Self-Healing Multitier Architectures Using Cascading Rescue Points

Software bugs and vulnerabilities cause serious problems to both home users and the Internet infrastructure, limiting the availability of Internet services, causing loss of data, and reducing system integrity. Software self-healing using rescue points (RPs) is a known mechanism for recovering from unforeseen errors. However, applying it on multitier architectures can be problematic because certain actions, like transmitting data over the network, cannot be undone. We propose cascading rescue points (CRPs) to address the state inconsistency issues that can arise when using traditional RPs to recover from errors in interconnected applications. With CRPs, when an application executing within a RP transmits data, the remote peer is notified to also perform a checkpoint, so the communicating entities checkpoint in a coordinated, but loosely coupled way. Notifications are also sent when RPs successfully complete execution, and when recovery is initiated, so that the appropriate action is performed by remote parties. We developed a tool that implements CRPs by dynamically instrumenting binaries and transparently injecting notifications in the already established TCP channels between applications. We tested our tool with various applications, including the MySQL and Apache servers, and show that it allows them to successfully recover from errors, while incurring moderate overhead between 4.54% and 71.56%

Information Flow Auditing in the Cloud

As cloud technology matures and trendsetters like Google, Amazon, Microsoft, Apple, and VMware have become the top-tier cloud services players, public cloud services have turned mainstream for individual users. In this work, I propose a set of techniques that can be used as the basis for alleviating cloud customers' privacy concerns and elevating their condence in using the cloud for security-sensitive operations as well as trusting it with their sensitive data. The main goal is to provide cloud customers' with a reliable mechanism that will cover the entire path of tracking their sensitive data, while they are collected and used by cloud-hosted services, to the presentation of the tracking results to the respective data owners. In particular, my design accomplishes this goal by retrofitting legacy applications with data flow tracking techniques and providing the cloud customers with comprehensive information flow auditing capabilities. For this purpose, we created CloudFence, a cloud-wide fine-grained data flow tracking (DFT) framework, that sensitive data in well-defined domains, offering additional protection against inadvertent leaks and unauthorized access

QoS awareness and adaptation in service composition

The dynamic nature of a Web service execution environment generates frequent variations in the Quality of Service offered to the consumers, therefore, obtaining the expected results while running a composite service is not guaranteed. When combining this highly changing environment with the increasing emphasis on Quality of Service, management of composite services turns into a time consuming and complicated task. Different approaches and tools have been proposed to mitigate the impacts of unexpected events during the execution of composite services. Among them, self-adaptive proposals have stood out, since they aim to maintain functional and quality levels, by dynamically adapting composite services to the environment conditions, reducing human intervention. The research presented in this Thesis is centred on self-adaptive properties in service composition, mainly focused on self-optimization. Three models have been proposed to target self-optimization, considering various QoS parameters, the benefit of performing adaptation, and looking at adaptation from two perspectives: reactive and proactive. They target situations where the QoS of the composition is decreasing. Also, they consider situations where a number of the accumulated QoS values, in certain point of the process, are better than expected, providing the possibility of improving other QoS parameters. These approaches have been implemented in service composition frameworks and evaluated through the execution of test cases. Evaluation was performed by comparing the QoS values gathered from multiple executions of composite services, using the proposed optimization models and a non-adaptive approach. The benefit of adaptation was found a useful value during the decision making process, in order to determine if adaptation was needed or not. Results show that using optimization mechanisms when executing composite services provide significant improvements in the global QoS values of the compositions. Nevertheless, in some cases there is a trade-off, where one of the measured parameters shows an increment, in order to improve the others

Combining SOA and BPM Technologies for Cross-System Process Automation

This paper summarizes the results of an industry case study that introduced a cross-system business process automation solution based on a combination of SOA and BPM standard technologies (i.e., BPMN, BPEL, WSDL). Besides discussing major weaknesses of the existing, custom-built, solution and comparing them against experiences with the developed prototype, the paper presents a course of action for transforming the current solution into the proposed solution. This includes a general approach, consisting of four distinct steps, as well as specific action items that are to be performed for every step. The discussion also covers language and tool support and challenges arising from the transformation