SEF-SCC: Software engineering framework for service and cloud computing

© Springer International Publishing AG, part of Springer Nature 2018. Service computing and cloud computing have emerged to address the need for more flexible and cost-efficient computing systems where software is delivered as a service. To make this more resilient and reliable, we need to adopt software engineering (SE) principles and best practices that have existed for the last 40 years or so. Therefore, this chapter proposes a Software Engineering Framework for Service and Cloud Computing (SEF-SCC) to address the need for a systematic approach to design and develop robust, resilient, and reusable services. This chapter presents SEF-SCC methods, techniques, and a systematic engineering process supporting the development of service-oriented software systems and software as a service paradigms. SEF-SCC has been successfully validated for the past 10 years based on a large-scale case study on British Energy Power and Energy Trading (BEPET). Ideas and concepts suggested in this chapter are equally applicable to all distributed computing environments including Fog and Edge Computing paradigms

Engineering security into distributed systems: a survey of methodologies

Rapid technological advances in recent years have precipitated a general shift towards software distribution as a central computing paradigm. This has been accompanied by a corresponding increase in the dangers of security breaches, often causing security attributes to become an inhibiting factor for use and adoption. Despite the acknowledged importance of security, especially in the context of open and collaborative environments, there is a growing gap in the survey literature relating to systematic approaches (methodologies) for engineering secure distributed systems. In this paper, we attempt to fill the aforementioned gap by surveying and critically analyzing the state-of-the-art in security methodologies based on some form of abstract modeling (i.e. model-based methodologies) for, or applicable to, distributed systems. Our detailed reviews can be seen as a step towards increasing awareness and appreciation of a range of methodologies, allowing researchers and industry stakeholders to gain a comprehensive view of the field and make informed decisions. Following the comprehensive survey we propose a number of criteria reflecting the characteristics security methodologies should possess to be adopted in real-life industry scenarios, and evaluate each methodology accordingly. Our results highlight a number of areas for improvement, help to qualify adoption risks, and indicate future research directions.Anton V. Uzunov, Eduardo B. Fernandez, Katrina Falkne

Reference Architecture and Business Process Modelling for FinTech Applications

Financial Applications are increasingly in demand for using state of the art technologies to meet their customer demand. Therefore, we need an approach which is scalable and sustainable to meet this demand and to manage risks

Software Engineering for SOA

Service and cloud computing has revolutionized the way we develop software. The emergence of cloud computing has huge impact on the economics of developing services. However, it remains challenging to understand the concept of a service which is quite new for computing sciences. This talk will present a systematic approach to understanding service and cloud computing and will provide a Service Development Life Cycle approaches and market niche techniques and tools

Combining Enforcement Strategies in Service Oriented Architectures

n/

Security-Driven Software Evolution Using A Model Driven Approach

High security level must be guaranteed in applications in order to mitigate risks during the deployment of information systems in open network environments. However, a significant number of legacy systems remain in use which poses security risks to the enterprise’ assets due to the poor technologies used and lack of security concerns when they were in design. Software reengineering is a way out to improve their security levels in a systematic way. Model driven is an approach in which model as defined by its type directs the execution of the process. The aim of this research is to explore how model driven approach can facilitate the software reengineering driven by security demand. The research in this thesis involves the following three phases. Firstly, legacy system understanding is performed using reverse engineering techniques. Task of this phase is to reverse engineer legacy system into UML models, partition the legacy system into subsystems with the help of model slicing technique and detect existing security mechanisms to determine whether or not the provided security in the legacy system satisfies the user’s security objectives. Secondly, security requirements are elicited using risk analysis method. It is the process of analysing key aspects of the legacy systems in terms of security. A new risk assessment method, taking consideration of asset, threat and vulnerability, is proposed and used to elicit the security requirements which will generate the detailed security requirements in the specific format to direct the subsequent security enhancement. Finally, security enhancement for the system is performed using the proposed ontology based security pattern approach. It is the stage that security patterns derived from security expertise and fulfilling the elicited security requirements are selected and integrated in the legacy system models with the help of the proposed security ontology. The proposed approach is evaluated by the selected case study. Based on the analysis, conclusions are drawn and future research is discussed at the end of this thesis. The results show this thesis contributes an effective, reusable and suitable evolution approach for software security

Cloud Computing Architecture

Programiranje u oblaku je u konstantnom porastu kao nova paradigma online usluga vezanih uz razna područja primjene i interesa. No, dizajniranje novih usluga u oblaku kao i dizajniranje usluga u već postojeće poslovne koncepte predstavlja veliki proces u koji treba uključiti puno elemenata. Od velike je važnosti za dizajnere aplikacija u oblaku da znaju koja su glavna pitanja i problemi sudionika usluga u oblaku kao što su korisnici oblaka, pružatelji oblaka i posrednici oblaka. U ovom su radu istraženi glavni izazovi i pitanja tijekom izgradnje aplikacije za oblak kao i različiti arhitekturalni pristupi vezani uz rješavanje spomenutih pitanja. Istraživanje je pokazalo da sigurnost i privatnost podataka predstavljaju najveći problem za korisnike oblaka kao i za pružatelje usluga u oblaku. Ovaj rad daje kompletnu kategorizaciju studija koji opisuju razne pristupe i razmatranja arhitekture prilikom dizajniranja aplikacija za oblak.Cloud Computing has emerged as a new paradigm in the field of network-based services within many industrial and application domains. However, building new services in the cloud or designing cloud-based solutions into existing business context is a complex decision process involving many factors. It is important for the cloud designers to know what are the main concerns of cloud stakeholders such as cloud consumers, cloud providers and cloud brokers. In this study were investigated the main challenges and concerns while building cloud-based architectures and different architectural approaches are proposed to meet these specific concerns. The study revealed that security and dana privacy is on the top of the list of concerns for both cloud consumers and cloud providers. This study gives fully categorized studies that describe architectural approaches and design considerations when architecting for the cloud

Internet of Things: Architecture and Services for Healthcare

Internet of Things (IoT) is a recent prominent collaboration of various technologies that enables spatially distributed devices (“things”) to sense, communicate and share information, thus generating a variety of applications and services in Healthcare. IoT is implemented in multiple domains like Smart city, energy and smart grid, Smart home, weather forecasting, Agriculture, Market and Transportation, Manufacturing and testing industries, Healthcare and many more. IoT serves the purpose of making tasks more efficient and productive and at the same time ensuring quality and reliability. IoT technologies provide an enabling framework for inter-connecting devices, systems, and services that go beyond Machine-to-Machine scenarios within today’s internet infrastructure. Healthcare industry is among the fastest fields to embrace IoT for numerous health services. IoT technologies will enable doctors / physicians / caretakers to be in touch with patients all the time. Various physiological parameters and markers can be monitored on a real-time basis for early detection of serious health symptoms that could endanger the life of patients. Diagnosis of diseases can be more accurate and in time for early treatment which will significantly improve recovery time. Diagnostic medical devices, sensors, and imaging devices that are integrated within the network for building an efficient and real-time system. The market for IoT in the healthcare sector is expected to grow rapidly in terms of connecting hospitals with patients for remote monitoring, emergency care services and remote surgery through augmented virtual reality. This thesis explores advances in IoT- based technologies in the healthcare environment. The thesis presents an architecture that defines a possible reference platform for seamless inter-connectivity between devices and software systems to enable new services. The architecture has multiple layers each of which performs specific functions to enable the realization of novel healthcare services. The thesis provides a comprehensive comparison between different Short range communication technologies, Mobile communication and Low Power Wide Area (LPWA) technologies. Based upon different scenarios of IoT healthcare services implementation, data computation capabilities provided by various cloud computing models and edge computing models are also discussed. The thesis provides a survey on various healthcare services that are implemented inside (and outside) hospital premises, e.g., remote health monitoring, Ambient Assisted Living among others. The impact of two prominent key technologies: Network Functions Virtualization (NFV) and Software Defined Networks (SDN) has been discussed and showed the benefits of implementing control and management function-especially at the edge network- utilizing SDN/NFV. This provides a flexible approach for deployment of healthcare services in close proximity to computing resources and improves communication control. IoT acknowledges a reliable and secure data exchange in real-time and oriented to improve Quality of Life (QoL). Internet of Things (IoT) serves the purpose of the advance concatenation of devices, systems, and services that go beyond the Machine-to-Machine scenario within today’s internet infrastructure with extended benefits