A Reflective Platform for Highly Adaptive Multi-Cloud Systems

International audienceCloud platforms are increasingly used for hosting a broad diversity of services from traditional e-commerce applications to interactive web-based IDEs. However, we observe that the prolif- eration of offers by Cloud vendors raises several challenges. Developers will not only have to deploy applications for a specific Cloud, but will also have to consider migrating services from one cloud to another, and to manage applications spanning multiple Clouds. In this paper, we therefore report on a first experiment we conducted to build a multi-Cloud system on top of thirteen existing IaaS/PaaS. From this experiment, we advocate for two dimensions of adaptability - design and execution time - that applications for such systems require to exhibit. Finally, we propose a roadmap for future multi-Cloud systems

A template description framework for services as a utility for cloud brokerage

Integration and mediation are two core functions that a cloud service broker needs to perform. The description of services involved plays a central role in this endeavour to enable services to be considered as commoditised utilities. We propose a conceptual framework for a cloud service broker based on two parts: a reference architecture for cloud brokers and a service description template that describes the mediated and integrated cloud services. Structural aspects of that template will be identified, formalised in an ontology and mapped onto a set of sublanguages that can be aligned to the cloud development and deployment process

A Case Study for Business Integration as a Service

This paper presents Business Integration as a Service (BIaaS) to allow two services to work together in the Cloud to achieve a streamline process. We illustrate this integration using two services; Return on Investment (ROI) Measurement as a Service (RMaaS) and Risk Analysis as a Service (RAaaS) in the case study at the University of Southampton. The case study demonstrates the cost-savings and the risk analysis achieved, so two services can work as a single service. Advanced techniques are used to demonstrate statistical services and 3D Visualisation services under the remit of RMaaS and Monte Carlo Simulation as a Service behind the design of RAaaS. Computational results are presented with their implications discussed. Different types of risks associated with Cloud adoption can be calculated easily, rapidly and accurately with the use of BIaaS. This case study confirms the benefits of BIaaS adoption, including cost reduction and improvements in efficiency and risk analysis. Implementation of BIaaS in other organisations is also discussed. Important data arising from the integration of RMaaS and RAaaS are useful for management and stakeholders of University of Southampton

The role of transparency and trust in the selection of cloud service providers

PhD ThesisPotential customers started to adopt cloud computing because of the promised benefits such as the flexibility of resources and most importantly cost reduction. In spite of the benefits that could flow from its adoption, cloud computing brings new challenges associated with its potential lack of transparency, trust and loss of controls. In the shadow of these challenges, the number of cloud service providers in the marketplace is growing, making the comparison and selection process very difficult for potential customers and requiring methods for selecting trustworthy and transparent providers. This thesis discusses the existing tools, methods and frameworks that promote the adoption of cloud computing models, and the selection of trustworthy cloud service providers. A set of customer assurance requirements has been proposed as a basis for comparative evaluation, and is applied to several popular tools (Cloud Security Alliance Security, Trust, and Assurance Registry (CSA STAR), CloudTrust Protocol (CTP), Complete, Auditable, and Reportable Approach (C.A.RE) and Cloud Provider Transparency Scorecard (CPTS)). In addition, a questionnaire-based survey has been developed and launched where by respondents evaluate the extent to which these tools have been used, and assess their usefulness. The majority of respondents agreed on the importance of using the tools to assist migration to the cloud and, although most respondents have not used the tools, those who have used them reported them to be helpful. It has been noticed that there might be a relationship between a tool’s compliance to the proposed requirements and the popularity of using these tools, and these results should encourage cloud providers to address customers’ assurance requirements. Some previous studies have focused on comparing cloud providers based on trustworthiness measurement and others focused only on transparency measurement. In this thesis, a framework (called CloudAdvisor) is proposed that couples both of these features. CloudAdvisor aims to provide potential cloud customers with a way to assess trustworthiness based on the history of the cloud provider and to measure transparency based on the Cloud Controls Matrix (CCM) framework. The reason for choosing CCM is because it aims to promote transparency in cloud computing by adopting the best industry standards. The selection process is based on a set of assurance requirements that, if met by the cloud provider or if it has been considered in a tool, could bring assurance and confidence to cloud customers. Two possible approaches (Questionnaire-based and Simulation-based approach) are proposed in order to evaluate the CloudAdvisor framework.Ministry of Higher and Education in Saudi Arabi

Improving Security in Software-as-a-Service Solutions

The essence of cloud computing is about moving workloads from your local IT infrastructure to a data center that scales and provides resources at a moments notice. Using a pay-as-you-go model to rent virtual infrastructure is also known as a Infrastructure-as-a-Service (IaaS) offering. This helps consumers provision hardware on-demand without the need for physical infrastructure and the challenges and costs that come with it. When moving to the cloud, however, issues regarding the confidentiality, integrity, and availability of the data and infrastructure arise, and new security challenges compared to traditional on-premises computing appear. It is important for the consumer to know exactly what is their responsibility when it comes to securing software running on IaaS platforms. Axis has one such software solution, henceforth referred to as the 'Axis-hosted cloud service'. There is a need for Axis to improve the client-cloud communication, and in this report, we detail a prototype solution for a new secure communication between client and cloud. Additionally, an evaluation of the prototype is presented. The evaluation is based on a model constructed by studying literature from state-of-the-art cloud service providers and organizations dedicated to defining best practices and critical areas of focus for cloud computing. This was collected and compiled in order to present a summary of the most important aspects to keep in mind when deploying software on an IaaS. It showed that the cloud service fulfills many industry best-practices, such as encrypting data in transit between client and cloud, using virtual private clouds to separate infrastructure credentials from unauthorized access, and following the guidelines from their infrastructure provider. It also showed areas where there was a need for improvement in order to reach a state-of-the-art level. The model proved to be a useful tool to ensure that security best practices are being met by an organization moving to the cloud, and specifically for Axis, the prototype communication solution can be used as a base for further development

Model-based Continuous Deployment of SIS

This chapter is organized as follows. Section 4.2 provides an overview of the current state of the art and of the practice for the automatic deployment of SIS. Section 4.3 introduces our solutions for the automatic deployment of SIS, first describing how they can be integrated in order to form a coherent deployment bundle and then detailing each our two enablers: GENESIS and DivENACT. Section 4.4 focus on the support offered by our solutions to ensure the trustworthiness deployment of SIS. Finally, Section 4.5 draws some conclusions.publishedVersio

Intermediador de serviços na Nuvem

Mestrado em Engenharia de Computadores e TelemáticaDe acordo com história dos sistemas informáticos, os engenheiros têm vindo a remodelar infraestruturas para melhorar a eficiência das organizações, visando o acesso partilhado a recursos computacionais. O advento da computação em núvem desencadeou um novo paradigma, proporcionando melhorias no alojamento e entrega de serviços através da Internet. Quando comparado com abordagens tradicionais, este apresenta vantajens por disponibilizar acesso ubíquo, escalável e sob demanda, a determinados conjuntos de recursos computacionais partilhados. Ao longo dos últimos anos, observou-se a entrada de novos operadores que providenciam serviços na núvem, a preços competitivos e diferentes acordos de nível de serviço (“Service Level Agreements”). Com a adoção crescente e sem precedentes da computação em núvem, os fornecedores da área estão se a focar na criação e na disponibilização de novos serviços, com valor acrescentado para os seus clientes. A competitividade do mercado e a existência de inúmeras opções de serviços e de modelos de negócio gerou entropia. Por terem sido criadas diferentes terminologias para conceitos com o mesmo significado e o facto de existir incompatibilidade de Interfaces de Programação Aplicacional (“Application Programming Interface”), deu-se uma restrição de fornecedores de serviços específicos na núvem a utilizadores. A fragmentação na faturação e na cobrança ocorreu quando os serviços na núvem passaram a ser contratualizados com diferentes fornecedores. Posto isto, seria uma mais valia existir uma entidade, que harmonizasse a relação entre os clientes e os múltiplos fornecedores de serviços na núvem, por meio de recomendação e auxílio na intermediação. Esta dissertação propõe e implementa um Intermediador de Serviços na Núvem focado no auxílio e motivação de programadores para recorrerem às suas aplicações na núvem. Descrevendo as aplicações de modo facilitado, um algoritmo inteligente recomendará várias ofertas de serviços na núvem cumprindo com os requisitos aplicacionais. Desta forma, é prestado aos utilizadores formas de submissão, gestão, monitorização e migração das suas aplicações numa núvem de núvens. A interação decorre a partir de uma única interface de programação que orquestrará todo um processo juntamente com outros gestores de serviços na núvem. Os utilizadores podem ainda interagir com o Intermediador de Serviços na Núvem a partir de um portal Web, uma interface de linha de comandos e bibliotecas cliente.Throughout the history of computer systems, experts have been reshaping IT infrastructure for improving the efficiency of organizations by enabling shared access to computational resources. The advent of cloud computing has sparked a new paradigm providing better hosting and service delivery over the Internet. It offers advantages over traditional solutions by providing ubiquitous, scalable and on-demand access to shared pools of computational resources. Over the course of these last years, we have seen new market players offering cloud services at competitive prices and different Service Level Agreements. With the unprecedented increasing adoption of cloud computing, cloud providers are on the look out for the creation and offering of new and valueadded services towards their customers. Market competitiveness, numerous service options and business models led to gradual entropy. Mismatching cloud terminology got introduced and incompatible APIs locked-in users to specific cloud service providers. Billing and charging become fragmented when consuming cloud services from multiple vendors. An entity recommending cloud providers and acting as an intermediary between the cloud consumer and providers would harmonize this interaction. This dissertation proposes and implements a Cloud Service Broker focusing on assisting and encouraging developers for running their applications on the cloud. Developers can easily describe their applications, where an intelligent algorithm will be able to recommend cloud offerings that better suit application requirements. In this way, users are aided in deploying, managing, monitoring and migrating their applications in a cloud of clouds. A single API is required for orchestrating the whole process in tandem with truly decoupled cloud managers. Users can also interact with the Cloud Service Broker through a Web portal, a command-line interface, and client libraries

Blueprint model and language for engineering cloud applications

Abstract: The research presented in this thesis is positioned within the domain of engineering CSBAs. Its contribution is twofold: (1) a uniform specification language, called the Blueprint Specification Language (BSL), for specifying cloud services across several cloud vendors and (2) a set of associated techniques, called the Blueprint Manipulation Techniques (BMTs), for publishing, querying, and composing cloud service specifications with aim to support the flexible design and configuration of an CSBA.