The Making of Cloud Applications An Empirical Study on Software Development for the Cloud

Cloud computing is gaining more and more traction as a deployment and provisioning model for software. While a large body of research already covers how to optimally operate a cloud system, we still lack insights into how professional software engineers actually use clouds, and how the cloud impacts development practices. This paper reports on the first systematic study on how software developers build applications in the cloud. We conducted a mixed-method study, consisting of qualitative interviews of 25 professional developers and a quantitative survey with 294 responses. Our results show that adopting the cloud has a profound impact throughout the software development process, as well as on how developers utilize tools and data in their daily work. Among other things, we found that (1) developers need better means to anticipate runtime problems and rigorously define metrics for improved fault localization and (2) the cloud offers an abundance of operational data, however, developers still often rely on their experience and intuition rather than utilizing metrics. From our findings, we extracted a set of guidelines for cloud development and identified challenges for researchers and tool vendors

Trustee: A Trust Management System for Fog-enabled Cyber Physical Systems

In this paper, we propose a lightweight trust management system (TMS) for fog-enabled cyber physical systems (Fog-CPS). Trust computation is based on multi-factor and multi-dimensional parameters, and formulated as a statistical regression problem which is solved by employing random forest regression model. Additionally, as the Fog-CPS systems could be deployed in open and unprotected environments, the CPS devices and fog nodes are vulnerable to numerous attacks namely, collusion, self-promotion, badmouthing, ballot-stuffing, and opportunistic service. The compromised entities can impact the accuracy of trust computation model by increasing/decreasing the trust of other nodes. These challenges are addressed by designing a generic trust credibility model which can countermeasures the compromise of both CPS devices and fog nodes. The credibility of each newly computed trust value is evaluated and subsequently adjusted by correlating it with a standard deviation threshold. The standard deviation is quantified by computing the trust in two configurations of hostile environments and subsequently comparing it with the trust value in a legitimate/normal environment. Our results demonstrate that credibility model successfully countermeasures the malicious behaviour of all Fog-CPS entities i.e. CPS devices and fog nodes. The multi-factor trust assessment and credibility evaluation enable accurate and precise trust computation and guarantee a dependable Fog-CPS system

Protecting Information Stored Inside the Cloud with A New CCA-EBO Protocol Designed on Hive Technology

Massively scalable facilities may be accessed online with ease due to "Cloud Computing (CC)". The CC resources are primarily characterized by the fact that "Cloud User (CU)" information is often kept on "Cloud Server (CS)" that the CU doesn't even possess or control. The CUs' apprehension about the loss of management of their information may lead to a substantial roadblock in their acceptance of CC offerings. In an attempt to highlight the effectiveness of CC security, the "Cloud Service Providers (CSP)" need to empower the CU to control and evaluate their data. The focus of this research chooses to highlight a key aspect of CC platforms employed to handle CU information on unrecognized CSs at remote locations. Concerns about compromising personal information arise from this feature's importance. In this research, a novel swarm-based "Enhanced BAT Optimization (EBO)" for key generating in "Cloud Computing Accountability (CCA)" for CC information tracking is proposed to solve security issues. Generally, this proposed hybrid CCA-EBO architecture is based on the idea of data accountability, which enables dispersed end-to-end responsibility. The information is made available to the general public, although with a limited set of permissions. The "Cloud Administrator (CA)" would specify the level of access each CU has to the data before it is made available to them. All CU accesses to data are recorded and will be found in a log file for CA to review. According to evaluation methods for the proposed CCA-EBO, existing "Hybrid Secure Cloud Storage (HSCS)", and "Advanced Distribution Verification Protocol (ADVP)", the CCA-EBO provides more security than HSCS, and ADVP in terms of "Auditing Time", "Encryption Time", "Decryption Time", and "Storage Overhead"

Coalition Formation and Combinatorial Auctions; Applications to Self-organization and Self-management in Utility Computing

In this paper we propose a two-stage protocol for resource management in a hierarchically organized cloud. The first stage exploits spatial locality for the formation of coalitions of supply agents; the second stage, a combinatorial auction, is based on a modified proxy-based clock algorithm and has two phases, a clock phase and a proxy phase. The clock phase supports price discovery; in the second phase a proxy conducts multiple rounds of a combinatorial auction for the package of services requested by each client. The protocol strikes a balance between low-cost services for cloud clients and a decent profit for the service providers. We also report the results of an empirical investigation of the combinatorial auction stage of the protocol.Comment: 14 page

PaaSword: A Data Privacy and Context-aware Security Framework for Developing Secure Cloud Applications - Technical and Scientific Contributions

Most industries worldwide have entered a period of reaping the benefits and opportunities cloud offers. At the same time, many efforts are made to address engineering challenges for the secure development of cloud systems and software.With the majority of software engineering projects today relying on the cloud, the task to structure end-to-end secure-by-design cloud systems becomes challenging but at the same time mandatory. The PaaSword project has been commissioned to address security and data privacy in a holistic way by proposing a context-aware security-by-design framework to support software developers in constructing secure applications for the cloud. This chapter presents an overview of the PaaSword project results, including the scientific achievements as well as the description of the technical solution. The benefits offered by the framework are validated through two pilot implementations and conclusions are drawn based on the future research challenges which are discussed in a research agenda