Proceedings of the Fifth Mediterranean Conference on Information Systems: Professional Development Consortium

Collection of position statements of doctoral students and junior faculty in the Professional Development Consortium at the the Fifth Mediterranean Conference on Information Systems, Tel Aviv - Yafo

ADVANCED SLA MANAGEMENT IN CLOUD COMPUTING

The advent of high-performance technologies and the increase in volume of data used by organizations led to the need for migration from an internal structure to Cloud environment. The continuous development of tools, methods and techniques have expanded the understanding of the various functions, structures and processes related to Cloud Computing. However, the increase in computing power led to the development and use of more complex models, including this scope the complexity of Service Level Agreements (SLA). The need for understanding at a high level of SLAs established between customers and service providers in Cloud led to different studies on the definition and standardization of these agreements. Nowadays, cloud computing technologies are becoming more and more popular, especially with respect to data storage. However, the processes used to determine the Cloud Service Agreements do not consider the final customer\u2019s needs, considering only the supply capacity of the service provider. For these reasons, the development of service agreements that meets the needs of customers should be designed in order to increase the usability of Cloud environments, and enabling the discovery of new areas of application in accordance with market demand. In this context, the use of ontologies that describes the information that composes each type of service, and thus enable an understanding of the agreements reached, is configured as an approach to be considered. Moreover, the generalization and abstraction of information that can be observed in different services allows a broader vision for managing SLAs. For these reasons, this thesis aims to find innovative methods for the composition of Service Level Agreements in Cloud Computing. In particular, the methods presented allow demonstrate the convergence of several consolidated techniques in research on Cloud SLA using a new approach that considers new demands on Cloud and allows control of the established agreements, in addition to effectively ensure the application of the concept of XaaS (everything as a service). The originality of the approach allows the registration, search, composition and control of services in Cloud using the same structure. The new approach presented in this thesis allows the understanding of the impact of the new services requested by customers, giving the provider the possibility of simulating the use of the necessary resources to meet the new services\u2019 requests. From the presentation of a conceptual framework we can demonstrate the use of our approach through the examples of different situations presented in the real world and considering the new market possibilities

Service level agreement specification for IoT application workflow activity deployment, configuration and monitoring

PhD ThesisCurrently, we see the use of the Internet of Things (IoT) within various domains such as healthcare, smart homes, smart cars, smart-x applications, and smart cities. The number of applications based on IoT and cloud computing is projected to increase rapidly over the next few years. IoT-based services must meet the guaranteed levels of quality of service (QoS) to match users’ expectations. Ensuring QoS through specifying the QoS constraints using service level agreements (SLAs) is crucial. Also because of the potentially highly complex nature of multi-layered IoT applications, lifecycle management (deployment, dynamic reconfiguration, and monitoring) needs to be automated. To achieve this it is essential to be able to specify SLAs in a machine-readable format. currently available SLA specification languages are unable to accommodate the unique characteristics (interdependency of its multi-layers) of the IoT domain. Therefore, in this research, we propose a grammar for a syntactical structure of an SLA specification for IoT. The grammar is based on a proposed conceptual model that considers the main concepts that can be used to express the requirements for most common hardware and software components of an IoT application on an end-to-end basis. We follow the Goal Question Metric (GQM) approach to evaluate the generality and expressiveness of the proposed grammar by reviewing its concepts and their predefined lists of vocabularies against two use-cases with a number of participants whose research interests are mainly related to IoT. The results of the analysis show that the proposed grammar achieved 91.70% of its generality goal and 93.43% of its expressiveness goal. To enhance the process of specifying SLA terms, We then developed a toolkit for creating SLA specifications for IoT applications. The toolkit is used to simplify the process of capturing the requirements of IoT applications. We demonstrate the effectiveness of the toolkit using a remote health monitoring service (RHMS) use-case as well as applying a user experience measure to evaluate the tool by applying a questionnaire-oriented approach. We discussed the applicability of our tool by including it as a core component of two different applications: 1) a contextaware recommender system for IoT configuration across layers; and 2) a tool for automatically translating an SLA from JSON to a smart contract, deploying it on different peer nodes that represent the contractual parties. The smart contract is able to monitor the created SLA using Blockchain technology. These two applications are utilized within our proposed SLA management framework for IoT. Furthermore, we propose a greedy heuristic algorithm to decentralize workflow activities of an IoT application across Edge and Cloud resources to enhance response time, cost, energy consumption and network usage. We evaluated the efficiency of our proposed approach using iFogSim simulator. The performance analysis shows that the proposed algorithm minimized cost, execution time, networking, and Cloud energy consumption compared to Cloud-only and edge-ward placement approaches

The analysis of cloud computing service level agreement (SLA) to support cloud service consumers with the SLA creation process

Cloud computing has been developing rapidly in the past few years. Stakeholders and several users started to migrate their data to the cloud to benefit from its usage and storage. The first step cloud service provider (CSP) and cloud service consumers (CSC) deal with is the service level agreement (SLA). It is an agreement issued between the cloud service provider and the cloud service customer that contains the consumer’s service requirements and the service level provided by cloud service providers. The process to create an SLA agreement is very essential for both cloud service providers and consumers. However, it could be vague and not well defined. To enhance the usage of any cloud services, the content and the creation of the SLA agreement should be handled efficiently and carefully. In this thesis, first we conducted a literature review to check the level of occurrence of SLA and SLO parameters in the academia and generate a list of the most and least studied SLA and SLO parameters. In the second chapter, we confronted this list to the three most popular cloud service providers in the modern market (Amazon, Microsoft and Google) to investigate their SLA agreement coverage. Finally, in the last chapter, we proposed an SLA toolkit that could assist cloud service providers and consumers in the process of SLA creation. This SLA toolkit would help the consumers through the negation phase and facilitate the selection process to choose the most applicable cloud service providers’ offer

A SEMANTIC BASED POLICY MANAGEMENT FRAMEWORK FOR CLOUD COMPUTING ENVIRONMENTS

Cloud computing paradigm has gained tremendous momentum and generated intensive interest. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this dissertation, we mainly focus on issues related to policy management and access control in the cloud. Currently, users have to use diverse access control mechanisms to protect their data when stored on the cloud service providers (CSPs). Access control policies may be specified in different policy languages and heterogeneity of access policies pose significant problems.An ideal policy management system should be able to work with all data regardless of where they are stored. Semantic Web technologies when used for policy management, can help address the crucial issues of interoperability of heterogeneous CSPs. In this dissertation, we propose a semantic based policy management framework for cloud computing environments which consists of two main components, namely policy management and specification component and policy evolution component. In the policy management and specification component, we first introduce policy management as a service (PMaaS), a cloud based policy management framework that give cloud users a unified control point for specifying authorization policies, regardless of where the data is stored. Then, we present semantic based policy management framework which enables users to specify access control policies using semantic web technologies and helps address heterogeneity issues of cloud computing environments. We also model temporal constraints and restrictions in GTRBAC using OWL and show how ontologies can be used to specify temporal constraints. We present a proof of concept implementation of the proposed framework and provide some performance evaluation. In the policy evolution component, we propose to use role mining techniques to deal with policy evolution issues and present StateMiner, a heuristic algorithm to find an RBAC state as close as possible to both the deployed RBAC state and the optimal state. We also implement the proposed algorithm and perform some experiments to demonstrate its effectiveness

Development of a framework for cloud-based ERP implementation in developing countries.

This research aims to provide a framework to support organizations in cloud-based Enterprise Resource Planning implementation successfully based on benefits realization (BR) approach. The framework has been developed through benefits realization management with adopting the maturity concept to realize most of the expected benefits. The methodology covers four stages, namely, understanding context and current practices, data collection and analysis, framework development and validation. The interview technique has been used to collect data from industries in different sectors based on the qualitative research approach and case study strategy. The research methodology was applied on organizations (customer) and cloud service providers in developing countries during different times of cloud-based ERP post-implementation. The framework integrated maturity and benefit realization (BR) model for better realization; The benefit realization model has four phases, identifying, planning, assessing, and establishing of the benefits. BR approach required a proactive procedure that is maturity which consists of three phases: identification, evaluation, and action. The assessment tools for both models are conducted by using multi-grade fuzzy logic, that will provide indices which shows the organization where they are (maturity index) and where they are going to be (BR index). The developed framework has been validated using assessment tools with industrial experts and the result has been examined by Spearman rank correlation coefficient that shows a perfect positive correlation. The main contribution of this research focused on integrating the benefits realization approach and maturity concept of cloud-based ERP system implementation in the developing countries. The maturity helps organizations to improve the weaknesses area by assessing five enablers: (leadership, strategy, people, technology, and governance) before starting the implementation, to pave the way for realizing the benefits. While the benefit realization model assess organization to realize the expected benefits (operational, managerial, strategic, technology, and organizational) and establish potential for further benefits lead to investment objectives at the end.PhD in Manufacturin

e-Skills: The International dimension and the Impact of Globalisation - Final Report 2014

In today’s increasingly knowledge-based economies, new information and communication technologies are a key engine for growth fuelled by the innovative ideas of highly - skilled workers. However, obtaining adequate quantities of employees with the necessary e-skills is a challenge. This is a growing international problem with many countries having an insufficient numbers of workers with the right e-Skills. For example: Australia: “Even though there’s 10,000 jobs a year created in IT, there are only 4500 students studying IT at university, and not all of them graduate” (Talevski and Osman, 2013). Brazil: “Brazil’s ICT sector requires about 78,000 [new] people by 2014. But, according to Brasscom, there are only 33,000 youths studying ICT related courses in the country” (Ammachchi, 2012). Canada: “It is widely acknowledged that it is becoming inc reasingly difficult to recruit for a variety of critical ICT occupations –from entry level to seasoned” (Ticoll and Nordicity, 2012). Europe: It is estimated that there will be an e-skills gap within Europe of up to 900,000 (main forecast scenario) ICT pr actitioners by 2020” (Empirica, 2014). Japan: It is reported that 80% of IT and user companies report an e-skills shortage (IPA, IT HR White Paper, 2013) United States: “Unlike the fiscal cliff where we are still peering over the edge, we careened over the “IT Skills Cliff” some years ago as our economy digitalized, mobilized and further “technologized”, and our IT skilled labour supply failed to keep up” (Miano, 2013)

Contextual governance for service oriented architecture composition

Currently, business requirements for rapid operational efficiency, customer responsiveness as well as rapid adaptability are driving the need for ever increasing communication and integration capabilities ofthe software assets. Functional decomposition into re-usable software entities, loose coupling, and distribution of resources are all perceived benefits of the investment on Service Oriented Architecture (SOA). This malleability can also bring about the risk of a more difficult oversight. The same service is ideally used in different applications and contexts. This situation forces a supporting infrastructure to allow and manage the adaptability to these different contexts of use. In this thesis, the author proposes to govern such variations in a cost efficient way by composing the core business function offered by a service with other services implementing infrastructure capabilities that fulfil varying non-functional requirements. However, as the number of services increases and their use in different contexts proliferates, it becomes necessary to automate policy enforcement and compliance monitoring. Furthermore, the composition of services into different business applications over a common infrastructure intensifies the need for end-to-end monitoring and analysis in order to assess the business performance impact. Managing the full life-cycle of service definition, deployment, exposure and operation requires management processes that take into account their composition with the infrastructure capabilities that take of non-functional requirements. In addition, policies may change during the life-time of a service. Policy updates may be the result of various reasons including business optimisation, of reaction to new business opportunities, of risk / threat mitigation, of operational emergencies, etc. It becomes therefore clear that a well-designed governance architecture is a prerequisite to implementing a SOA capable of dealing with a complex and dynamic environment.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Management: A continuing bibliography with indexes

This bibliography lists 551 reports, articles, and other documents introduced into NASA scientific and technical information system in 1980

Embedding risk management within new product and service development of an innovation and risk management framework and supporting risk processes, for effective risk mitigation : an action research study within the Information and Communication Technology (ICT) Sector

At first glance, innovation and risk management seem like two opposing disciplines with diverse objectives. The former seeks to be flexible and encourages enhanced solutions and new ideas, while the latter can be seen as stifling such innovative thinking. Since there is a failure rate of as many as eight out of every ten products launched, it is perhaps necessary for organisations to consider applying more structured approaches to innovation, in order to better manage risks and to increase the chances of delivering improved goods and services. A risk management approach is well suited to address the challenge of failure, as it focuses not only on the negative impact of risks but also on the opportunities they present. It aligns these with the strategic objectives of the organisation to increase the chances of its success. The research objective of this study was to establish how to embed risk management within the innovation divisions of an organisation to ensure that more efficient products and services are delivered to customers. To achieve this end, action research was conducted in a large organisation operating in a high-technology environment that launches many diverse products and services and rapidly expanding service offerings to other industries. The study took four years to complete and delivered multiple interventions that successfully embedded risk management within the organisation, leading to changed behaviours and double-loop learning. Two main knowledge contributions are offered by the study. Firstly, a generic and empirically validated integrated Innovation and Risk Management Framework (IRMF) is developed and guides new product and service development by considering both best practices and risks. Secondly, a risk dashboard is designed as a design science artefact within the action research cycles, which consolidates all the knowledge that was generated during the study. This is ultimately a visual interface to support stage-gate decision making. Since the context of the study was broad, extensive and complicated, the use of mixed-method research complemented and expanded on the findings by providing another layer of support and validation. This thesis highlights the complexity of innovation and presents the need for an organising framework that will encourage innovation but is sufficiently flexible to cater for diverse needs and risks. The study delivers several other, valuable contributions regarding what, how and why incidents occur within the real-world context of new product and service development. Several generic artefacts, such as risk processes and maturity frameworks, are also developed, which can guide risk and new product and service development practitioners to deliver more efficient product and services. This study offers several novel approaches to evaluating risks and provides practical support and recommendations, addressing shortcomings of fragmented research in similar, but smaller-scale studies that have been conducted in information systems. It is the premise of this research that a much wider number of risks need to be managed as new products and services are developed, than was noted in previous studies. Effective risk management in new product and service development could lead to competitive advantage for organisations by increasing knowledge and facilitating sustainable, informed risk decision-making