Cloud Services Brokerage for Mobile Ubiquitous Computing

Recently, companies are adopting Mobile Cloud Computing (MCC) to efficiently deliver enterprise services to users (or consumers) on their personalized devices. MCC is the facilitation of mobile devices (e.g., smartphones, tablets, notebooks, and smart watches) to access virtualized services such as software applications, servers, storage, and network services over the Internet. With the advancement and diversity of the mobile landscape, there has been a growing trend in consumer attitude where a single user owns multiple mobile devices. This paradigm of supporting a single user or consumer to access multiple services from n-devices is referred to as the Ubiquitous Cloud Computing (UCC) or the Personal Cloud Computing. In the UCC era, consumers expect to have application and data consistency across their multiple devices and in real time. However, this expectation can be hindered by the intermittent loss of connectivity in wireless networks, user mobility, and peak load demands. Hence, this dissertation presents an architectural framework called, Cloud Services Brokerage for Mobile Ubiquitous Cloud Computing (CSB-UCC), which ensures soft real-time and reliable services consumption on multiple devices of users. The CSB-UCC acts as an application middleware broker that connects the n-devices of users to the multi-cloud services. The designed system determines the multi-cloud services based on the user's subscriptions and the n-devices are determined through device registration on the broker. The preliminary evaluations of the designed system shows that the following are achieved: 1) high scalability through the adoption of a distributed architecture of the brokerage service, 2) providing soft real-time application synchronization for consistent user experience through an enhanced mobile-to-cloud proximity-based access technique, 3) reliable error recovery from system failure through transactional services re-assignment to active nodes, and 4) transparent audit trail through access-level and context-centric provenance

Risk-based framework for SLA violation abatement from the cloud service provider's perspective

© The British Computer Society 2018. The constant increase in the growth of the cloud market creates new challenges for cloud service providers. One such challenge is the need to avoid possible service level agreement (SLA) violations and their consequences through good SLA management. Researchers have proposed various frameworks and have made significant advances in managing SLAs from the perspective of both cloud users and providers. However, none of these approaches guides the service provider on the necessary steps to take for SLA violation abatement; that is, the prediction of possible SLA violations, the process to follow when the system identifies the threat of SLA violation, and the recommended action to take to avoid SLA violation. In this paper, we approach this process of SLA violation detection and abatement from a risk management perspective. We propose a Risk Management-based Framework for SLA violation abatement (RMF-SLA) following the formation of an SLA which comprises SLA monitoring, violation prediction and decision recommendation. Through experiments, we validate and demonstrate the suitability of the proposed framework for assisting cloud providers to minimize possible service violations and penalties

QoS Provisioning by Meta-Scheduling in Advance within SLA-Based Grid Environments

The establishment of agreements between users and the entities which manage the Grid resources is still a challenging task. On the one hand, an entity in charge of dealing with the communication with the users is needed, with the aim of signing resource usage contracts and also implementing some renegotiation techniques, among others. On the other hand, some mechanisms should be implemented which decide if the QoS requested could be achieved and, in such case, ensuring that the QoS agreement is provided. One way of increasing the probability of achieving the agreed QoS is by performing meta-scheduling of jobs in advance, that is, jobs are scheduled some time before they are actually executed. In this way, it becomes more likely that the appropriate resources are available to run the jobs when needed. So, this paper presents a framework built on top of Globus and the GridWay meta-scheduler to provide QoS by means of performing meta-scheduling in advance. Thanks to this, QoS requirements of jobs are met (i.e. jobs are finished within a deadline). Apart from that, the mechanisms needed to manage the communication between the users and the system are presented and implemented through SLA contracts based on the WS-Agreement specification

Design and Implementation of Legal Protection for Trade Secrets in Cloud Brokerage Architectures relying on Blockchains

Data Protection legislation has evolved around the globe to maximize legal protection of trade secrets. However, in an online cross-jurisdiction environment of cloud computing and blockchains, it is becoming increasingly difficult to maximize retribution for trade secret misappropriation. This multidisciplinary Ph.D. research proposes a model for legal protection for trade secrets in the cloud and over blockchains. Two QoS based datasets were used for evaluation of proposed model. The prior dataset i.e., feedback from customers, was compiled using leading review websites such as Cloud Hosting Reviews, Best Cloud Computing Providers, and Cloud Storage Reviews and Ratings. The later dataset i.e., feedback from servers, was generated from Cloud brokerage architecture that was emulated using high performance computing (HPC) cluster at University of Luxembourg (HPC @ Uni.lu). The simulation runs in the stable environment i.e. when uncertainty is low, show better results of proposed model as compared to its counterparts in the field. In particular, the results have implications for enterprises that view trade secrets misappropriation as a limiting factor for acquisition of Cloud services. For legal validation of the results, questionnaires were sent to law and ICT experts. There were total of six respondents (two from the field of ICT, two from the field of law, and two from the field of ICT and Law). The sample (5 out of 6 respondents) agreed with the findings of this PhD research

Design and Implementation of Legal Protection for Trade Secrets in Cloud Brokerage Architectures relying on Blockchains

Data Protection legislation has evolved around the globe to maximize legal protection of trade secrets. However, it is becoming increasingly difficult to prove trade secret violations in cloud context. Embedding legal protection as a preemptive measure could effectively reduce such burden of proof in a court of law, which can be implemented by an online broker in the cloud. The primary aim of this research was to propose a model for an online broker that embeds le-gal protection as preemptive measure to reduce burden of proof during litigation. This is a novel area of inter-disciplinary research whose body of knowledge is not yet well established. The underlying concept in the proposed model was built upon the notion of factor analysis from the discipline of unsupervised machine learning. For evaluation, two-stage procedure was implemented that showed ap-plication of legal protection as preemptive measure and subsequently, reduced burden of proof in a court of law. A real time quality of service based dataset for cloud storage providers (Carbonite, Dropbox, iBackup, JustCloud, SOS Online Backup, SugarSync, and Zip Cloud) was used for the technical evaluation. The simulation results showed better results of proposed model as compared to its counterparts in the field, which in court of law can be used as a part of evidence to reduce burden of proof. For legal validation of such conclusion, questionnaires were sent to law and ICT experts. There were total of six respondents (two from the field of ICT, two from the field of law, and two from the field of ICT and Law). The sample (5 out of 6 respondents) agreed that results of our model could be used in the court (or judiciary) as a part of evidence to reduce burden of proof. Theoretically, this part of research (focused on primary aim) is a pioneer effort on providing legal protection to trade secrets in the cloud. Practically, it will benefit an enterprise to negotiate contract with service providers to minimize trade secret misappropriation in the cloud. However, for enterprise that is using decentralized architecture in the cloud e.g. blockchains, contracts could emerge towards smart contracts (an autono-mous software program running over blockchains). In this context, a well negoti-ated contract will not be a solution to minimize trade secret misappropriation. In fact, for this case it is particularly relevant to instantiate role of judiciary over a blockchain. The secondary aim of this research was to develop a model that can be implemented over the blockchain to automatically issue preliminary injunc-tion (or temporary restraining order by court of law) for the breach of contract that can potentially lead to trade secret misappropriation. This part of the re-search extended the previously proposed model by using stochastic modeling from the discipline of data science. High performance computing (HPC) cluster at University of Luxembourg (HPC @ Uni.lu) and docker (a software container platform) were used to emulate contractual environment of three service provid-ers: Redis, MongoDB, and Memcached Servers. The results showed that court in-junction(s) was issued only for Redis and MongoDB Servers. Technically, this difference could be attributed to the fact that Memcached is simply used for caching and therefore, it is less prone to breach of contract. Whereas, Redis and MongoDB as databases and message brokers are performing more complex oper-ations and are more likely to cause a breach. For legal validation of the results, questionnaires were sent to law and ICT experts. There were total of six respond-ents (two from the field of ICT, two from the field of law, and two from the field of ICT and Law). The sample (4 out of 6 respondents) disagreed “ONLY” using the results of the model by the court of law (or judiciary) to issues a preliminary injunction (or temporary restraining order) for the breach of contract. Theoreti-cally, this part of the research is a pioneer attempt for providing legal protection over the blockchain. Practically, it will benefit blockchain driven enterprises to control and stop breach of contract that can potentially lead to trade secret mis-appropriation. In addition to above mentioned applied benefits, following list briefly presents research contributions of this multidisciplinary Ph.D. research in the domain of Law. • It is first in-line to focus on legal protection for trade secrets in the cloud. A well-established similar concept is “information security”, which provides technical protection for trade secrets in the cloud e.g. encryption, hashing etc. • In the domain of case law, despite of the jurisdiction constraint i.e. precedents (or court rulings) are binding on all courts within the same jurisdiction, this research is first in-line to use case law together with newly proposed Delphi Sampling method to provide legal protection for trade secrets in borderless online cloud environment. • It is first in-line to implement notion of “confidentiality by design”, which focuses on a legal person or an enterprise. A well-established similar concept is “privacy by design” that focuses on a physical per-son or human being. • By defying the myth that “smart contracts cannot be breached” and in the context of contract law, this research is first in-line to automate role of the court (evidential hearing). In addition to the above mentioned research contribution in the domain of Law, following list briefly presents research contribution in the domain of ICT. • In the context of multi-criteria decision analysis, this research is first in-line to identify and analyze noise in the data and solves related is-sue of structural uncertainty (or misspecification of criteria). • In the context of machine learning, this research is first in-line to propose “self-regulated multi-criteria decision analysis” that operates without decision maker’s interference and hence, it can be used in the context where automation of decision making process is required. • In the context of multidisciplinary research, this study is first in-line to propose a method of Delphi Sampling that seeks inter-disciplinary validation for research results

Cloud Service Brokerage: A systematic literature review using a software development lifecycle

Cloud Service Brokerage (CSB) is an emerging technology that has become popular with cloud computing. CSB is a middleman providing value added services, developed using standard software development lifecycle, from cloud providers to consumers. This paper provides a systematic literature review on this topic, covering 41 publications from 2009 to 2015. The paper aims to provide an overview of CSB research status, and give suggestions on how CSB research should proceed. A descriptive analysis reveals a lack of contributions from the Information Systems discipline. A software development lifecycle analysis uncovers a severe imbalance of research contributions across the four stages of software development: design, develop, deploy, and manage. The majority of research contributions are geared toward the design stage with a minimal contribution in the remaining stages. As such, we call for a balanced research endeavor across the cycle given the equal importance of each stage within the CSB paradigm

A Brokering Framework for Assessing Legal Risks in Big Data and the Cloud

“Cloud computing” and “Big Data” are amongst the most hyped-up terms and buzzwords of the moment. After decades in which individuals and companies used to host their data and applications using their own IT infrastructure, the world has seen the stunning transformation of the Internet. Major shifts occurred when these infrastructures began to be outsourced to public Cloud providers to match commercial expectations. Storing, sharing and transferring data and databases over the Internet is convenient, yet legal risks cannot be eliminated. Legal risk is a fast-growing area of research and covers various aspects of law. Current studies and research on Cloud computing legal risk assessment have been, however, limited in scope and focused mainly on security and privacy aspects. There is little systematic research on the risks, threats and impact of the legal issues inherent to database rights and “ownership” rights of data. Database rights seem to be outdated and there is a significant gap in the scientific literature when it comes to the understanding of how to apply its provisions in the Big Data era. This means that we need a whole new framework for understanding, protecting and sharing data in the Cloud. The scheme we propose in this chapter is based on a risk assessment-brokering framework that works side by side with Service Level Agreements (SLAs). This proposed framework will provide better control for Cloud users and will go a long way to increase confidence and reinforce trust in Cloud computing transactions