Challenges for the comprehensive management of cloud services in a PaaS framework

The 4CaaSt project aims at developing a PaaS framework that enables flexible definition, marketing, deployment and management of Cloud-based services and applications. The major innovations proposed by 4CaaSt are the blueprint and its lifecycle management, a one stop shop for Cloud services and a PaaS level resource management featuring elasticity. 4CaaSt also provides a portfolio of ready to use Cloud native services and Cloud-aware immigrant technologies

Service Negotiation and Contracting in Virtual Network Environment

The current Internet presents a high barrier to entry for new service providers, due to its inability to accommodate new protocols and technologies, and lack of competition among the network providers. Recently, network virtualization has gained considerable attention as a possible solution, as it enables multiple networks to concurrently run over a shared substrate. It allows for deploying diverse network protocols and technologies customized for specific networked services and applications. Moreover, any party can take on the role of a network provider by simply offering his virtual network infrastructure to customers, increasing competition in the market. However, the first challenge in realizing a fair and competitive market in a virtual network environment is to have a service negotiation and contracting mechanism in place, that will allow (i) multiple infrastructure providers to participate in a fair and faithful competition, and (ii) a service provider to negotiate the price and quality of service with the providers. In this thesis, we present V-Mart, an open market model and enabling framework for automated service negotiation and contracting in a virtual network environment. To the infrastructure providers, V-Mart fosters an open and fair competition realized by a two stage auction. The V-Mart auction model ensures that bidders (infrastructure providers) bid truthfully, have the flexibility to apply diverse pricing policies, and still gain profit from hosting customers’ virtual resources. To the service providers, V-Mart offers virtual network partitioning algorithms that allow them to divide their virtual networks among competing infrastructure providers while minimizing the total cost. V-Mart offers two types of algorithms to suit different market scenarios. The algorithms not only consider virtual resource hosting price but also the service provider’s preference for resource co-location and the high cost of inter-provider communication. Through extensive simulation experiments we show the efficiency and effectiveness of the algorithms under various market conditions

SLA4CLOUD: Measurement and SLA Management of Heterogeneous Cloud Infrastructures Testbeds

International audienceThere is an increasing number of cloud platforms emerging in both academia and industry. They often allow the collaboration of a pool of resources from multiple infrastructures (IaaS) in order to benefit from the unique features that each presents. AmSud SLA4CLOUD project is a collaboration between research groups from South America and France on Cloud Computing with the aim to develop different offers of Cloud Service with Service a Level Agreement (SLA) representation. This project builds on different existing projects such as the EU Easi-Clouds project. After introducing the main capabilities and features of OpenStack, this document addresses the integration of OpenStack-based platforms into a larger and heterogeneous multi-cloud infrastructures distributed in different continents. Finally, we aim to implement a strategy for dynamic services composition and optimal placement of virtual machines in order to improve network capabilities without compromising performance requirements as specified in a SLA

Establishing and Monitoring SLAs in complex Service Based Systems

In modern service economies, service provisioning needs to be regulated by complex SLA hierarchies among providers of heterogeneous services, defined at the business, software, and infrastructure layers. Starting from the SLA Management framework defined in the SLA@SOI EU FP7 Integrated Project, we focus on the relationship between establishment and monitoring of such SLAs, showing how the two processes become tightly interleaved in order to provide meaningful mechanisms for SLA management. We first describe the process for SLA establishment adopted within the framework; then, we propose an architecture for monitoring established SLAs, which satisfies the two main requirements introduced by SLA establishment: the availability of historical data for evaluating SLA offers and the assessment of the capability to monitor the terms in a SLA offer

AN EFFICIENT APPROACH TO IMPLEMENT FEDERATED CLOUDS

Cloud computing is one of the trending technologies that provide boundless virtualized resources to the internet users as an important services through the internet, while providing the privacy and security. By using these cloud services, internet users get many parallel computing resources at low cost. It predicted that till 2016, revenues from the online business management spent $4 billion for data storage. Cloud is an open source platform structure, so it is having more chances to malicious attacks. Privacy, confidentiality, and security of stored data are primary security challenges in cloud computing. In cloud computing, ‘virtualization' is one of the techniques dividing memory into different blocks. In most of the existing systems there is only single authority in the system to provide the encrypted keys. To fill the few security issues, this paper proposed a novel authenticated trust security model for secure virtualization system to encrypt the files. The proposed security model achieves the following functions: 1) allotting the VSM(VM Security Monitor) model for each virtual machine; 2) providing secret keys to encrypt and decrypt information by symmetric encryption.The contribution is a proposed architecture that provides a workable security that a cloud service provider can offer to its consumers. Detailed analysis and architecture design presented to elaborate security model

A QoS-based Resource Selection Approach for Virtual Networks

The Internet has gained an outstanding success in a short amount of time and it became a critical infrastructure for accessing information and global commerce. With the help of the Internet and its new channels for connecting people a new way of communication has been established. Meanwhile, its great success leads to new limitations. The Internet consists of various network infrastructure providers with different objectives which makes emerging of new technologies or major architectural changes that require cooperative agreements, relatively impractical. While the current Internet architecture is not suitable for supporting many types of applications, network virtualization is considered as promising, yet challenging solution of these limitations. Network virtualization separates the role of traditional internet service providers (ISPs) into physical infrastructure providers (PIPs) responsible for deploying the physical infrastructure and service providers (SPs) offering end-to-end services to end users. Another motivation for network virtualization is the possibility to add value in the virtualization layer aiming to make use of new technologies (e.g. QoS schemes) and customizing existing technologies to adapt specific services (i.e. customizable networks). This provides the means to run multiple virtual networks on a shared substrate network simultaneously while each virtual network is customized for a specific use. The key challenge in virtual networks is the problem of assigning virtual nodes and links to physical resources. Virtual network mapping/embedding consists in finding the most suitable physical nodes and links in the physical network in order to map virtual network requests with certain constraints on virtual nodes and links. The goal of this thesis is to design and implement substrate network resource selection scheme to increase the overall efficiency of the virtual network embedding process and satisfy the set of predefined resource constraints. This work assumes the existence of a virtual infrastructure provider requesting virtual networks from physical infrastructure providers and proposes a selection algorithm based on service-oriented architecture. Our proposed virtual network embedding algorithm is a heuristic algorithm that considers static attributes along with dynamic attributes of nodes and links as well as end-to-end QoS constraints

Automated Controllers for Bandwidth Allocation in Network Virtualization

International audienceThe concept of network virtualization was introduced to facilitate flexible service deployment for the future Internet. This recent technology provides a powerful tool to run multiple logical networks on the same physical substrate defined as virtual networks (VNs). Each physical link is split into virtual links and each VN receives a fraction of the available capacity. Bandwidth allocation for multiple VMs aims at sharing the physical links among multiple VNs. It is a critical challenge for both service providers (SPs) and infrastructure providers (InPs). This allocation should take into account the quality of service (QoS) requirements of the flows that are crossing each VN. In this paper, we consider a virtualized network environment where the SP deploys multiple VNs with different links' capacity demands and QoS requirements. Each VN competes with other VNs to receive fractions of physical links managed by multiple InPs. We present a two-layer controller system that adapts to the dynamic change of the workload of each VN. The system uses a prediction-based approach in order to find the optimal request for each VN. The request depends on the estimation of the relationship between the VN performance in terms of packet delays and the actual and past allocations. Then, due to the capacity constraint of the physical link, the system adjusts the offered bandwidth for each of them. Our model offers flexible distributed autonomous control of the bandwidth allocation to maintain the offered QoS to each VN at the desired level in response to the dynamics of the workload. Our mechanism provides an optimum allocation of the physical links by distributing the bandwidth periodically. It also offers the possibility of adjusting the VNs' parameters to take into account the current network behaviour to avoid bottleneck virtual links

SLA-based trust model for secure cloud computing

Cloud computing has changed the strategy used for providing distributed services to many business and government agents. Cloud computing delivers scalable and on-demand services to most users in different domains. However, this new technology has also created many challenges for service providers and customers, especially for those users who already own complicated legacy systems. This thesis discusses the challenges of, and proposes solutions to, the issues of dynamic pricing, management of service level agreements (SLA), performance measurement methods and trust management for cloud computing.In cloud computing, a dynamic pricing scheme is very important to allow cloud providers to estimate the price of cloud services. Moreover, the dynamic pricing scheme can be used by cloud providers to optimize the total cost of cloud data centres and correlate the price of the service with the revenue model of service. In the context of cloud computing, dynamic pricing methods from the perspective of cloud providers and cloud customers are missing from the existing literature. A dynamic pricing scheme for cloud computing must take into account all the requirements of building and operating cloud data centres. Furthermore, a cloud pricing scheme must consider issues of service level agreements with cloud customers.I propose a dynamic pricing methodology which provides adequate estimating methods for decision makers who want to calculate the benefits and assess the risks of using cloud technology. I analyse the results and evaluate the solutions produced by the proposed scheme. I conclude that my proposed scheme of dynamic pricing can be used to increase the total revenue of cloud service providers and help cloud customers to select cloud service providers with a good quality level of service.Regarding the concept of SLA, I provide an SLA definition in the context of cloud computing to achieve the aim of presenting a clearly structured SLA for cloud users and improving the means of establishing a trustworthy relationship between service provider and customer. In order to provide a reliable methodology for measuring the performance of cloud platforms, I develop performance metrics to measure and compare the scalability of the virtualization resources of cloud data centres. First, I discuss the need for a reliable method of comparing the performance of various cloud services currently being offered. Then, I develop a different type of metrics and propose a suitable methodology to measure the scalability using these metrics. I focus on virtualization resources such as CPU, storage disk, and network infrastructure.To solve the problem of evaluating the trustworthiness of cloud services, this thesis develops a model for each of the dimensions for Infrastructure as a Service (IaaS) using fuzzy-set theory. I use the Takagi-Sugeno fuzzy-inference approach to develop an overall measure of trust value for the cloud providers. It is not easy to evaluate the cloud metrics for all types of cloud services. So, in this thesis, I use Infrastructure as a Service (IaaS) as a main example when I collect the data and apply the fuzzy model to evaluate trust in terms of cloud computing. Tests and results are presented to evaluate the effectiveness and robustness of the proposed model