From security to assurance in the cloud: a survey

The cloud computing paradigm has become a mainstream solution for the deployment of business processes and applications. In the public cloud vision, infrastructure, platform, and software services are provisioned to tenants (i.e., customers and service providers) on a pay-as-you-go basis. Cloud tenants can use cloud resources at lower prices, and higher performance and flexibility, than traditional on-premises resources, without having to care about infrastructure management. Still, cloud tenants remain concerned with the cloud's level of service and the nonfunctional properties their applications can count on. In the last few years, the research community has been focusing on the nonfunctional aspects of the cloud paradigm, among which cloud security stands out. Several approaches to security have been described and summarized in general surveys on cloud security techniques. The survey in this article focuses on the interface between cloud security and cloud security assurance. First, we provide an overview of the state of the art on cloud security. Then, we introduce the notion of cloud security assurance and analyze its growing impact on cloud security approaches. Finally, we present some recommendations for the development of next-generation cloud security and assurance solutions

Resource management in a containerized cloud : status and challenges

Cloud computing heavily relies on virtualization, as with cloud computing virtual resources are typically leased to the consumer, for example as virtual machines. Efficient management of these virtual resources is of great importance, as it has a direct impact on both the scalability and the operational costs of the cloud environment. Recently, containers are gaining popularity as virtualization technology, due to the minimal overhead compared to traditional virtual machines and the offered portability. Traditional resource management strategies however are typically designed for the allocation and migration of virtual machines, so the question arises how these strategies can be adapted for the management of a containerized cloud. Apart from this, the cloud is also no longer limited to the centrally hosted data center infrastructure. New deployment models have gained maturity, such as fog and mobile edge computing, bringing the cloud closer to the end user. These models could also benefit from container technology, as the newly introduced devices often have limited hardware resources. In this survey, we provide an overview of the current state of the art regarding resource management within the broad sense of cloud computing, complementary to existing surveys in literature. We investigate how research is adapting to the recent evolutions within the cloud, being the adoption of container technology and the introduction of the fog computing conceptual model. Furthermore, we identify several challenges and possible opportunities for future research

Analysis of end-to-end multi-domain management and orchestration frameworks for software defined infrastructures: An architectural survey

Over the last couple of years, industry operators' associations issued requirements towards an end-to-end management and orchestration plane for 5G networks. Consequently, standard organisations started their activities in this domain. This article provides an analysis and an architectural survey of these initiatives and of the main requirements, proposes descriptions for the key concepts of domain, resource and service slicing, end-to-end orchestration and a reference architecture for the end-to-end orchestration plane. Then, a set of currently available or under development domain orchestration frameworks are mapped to this reference architecture. These frameworks, meant to provide coordination and automated management of cloud and networking resources, network functions and services, fulfil multi-domain (i.e. multi-technology and multi-operator) orchestration requirements, thus enabling the realisation of an end-to-end orchestration plane. Finally, based on the analysis of existing single-domain and multi-domain orchestration components and requirements, this paper presents a functional architecture for the end-to-end management and orchestration plane, paving the way to its full realisation

Analysis of end-to-end multi-domain management and orchestration frameworks for software defined infrastructures: an architectural survey

Over the last couple of years, industry operators' associations issued requirements towards an end-to-end management and orchestration plane for 5G networks. Consequently, standard organisations started their activities in this domain. This article provides an analysis and an architectural survey of these initiatives and of the main requirements, proposes descriptions for the key concepts of domain, resource and service slicing, end-to-end orchestration and a reference architecture for the end-to-end orchestration plane. Then, a set of currently available or under development domain orchestration frameworks are mapped to this reference architecture. These frameworks, meant to provide coordination and automated management of cloud and networking resources, network functions and services, fulfil multi-domain (i.e. multi-technology and multi-operator) orchestration requirements, thus enabling the realisation of an end-to-end orchestration plane. Finally, based on the analysis of existing single-domain and multi-domain orchestration components and requirements, this paper presents a functional architecture for the end-to-end management and orchestration plane, paving the way to its full realisation.This work was partially supported by the ICT14 5GExchange (5GEx) innovation project (grant agreement no.671636) co-funded by the European Union under the Horizon 2020 EU Framework Programme.Publicad

Analysis of end-to-end multi-domain management and orchestration frameworks for software defined infrastructures: An architectural survey

Over the last couple of years, industry operators' associations issued requirements towards an end-to-end management and orchestration plane for 5G networks. Consequently, standard organisations started their activities in this domain. This article provides an analysis and an architectural survey of these initiatives and of the main requirements, proposes descriptions for the key concepts of domain, resource and service slicing, end-to-end orchestration and a reference architecture for the end-to-end orchestration plane. Then, a set of currently available or under development domain orchestration frameworks are mapped to this reference architecture. These frameworks, meant to provide coordination and automated management of cloud and networking resources, network functions and services, fulfil multi-domain (i.e. multi-technology and multi-operator) orchestration requirements, thus enabling the realisation of an end-to-end orchestration plane. Finally, based on the analysis of existing single-domain and multi-domain orchestration components and requirements, this paper presents a functional architecture for the end-to-end management and orchestration plane, paving the way to its full realisatio

An efficient resource sharing technique for multi-tenant databases

Multi-tenancy is one of the key components of cloud computing environment. Multi-tenant database system in SaaS (Software as a Service) has gained a lot of attention in academics, research and business arena. These database systems provide scalability and economic benefits for both cloud service providers and customers(organizations/companies referred as tenants) by sharing same resources and infrastructure in isolation of shared databases, network and computing resources with Service level agreement (SLA) compliances. In a multitenant scenario, active tenants compete for resources in order to access the database. If one tenant blocks up the resources, the performance of all the other tenants may be restricted and a fair sharing of the resources may be compromised. The performance of tenants must not be affected by resource-intensive activities and volatile workloads of other tenants. Moreover, the prime goal of providers is to accomplish low cost of operation, satisfying specific schemas/SLAs of each tenant. Consequently, there is a need to design and develop effective and dynamic resource sharing algorithms which can handle above mentioned issues. This work presents a model embracing a query classification and worker sorting technique to efficiently share I/O, CPU and Memory thus enhancing dynamic resource sharing and improvising the utilization of idle instances proficiently. The model is referred as Multi-Tenant Dynamic Resource Scheduling Model (MTDRSM) .The MTDRSM support workload execution of different benchmark such as TPC-C(Transaction Processing Performance Council), YCSB(The Yahoo! Cloud Serving Benchmark)etc. and on different database such as MySQL, Oracle, H2 database etc. Experiments are conducted for different benchmarks with and without SLA compliances to evaluate the performance of MTDRSM in terms of latency and throughput achieved. The experiments show significant performance improvement over existing Mute Bench model in terms of latency and throughput

A manifesto for future generation cloud computing: research directions for the next decade

The Cloud computing paradigm has revolutionised the computer science horizon during the past decade and has enabled the emergence of computing as the fifth utility. It has captured significant attention of academia, industries, and government bodies. Now, it has emerged as the backbone of modern economy by offering subscription-based services anytime, anywhere following a pay-as-you-go model. This has instigated (1) shorter establishment times for start-ups, (2) creation of scalable global enterprise applications, (3) better cost-to-value associativity for scientific and high performance computing applications, and (4) different invocation/execution models for pervasive and ubiquitous applications. The recent technological developments and paradigms such as serverless computing, software-defined networking, Internet of Things, and processing at network edge are creating new opportunities for Cloud computing. However, they are also posing several new challenges and creating the need for new approaches and research strategies, as well as the re-evaluation of the models that were developed to address issues such as scalability, elasticity, reliability, security, sustainability, and application models. The proposed manifesto addresses them by identifying the major open challenges in Cloud computing, emerging trends, and impact areas. It then offers research directions for the next decade, thus helping in the realisation of Future Generation Cloud Computing