Web Service Trust: Towards A Dynamic Assessment Framework

Trust in software services is a key prerequisite for the success and wide adoption of services-oriented computing (SOC) in an open Internet world. However, trust is poorly assessed by existing methods and technologies, especially in dynamically composed and deployed SOC systems. In this paper, we discuss current methods for assessing trust in service-oriented computing and identify gaps of current platforms, in particular with regards to runtime trust assessment. To address these gaps, we propose a model of runtime trust assessment of software services and introduce a framework for realizing the model. A key characteristic of our approach is the support that it offers for customizable assessment of trust based on evidence collected during the operation of software services and its ability to combine this evidence with subjective assessments coming from service clients

QoE-Oriented Mobile Edge Service Management Leveraging SDN and NFV

5G envisages a "hyperconnected society" where trillions of diverse entities could communicate with each other anywhere and at any time, some of which will demand extremely challenging performance requirements such as submillisecond low latency. Mobile Edge Computing (MEC) concept where application computing resources are deployed at the edge of the mobile network in proximity of an end user is a promising solution to improve quality of online experience. To make MEC more flexible and cost-effective Network Functions Virtualisation (NFV) and Software-Defined Networking (SDN) technologies are widely adopted. It leads to significant CAPEX and OPEX reduction with the help of a joint radio-cloud management and orchestration logic. In this paper we discuss and develop a reference architecture for the orchestration and management of the MEC ecosystem. Along with the lifecycle management flows of MEC services, indicating the interactions among the functional modules inside the Orchestrator and with external elements, QoS management with a focus on the channel state information technique is presented.The research leading to these results has been supported by the EU funded H2020 5G-PPP project SESAME under the Grant Agreement no. 671596 and National Spanish Projects QoEverage (no. TEC2013-46766-R) and ONOFRE (no. TEC2014-53071-C3-1-P)

SLA management of non-computational services.

El incremento en el uso de arquitecturas orientadas a servicios en los últimos 15 años ha propiciado la propuesta de numerosas técnicas para automatizar y dar soporte al uso de dichos servicios. Un elemento fundamental en la provisión de servicios es el Acuerdo de Nivel de Servicio (ANS), donde se formalizan los requisitos y garantías de consumidor y proveedor respecto del rendimiento del servicio. Las propuestas para servicios computacionales, además de proveer modelos formales para describirlos, proponen la automatización de las diferentes etapas del ciclo de vida del ANS, tales como la negociación de las garantías para crear un ANS, el despliegue de servicios basados en el ANS, o la gestión de los recursos para cumplir las garantías provistas en el mismo. Sin embargo, en los servicios tradicionales, no computacionales, es decir, los servicios que no son ejecutados por recursos computacionales, tales como los servicios de logística o de desarrollo de software, la gestión de sus ANSs todavía se realiza por medios ad-hoc. Así, las soluciones existentes no pueden ser reutilizadas por diferentes servicios. Y, en la mayoría de los casos, esta gestión se hace de manera manual (p.e. revisión de los objetivos acordados en los ANSs de servicios de transporte), por lo que la evaluación de estos ANSs es susceptible a errores y se suele retrasar respecto a la ejecución del servicio (p.e. cuando el ANS ha finalizado), por lo que no se pueden tomar acciones preventivas para evitar el incumplimiento del ANS o estas acciones no son rentables. En estos escenarios, aparecen, además, acuerdos marco para un periodo largo (p.e. 1 aõ), durante el cual pueden aparecen ANSs relacionados con éste para un periodo más específico y el análisis de la coherencia entre acuerdos marco y acuerdos específicos es complicada de hacer durante la ejecución del servicio. En esta tesis, nos proponemos automatizar parcialmente la gestión de los ANSs de servicios no computacionales. Así, por un lado, proponemos que los modelos para servicios computacionales se extiendan a servicios no computacionales, de manera que permitan describir la operativa del servicio y sus garantías. Y, por otro lado, basado en estos modelos, proporcionamos el diseño de operaciones para gestionar el ciclo de vida de los ANS. Concretamente, estas operaciones se basan en las fases de despligue y evaluación del ANS. De forma específica, esta tesis propone tres contribuciones principales. Primero, (A) extender iAgree para dar soporte al modelado de los ANS de servicios no computacionales. Segundo, (B) dar soporte al ciclo de vida de dichos ANS mediante la formalización de las operaciones citadas (configuración del servicio basada en el ANS y monitorización del mismo) y, a partir de estas operaciones, implementamos una arquitectura de referencia para estas operaciones. Y, por último, (C) proveemos el modelado de la relación entre acuerdos marco y específicos que relacione sus términos junto con la formalización de las operaciones para el análisis que aparecen entre ellos. Otros aspectos del ciclo de vida del servicio y del ANS, como la gestión de los recursos para mejorar el rendimiento del servicio o el uso de técnicas (como machine learning) para la predicción del cumplimiento de los ANSs están fuera del contexto de esta tesis, pero se plantean como futuras líneas de extensión. Este trabajo se ha basado en ANSs reales de diferentes dominios, tales como servicios de Transporte y Logística, proveedores de Cloud or outsourcing de desarrollo TIC, que se han utilizado para validar las propuestas. Además, las contribuciones presentadas se han aplicado en el contexto de proyectos reales de soporte de sistemas TIC.The rise of computational services in the last 15 years brought the proposal of a number of techniques to automate and support their enactment. One key element in services is the Service Level Agreement (SLA), where the requirements of service customer are matched with the performance levels from the service provider to define service level guarantees and related responsibilities. The proposals from computational domains are oriented to automate the different stages in the SLA Lifecycle, such as the negotiation of terms which will form the SLA, the deployment of services based on the SLA artifact or the management of computational resources to accomplish SLA goals on runtime. However, traditional non-computational services, that is, services which are not performed by computational resources, such as logistics or software development services, are still supported by ad-hoc mechanisms. Therefore, the existing solutions for the management of their SLAs cannot be reused for other services. This management is usually manually performed (e.g.: reviewing of the goals of an SLA in transport service), so their evaluation is error-prone and delayed regarding the service execution (e.g.: when the SLA is finished), so preemptive actions to avoid SLA violations cannot be taken or/and are expensive to perform. Furthermore, these SLAs are sometimes described on a long term basis (frame agreements), and related SLAs can appear for a shorter term (specific agreements) and the analysis of the validity among them is complex to perform on runtime. In this dissertation, we aim at partially automate the management of SLAs in noncomputational services. On the one hand, we suggest that existing models for computational services can be extended to non computational services and enable the description of the service operative and their guarantees. And, on the other hand, we provide a design for operations to partially support the SLA Lifecycle, based on the previous models. Specifically, these operations are mainly focused on the deployment and fulfillment stages of the SLA. Therefore, the contributions of this dissertation are three. First, (A) providing a model to describe Service Level Agreements of non computational services, as an extension of iAgree, an existing model for SLAs of computational services. Second side, (B) supporting the SLA Lifecycle with the design of the aforementioned operations (service configuration based on SLA and monitoring of SLA) and implementing a reference architecture for such operations. And, lastly, (C) providing a model for frame and specific agreements which relates their terms and formalises the analysis operations among them. Other related operations of the service lifecycle as the management of resources to improve service performance or the use of novel techniques (such as machine learning) to predict the SLA accomplishment are out of the scope of this thesis but planned as future line of extension. The current dissertation has been based on real SLAs from different domains, such as Transport & Logistics, public Cloud providers or IT Maintenance outsourcing, which have been used to validate the proposal. And, furthermore, the contributions have been applied in the context of real IT Maintenance outsourcing projects

The bridge of dreams::Towards a method for operational performance alignment in IT-enabled service supply chains

Concerns on performance alignment, especially on business-IT alignment, have been around for three decades. It is still considered to be one of the most important driving forces for business success, as well as one of the top concerns of many practitioners and organizational researchers. It is also found to be a major issue in two thirds of digital transformation projects. Many attempts from researchers in diverse disciplines have been made to tackle this issue. Unfortunately, they have been working separately and the research appears in various forms and names. This dissertation presents a piece of interdisciplinary research that focuses on identifying operational performance alignment issues, discovering and assessing their root causes with attention to the dynamics in operating IT-enabled service supply chain (SSC). It makes a modest contribution by providing a communication-centred instrument which can modularize complex SSC in terms of a hierarchically-structured set of services and analyze the performance causality between them. With a special focus on the impact of IT, it makes it possible to monitor and tune various performance issues in SSC. This research intends to provide a solution-oriented common ground where multiple service research streams can meet together. Following the framework proposed in this research, services, at different tiers of an SSC, are modelled with a balanced perspective on both business, technical service components and KPIs. It allows a holistic picture of service performances and interactions throughout the entire supply chain to be viewed through a different research lens and permits the causal impact of technology, business strategy, and service operations on supply chain performance to be unveiled

An Integrated Framework for the Methodological Assurance of Security and Privacy in the Development and Operation of MultiCloud Applications

x, 169 p.This Thesis studies research questions about how to design multiCloud applications taking into account security and privacy requirements to protect the system from potential risks and about how to decide which security and privacy protections to include in the system. In addition, solutions are needed to overcome the difficulties in assuring security and privacy properties defined at design time still hold all along the system life-cycle, from development to operation.In this Thesis an innovative DevOps integrated methodology and framework are presented, which help to rationalise and systematise security and privacy analyses in multiCloud to enable an informed decision-process for risk-cost balanced selection of the protections of the system components and the protections to request from Cloud Service Providers used. The focus of the work is on the Development phase of the analysis and creation of multiCloud applications.The main contributions of this Thesis for multiCloud applications are four: i) The integrated DevOps methodology for security and privacy assurance; and its integrating parts: ii) a security and privacy requirements modelling language, iii) a continuous risk assessment methodology and its complementary risk-based optimisation of defences, and iv) a Security and Privacy Service Level AgreementComposition method.The integrated DevOps methodology and its integrating Development methods have been validated in the case study of a real multiCloud application in the eHealth domain. The validation confirmed the feasibility and benefits of the solution with regards to the rationalisation and systematisation of security and privacy assurance in multiCloud systems