior static resource analysis has supported the verification only of relatively simple resource utilization policies. My research utilizes powerful model checking techniques, building on the existing FLAVERS model checking tool, to verify properties of complex systems that are also verified to conform to complex resource utilization policies. My research demonstrates how to use systems such as FLAVERS to verify adherence to complex resource utilization policies as well as overall system properties, such as the absence of resource leak and resource deadlock. I evaluated my approach working with a hospital emergency department domain expert, using detailed, expert-developed models of the processes and resource utilization policies of an emergency department. In doing this, my research demonstrates how my framework can be effective in guiding the domain expert towards making sound decisions about policies for the management of hospital resources, while also providing rigorously-based assurances that the guidance is reliable and well-founded. My research makes the following contributions: (1) a specification language for resources and resource utilization policies for human-intensive systems, (2) a process- and resource-aware discrete-event simulation engine that creates simulations that adhere to the resource utilization policies, allowing for the dynamic evaluation of resource utilization policies, (3) a process- and resource-aware model checking technique that formally verifies system properties and adherence to resource utilization policies, and (4) validated and verified specifications of an emergency department healthcare system, demonstrating the utility of my approach

Smart Cloud Engine and Solution Based on Knowledge Base

AbstractComplexity of cloud infrastructures needs models and tools for process management, configuration, scaling, elastic computing and healthiness control. This paper presents a Smart Cloud solution based on a Knowledge Base, KB, with the aim of modeling cloud resources, Service Level Agreements and their evolution, and enabling the reasoning on structures by implementing strategies of efficient smart cloud management and intelligence. The solution proposed provides formal verification tools and intelligence for cloud control. It can be easily integrated with any cloud configuration manager, cloud orchestrator, and monitoring tool, since the connections with these tools are performed by using REST calls and XML files. It has been validated in the large ICARO Cloud project with a national cloud service provider