A Comparison of Two-Level and Multi-level Modelling for Cloud-Based Applications

The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-21151-0_2The Cloud Modelling Framework (CloudMF) is an approach to apply model-driven engineering principles to the specification and execution of cloud-based applications. It comprises a domain-specific language to model the deployment topology of multi-cloud applications, along with a models@run-time environment to facilitate reasoning and adaptation of these applications at run-time. This paper reports on some challenges encountered during the design of CloudMF, related to the adoption of the two-level modelling approach and especially the type-instance pattern. Moreover, it proposes the adoption of an alternative, multi-level modelling approach to tackle these challenges, and provides a set of criteria to compare both approaches.The research leading to these results has received funding from the European Commission’s Seventh Framework Programme (FP7/2007-2013) under grant agreement numbers 317715 (PaaSage), 318392 (Broker@Cloud), and 611125 (MONDO), the Spanish Ministry under project Go Lite (TIN2011-24139), and the Madrid Region under project SICOMORO (S2013/ICE-3006)

Evolving multi-tenant SaaS cloud applications using model-driven engineering

Cloud computing promotes multi-tenancy for efficient resource utilization by sharing hardware and software infrastructure among multiple clients. Multi-tenant applications running on a cloud infrastructure are provided to clients as Software-as-a-Service (SaaS) over the network. Despite its benefits, multi-tenancy introduces additional challenges, such as p artitioning, extensibility, and customizability during the application development. Over time, after the application deployment, new requirements of clients and changes in business environment result application evolution. As the application evolves, its complexity also increases. In multi-tenancy, evolution demanded by individual clients should not affect availability , security , and performance of the application for other clients. Thus, the multi- tenancy concerns add more complexity by causing variability in design decisions. Managing this complexity requires adequate approaches and tools. In this paper, we propose modeling techniques from software product lines (SPL) and model-driven engineering (MDE) to manage variability and support evolution of multi-tenant applications and their requirements. Specifically, SPL was ap p lied to define technological and concep tual variabilities during the application design, where MDE was suggested to manage these variabilities. We also present a process of how MDE can address evolution of multi-tenant applications using variability models

Managing multi-cloud systems with CloudMF

n/

ARTIST: Model-Based Stairway to the Cloud

International audienceOver the past decade, cloud services emerged as one of the most promising technologies in IT. Since cloud computing allows improving the quality of software and, at the same time, aims at reducing costs of operating software and hardware, more and more software is delivered as a service in the cloud. However , moving existing software applications to the cloud and making them behave as software as a service is still a major challenge. In fact, in addition to technical aspects, business aspects also need to be considered. The ARTIST EU project (FP7) proposes a comprehensive model-based modernization approach, covering both business and technical aspects, to cloudify already existing software. In particular , ARTIST employs MDE techniques to automate the reverse engineering and forward engineering phases in a way that modernized software truly benefits from targeted cloud environments. In this paper we describe the overall ARTIST approach and present several lessons learned

An Integrated Framework for the Methodological Assurance of Security and Privacy in the Development and Operation of MultiCloud Applications

x, 169 p.This Thesis studies research questions about how to design multiCloud applications taking into account security and privacy requirements to protect the system from potential risks and about how to decide which security and privacy protections to include in the system. In addition, solutions are needed to overcome the difficulties in assuring security and privacy properties defined at design time still hold all along the system life-cycle, from development to operation.In this Thesis an innovative DevOps integrated methodology and framework are presented, which help to rationalise and systematise security and privacy analyses in multiCloud to enable an informed decision-process for risk-cost balanced selection of the protections of the system components and the protections to request from Cloud Service Providers used. The focus of the work is on the Development phase of the analysis and creation of multiCloud applications.The main contributions of this Thesis for multiCloud applications are four: i) The integrated DevOps methodology for security and privacy assurance; and its integrating parts: ii) a security and privacy requirements modelling language, iii) a continuous risk assessment methodology and its complementary risk-based optimisation of defences, and iv) a Security and Privacy Service Level AgreementComposition method.The integrated DevOps methodology and its integrating Development methods have been validated in the case study of a real multiCloud application in the eHealth domain. The validation confirmed the feasibility and benefits of the solution with regards to the rationalisation and systematisation of security and privacy assurance in multiCloud systems

An Incremental and Model Driven Approach for the Dynamic Reconfiguration of Cloud Application Architectures

In incremental development approaches, the integration of new services into the actual cloud application may trigger the dynamic reconfiguration of the cloud application architecture, thus changing its structure and behavior at runtime. This paper presents a model driven approach that uses the specification of how the integration of new services will change the current cloud application architecture to obtain: i) the orchestration of services, ii) skeletons of interface implementations, and iii) the operationalization of reconfiguration actions to be applied at runtime. This approach follows the DIARy-process, which defines the activities needed to reconfigure dynamically the architecture of cloud services. The feasibility of the approach is illustrated by means of a case study that uses Microsoft Azure© as a service deployment platform. WCF Workflow services are generated and deployed for orchestration, whereas XML transformation files are generated to update services’ binding configurations at runtim