Risk-based framework for SLA violation abatement from the cloud service provider's perspective

© The British Computer Society 2018. The constant increase in the growth of the cloud market creates new challenges for cloud service providers. One such challenge is the need to avoid possible service level agreement (SLA) violations and their consequences through good SLA management. Researchers have proposed various frameworks and have made significant advances in managing SLAs from the perspective of both cloud users and providers. However, none of these approaches guides the service provider on the necessary steps to take for SLA violation abatement; that is, the prediction of possible SLA violations, the process to follow when the system identifies the threat of SLA violation, and the recommended action to take to avoid SLA violation. In this paper, we approach this process of SLA violation detection and abatement from a risk management perspective. We propose a Risk Management-based Framework for SLA violation abatement (RMF-SLA) following the formation of an SLA which comprises SLA monitoring, violation prediction and decision recommendation. Through experiments, we validate and demonstrate the suitability of the proposed framework for assisting cloud providers to minimize possible service violations and penalties

The Need of an Optimal QoS Repository and Assessment Framework in Forming a Trusted Relationship in Cloud: A Systematic Review

© 2017 IEEE. Due to the cost-effectiveness and scalable features of the cloud the demand of its services is increasing every next day. Quality of Service (QOS) is one of the crucial factor in forming a viable Service Level Agreement (SLA) between a consumer and the provider that enable them to establish and maintain a trusted relationship with each other. SLA identifies and depicts the service requirements of the user and the level of service promised by provider. Availability of enormous service solutions is troublesome for cloud users in selecting the right service provider both in terms of price and the degree of promised services. On the other end a service provider need a centralized and reliable QoS repository and assessment framework that help them in offering an optimal amount of marginal resources to requested consumer. Although there are number of existing literatures that assist the interaction parties to achieve their desired goal in some way, however, there are still many gaps that need to be filled for establishing and maintaining a trusted relationship between them. In this paper we tried to identify all those gaps that is necessary for a trusted relationship between a service provider and service consumer. The aim of this research is to present an overview of the existing literature and compare them based on different criteria such as QoS integration, QoS repository, QoS filtering, trusted relationship and an SLA

Formulating and managing viable SLAs in cloud computing from a small to medium service provider's viewpoint: A state-of-the-art review

© 2017 Elsevier Ltd In today's competitive world, service providers need to be customer-focused and proactive in their marketing strategies to create consumer awareness of their services. Cloud computing provides an open and ubiquitous computing feature in which a large random number of consumers can interact with providers and request services. In such an environment, there is a need for intelligent and efficient methods that increase confidence in the successful achievement of business requirements. One such method is the Service Level Agreement (SLA), which is comprised of service objectives, business terms, service relations, obligations and the possible action to be taken in the case of SLA violation. Most of the emphasis in the literature has, until now, been on the formation of meaningful SLAs by service consumers, through which their requirements will be met. However, in an increasingly competitive market based on the cloud environment, service providers too need a framework that will form a viable SLA, predict possible SLA violations before they occur, and generate early warning alarms that flag a potential lack of resources. This is because when a provider and a consumer commit to an SLA, the service provider is bound to reserve the agreed amount of resources for the entire period of that agreement – whether the consumer uses them or not. It is therefore very important for cloud providers to accurately predict the likely resource usage for a particular consumer and to formulate an appropriate SLA before finalizing an agreement. This problem is more important for a small to medium cloud service provider which has limited resources that must be utilized in the best possible way to generate maximum revenue. A viable SLA in cloud computing is one that intelligently helps the service provider to determine the amount of resources to offer to a requesting consumer, and there are number of studies on SLA management in the literature. The aim of this paper is two-fold. First, it presents a comprehensive overview of existing state-of-the-art SLA management approaches in cloud computing, and their features and shortcomings in creating viable SLAs from the service provider's viewpoint. From a thorough analysis, we observe that the lack of a viable SLA management framework renders a service provider unable to make wise decisions in forming an SLA, which could lead to service violations and violation penalties. To fill this gap, our second contribution is the proposal of the Optimized Personalized Viable SLA (OPV-SLA) framework which assists a service provider to form a viable SLA and start managing SLA violation before an SLA is formed and executed. The framework also assists a service provider to make an optimal decision in service formation and allocate the appropriate amount of marginal resources. We demonstrate the applicability of our framework in forming viable SLAs through experiments. From the evaluative results, we observe that our framework helps a service provider to form viable SLAs and later to manage them to effectively minimize possible service violation and penalties

An Approach of QoS Evaluation for Web Services Design With Optimized Avoidance of SLA Violations

Quality of service (QoS) is an official agreement that governs the contractual commitments between service providers and consumers in respect to various nonfunctional requirements, such as performance, dependability, and security. While more Web services are available for the construction of software systems based upon service-oriented architecture (SOA), QoS has become a decisive factor for service consumers to choose from service providers who provide similar services. QoS is usually documented on a service-level agreement (SLA) to ensure the functionality and quality of services and to define monetary penalties in case of any violation of the written agreement. Consequently, service providers have a strong interest in keeping their commitments to avoid and reduce the situations that may cause SLA violations.However, there is a noticeable shortage of tools that can be used by service providers to either quantitively evaluate QoS of their services for the predication of SLA violations or actively adjust their design for the avoidance of SLA violations with optimized service reconfigurations. Developed in this dissertation research is an innovative framework that tackles the problem of SLA violations in three separated yet connected phases. For a given SOA system under examination, the framework employs sensitivity analysis in the first phase to identify factors that are influential to system performance, and the impact of influential factors on QoS is then quantitatively measured with a metamodel-based analysis in the second phase. The results of analyses are then used in the third phase to search both globally and locally for optimal solutions via a controlled number of experiments. In addition to technical details, this dissertation includes experiment results to demonstrate that this new approach can help service providers not only predicting SLA violations but also avoiding the unnecessary increase of the operational cost during service optimization

Legal issues in clouds: towards a risk inventory.

Cloud computing technologies have reached a high level of development, yet a number of obstacles still exist that must be overcome before widespread commercial adoption can become a reality. In a cloud environment, end users requesting services and cloud providers negotiate service-level agreements (SLAs) that provide explicit statements of all expectations and obligations of the participants. If cloud computing is to experience widespread commercial adoption, then incorporating risk assessment techniques is essential during SLA negotiation and service operation. This article focuses on the legal issues surrounding risk assessment in cloud computing. Specifically, it analyses risk regarding data protection and security, and presents the requirements of an inherent risk inventory. The usefulness of such a risk inventory is described in the context of the OPTIMIS project

CLOUD COMPUTING TECHNOLOGY IN BANGLADESH: A FRAMEWORK OF SOCIAL &ECONOMIC DEVELOPMENT

Cloud computing is currently one the most hyped IT innovations that promises potential opportunities for business and social innovation as well as modernizing ICT. For developing countries like Bangladesh, this technology aims to provide the clients a cost effective and convenient means to manage the huge amount of IT resources and thus offer strong possibility of accelerating social and economic development, even in this time of limited resources. As the information technology industry goes through a major shift, founded on the Internet as a platform, new opportunities for Bangladesh are open to employ technology at a lower cost and with much greater ease and success than in the past. The Main purpose of our strategy is to help organizations of public and private sector in Bangladesh to adopt cloud computing technology opportunities and prevent its obstacles through our proposed framework. In this article, we tried to assess different aspects and strengths, weaknesses, opportunities and threats of these strategies for Bangladeshi organizations and enterprises. In addition some recommendations are provided for Bangladeshi organizations and enterprises to help them to adopt cloud computing technology

Attributes in Cloud Service Descriptions : A comprehensive Content Analysis

The exponential growth of cloud services can make it challenging for customers to find the best available service. This problem is further aggregated by not comprehensive and non-standardized service descriptions on cloud providers’ websites. This issue has not yet been adequately researched. In response to this gap and following the call (Lehner & Floerecke, 2023) to analyse IT service catalogues directed toward external customers, the purpose of this work is to examine the attribute usage in customer-facing service descriptions available on providers’ websites. A literature review thereby identified 76 different attributes used for cloud service description. Although there are a vast number of attributes used for cloud service descriptions, a core of attributes that were named in most papers, could be detected. In a following step, a content analysis of 100 service descriptions available on cloud providers’ websites was performed to understand, how frequently each attribute was used in the cloud service description from Cloud providers in general and also differentiated by size, cloud service model (IaaS, PaaS, SaaS), and geographical location of the provider. The majority of attributes of the literature review could thereby be found in the content analysis as well. 15 more attributes have been added to the initial list as they could not be matched to any of the attributes from the literature. In addition, it could be verified that criteria such as size, service model, and geographical location have a significant impact on the attribute usage for service descriptions. Finally, expert interviews were conducted to get additional insights. The consent of the expert is that the main purpose of cloud service descriptions available on cloud providers’ websites is not necessarily to inform customers, but to attract and convince them. The insights of this work can provide valuable information to customers as well as cloud providers to understand, which attributes are currently used or not used for cloud service descriptions on provider’s websites. This research provides valuable information for both customers and cloud providers by identifying which attributes are currently used or not used for cloud service descriptions and can serve as a foundation for further research

A Brokering Framework for Assessing Legal Risks in Big Data and the Cloud

“Cloud computing” and “Big Data” are amongst the most hyped-up terms and buzzwords of the moment. After decades in which individuals and companies used to host their data and applications using their own IT infrastructure, the world has seen the stunning transformation of the Internet. Major shifts occurred when these infrastructures began to be outsourced to public Cloud providers to match commercial expectations. Storing, sharing and transferring data and databases over the Internet is convenient, yet legal risks cannot be eliminated. Legal risk is a fast-growing area of research and covers various aspects of law. Current studies and research on Cloud computing legal risk assessment have been, however, limited in scope and focused mainly on security and privacy aspects. There is little systematic research on the risks, threats and impact of the legal issues inherent to database rights and “ownership” rights of data. Database rights seem to be outdated and there is a significant gap in the scientific literature when it comes to the understanding of how to apply its provisions in the Big Data era. This means that we need a whole new framework for understanding, protecting and sharing data in the Cloud. The scheme we propose in this chapter is based on a risk assessment-brokering framework that works side by side with Service Level Agreements (SLAs). This proposed framework will provide better control for Cloud users and will go a long way to increase confidence and reinforce trust in Cloud computing transactions

A framework for SLA-centric service-based Utility Computing

Nicht angegebenService oriented Utility Computing paves the way towards realization of service markets, which promise metered services through negotiable Service Level Agreements (SLA). A market does not necessarily imply a simple buyer-seller relationship, rather it is the culmination point of a complex chain of stake-holders with a hierarchical integration of value along each link in the chain. In service value chains, services corresponding to different partners are aggregated in a producer-consumer manner resulting in hierarchical structures of added value. SLAs are contracts between service providers and service consumers, which ensure the expected Quality of Service (QoS) to different stakeholders at various levels in this hierarchy. \emph{This thesis addresses the challenge of realizing SLA-centric infrastructure to enable service markets for Utility Computing.} Service Level Agreements play a pivotal role throughout the life cycle of service aggregation. The activities of service selection and service negotiation followed by the hierarchical aggregation and validation of services in service value chain, require SLA as an enabling technology. \emph{This research aims at a SLA-centric framework where the requirement-driven selection of services, flexible SLA negotiation, hierarchical SLA aggregation and validation, and related issues such as privacy, trust and security have been formalized and the prototypes of the service selection model and the validation model have been implemented. } The formal model for User-driven service selection utilizes Branch and Bound and Heuristic algorithms for its implementation. The formal model is then extended for SLA negotiation of configurable services of varying granularity in order to tweak the interests of the service consumers and service providers. %and then formalizing the requirements of an enabling infrastructure for aggregation and validation of SLAs existing at multiple levels and spanning % along the corresponding service value chains. The possibility of service aggregation opens new business opportunities in the evolving landscape of IT-based Service Economy. A SLA as a unit of business relationships helps establish innovative topologies for business networks. One example is the composition of computational services to construct services of bigger granularity thus giving room to business models based on service aggregation, Composite Service Provision and Reselling. This research introduces and formalizes the notions of SLA Choreography and hierarchical SLA aggregation in connection with the underlying service choreography to realize SLA-centric service value chains and business networks. The SLA Choreography and aggregation poses new challenges regarding its description, management, maintenance, validation, trust, privacy and security. The aggregation and validation models for SLA Choreography introduce concepts such as: SLA Views to protect the privacy of stakeholders; a hybrid trust model to foster business among unknown partners; and a PKI security mechanism coupled with rule based validation system to enable distributed queries across heterogeneous boundaries. A distributed rule based hierarchical SLA validation system is designed to demonstrate the practical significance of these notions