5 research outputs found
Automating SLA enforcement in the cloud computing
Get PDFCloud computing is playing an increasingly important role, not only by facilitating digital trading platforms but also by transforming conventional services from client-server models to cloud computing. This domain has given the global economic and technological benefits, it offers to both the service providers and service subscribers. Digital marketplaces are no longer limited only to trade tangible commodities but also facilitates enormous service virtualization across various industries. Software as a Service (SaaS) being the largest service segment, dominates the global cloud migration. Infrastructure as a Service (IaaS) and cloud-based application development also known as Platform as a Service (PaaS) are also next-generation computing platforms for their ultimate futuristic demand by both, public and private sector. These service segments are now hosted on cloud platforms to compute, store, and network, an enormous amount of service requests, which process data incredibly fast and economically.
Organizations also perform data analytics and other similar computing amenities to manage their business without maintaining on-premise computing infrastructures which are hard to maintain. This computing capability has extensively improved the popularity and increased the demand for cloud services to an extent, that businesses worldwide are heavily migrating their computing resources to these platforms. Diverse cloud service providers take the responsibility of provisioning such cloud-based services for subscribers. In return, a certain subscription fee is charged to them periodically and depending upon the service package, availability and security. On the flip side, such intensive technology shift and outsourcing reliance have also introduced scenarios that any failure on their part leads to serious consequences to the business community at large.
In recent years technology industry has observed critical and increased service outages at various cloud service providers(CSP) such as Amazon AWS, Microsoft, Google, which ultimately interrupts the entire supply chain and causes several well-known web services to be taken offline either due to a human error, failed change control implementation or in more recently due to targeted cyber-attacks like DDoS. These web-based solutions such as compute, storage, network or other similar services are provisioned to cloud service subscribers (CSS) platforms. Regardless of a cloud service deployment, a legal binding such as a Service Level Agreement (SLA) is signed between the CSP and CSS. The SLA holds a service scope and guarantees in case of failure. There are probabilities where these SLA may be violated, revoked, or dishonoured by either party, mostly the CSP.
An SLA violation along with an unsettled dispute leads to some financial losses for the service subscribers or perhaps cost them their business reputation. Eventually, the subscriber may request some form of compensation from the provider such as a service credit or a refund. In either case, the burden of proof lies with the subscribers, who have to capture and preserve those data or forensically sound system or service logs, supporting their claims. Most of the time, this is manually processed, which is both expensive and time-consuming. To address this problem, this research first analyses the gaps in existing arrangements. It then suggests automation of SLA enforcement within cloud environments and identifies the main properties of a solution to the problem covering various other avenues associated with the other operating environments. This research then subsequently proposes architectures, based on the concept of fair exchange, and shows that how intelligently the approach enforces cloud SLA using various techniques. Furthermore, by extending the research scope covering two key scenarios (a) when participants are loss averse and (b) when interacting participants can act maliciously. Our proposed architectures present robust schemes by enforcing the suggested solutions which are effective, efficient, and most importantly resilient to modern-day security and privacy challenges. The uniqueness of our research is that it does not only ensure the fairness aspect of digital trading but it also extends and logically implements a dual security layer throughout the service exchange. Using this approach protects business participants by securely automating the dispute resolutions in a more resilient fashion. It also shields their data privacy and security from diverse cyber challenges and other operational failures. These architectures are capable of imposing state-of-the-art defences through integrated secure modules along with full encryption schemes, mitigating security gaps previously not dealt with, based upon fair exchange protocols. The Protocol also accomplishes achieving service exchange scenarios either with or without dispute resolution. Finally, our proposed architectures are automated and interact with hardcoded procedures and verifications mechanism using a variant of trusted third parties and trusted authorities, which makes it difficult to cause potential disagreements and misbehaviours during a cloud-based service exchange by enforcing SLA
E-commerce protocol supporting automated online dispute resolution
Get PDFE-commerce now constitutes a significant part of all commercial activity; however the increase in transactions is also leading to more disputes. These disputes are becoming more frequent, more technologically complicated and more difficult in terms of traceability . This thesis focuses specifically on dispute problems related to soft products, i.e. those that are intangible and therefore requiring no physical delivery. With the growing demand for these types of products, e.g. downloadable films, music, software, and prepaid calling time, the prevention of fraudulent transactions is becoming increasingly important. Reasons for the rise in the number of fraudulent transactions include merchants being unable to see the customer to verify an ID or signature and E-commerce enabling soft-products and services to be acquired via soft delivery methods: email, download or logging in. The introductory section provides a critique of current e-commerce fraud detection and prevention techniques and shows that not all are suitable for e-commerce, especially soft-products, and therefore unable to provide complete protection against fraud. The future relating to the detection and prevention of e-commerce fraud is then discussed, leading to suggestions regarding the improvement of the current state-of-the-art technique, the Address Verification Service (AVS), which is used to accommodate the introduction of soft-products. Apart from the exchange process problems, i.e. those involving money and goods, attention is also paid to other important factors such as timing and quality that are usually neglected in these detection and prevention techniques. Dispute scenarios from many different perspectives have been analysed, viz. computer science, business, legal and that of the participants themselves. From the analyses, all possible dispute cases have been formally listed using the 'Truth Table' approach. This analysis has then led to the design of a comprehensive taxonomy framework for dispute in e-commerce. The term Online Dispute Resolution (ODR), is the online technology applied to Alternative Dispute Resolution (ADR) which is resolving disputes other than via litigation in the courts. Current ODR systems and their suitability for the e-commercial world have been examined, concluding that not all are appropriate for e-commerce situations (since most still involve a human element and often make the resolution process more costly than the actual item under dispute). The proposed solution to the problem is by automating the online dispute resolution process. The total solution is described in two parts (i) an E-commerce Transaction Protocol (ETP) forming the infrastructure where the transaction will take place and be able to accommodate any new improvements in the future, and (ii) an Automated Online Dispute Resolution (AODR) system which should automatically resolve any dispute occurring within the proposed e-commerce model. In order for the AODR to resolve any dispute, a product/payment specific plug-in (add-on) has been incorporated into the system. For illustration purposes, credit cards as a payment method has been selected and the appropriate plug-in specification for soft products and credit cards created. The concept of providing every soft product with a quality certificate has also been discussed. A concluding case study of e-commerce in Saudi Arabia has been used to test the viability of both the e-commerce dispute taxonomy and the proposed model. The case study shows the suitability of using ETP with AODR in order to resolve soft-product disputes automatically. Limitations of the work and further research possibilities have then been identified.EThOS - Electronic Theses Online ServiceDepartment of Computing Science, Newcastle UniversityGBUnited Kingdo
