Web-IDE for Low-Code Development in OutSystems

Due to the growing popularity of cloud computing and its numerous benefits, many desktop applications have been, and will continue to be, migrated into the cloud and made available through the web. These applications can then be accessed through any device that has access to a browser and internet connection, eliminating the need for installation or managing dependencies. Moreover, the process of introduction to the product is much simpler, faster and collaboration aspects are facilitated. OutSystems is a company that provides software that enables, through an Integrated Development Environment (IDE) and a specific Low-Code language, users to securely and rapidly build robust applications. However, there are only available desktop versions of this IDE. For this reason, the objective of the proposed thesis is to understand what would be the best path for developing a Web-based version of the IDE. To achieve this, it is important not only to understand the OutSystems Platform and, more specifically, the architecture of the Service Studio IDE, which is the component IDE provided by the product, but also to explore the state-of-the-art technologies that could prove to be beneficial for the development of the project. The goal of this work is to debate different architectural possibilities to implement the project in question and present a conclusion as to what the adequate course of action, given the context of the problem. After distinguishing what are the biggest uncertainties and relevant points, a proof of concept is to be presented accompanied with the respective implementation details. Finally, this work intends to determine what would be a viable technological architecture to build a Web-based IDE that is capable of maintaining an acceptable performance, similarly to Service Studio IDE, while also insuring that the this system is scalable, in order to be able to provide the service to a large amount of users. That is to say, to present a conclusion regarding the feasibility of the project proposed.Devido ao aumento de popularidade de tecnologias de computação cloud e as suas inúmeras vantagens, aplicações desktop estão e vão continuar a ser migradas para a cloud para que possam ser acedidas através da web. Estas aplicações podem ser acedidas através de qualquer dispositivo que tenha acesso à internet, eliminando a necessidade de instalação e gestão de dependências. Além disso, o processo de introdução ao produto é simplificado, mais rápido e a colaboração é facilitada. A OutSystems é uma empresa que disponibiliza um software que faz com que utilizadores, através de um IDE e uma linguagem de baixo nível, possam criar aplicações robustas de forma rápida e segura. No entanto, atualmente só existem versões deste IDE para desktop. Como tal, o objetivo da tese proposta é perceber qual será a melhor forma de desenvolver uma versão do IDE sobre a Web. Para alcançar isto, é importante não só compreender a Plataforma OutSystems e, mais especificamente, a arquitetura do Service Studio IDE, que é o principal componente disponibilizado pelo produto, mas também explorar as tecnologias estado de arte que podem ser benéficas para o desenvolvimento do projeto. O objetivo deste trabalho é debater diferentes arquiteturas possíveis para a implementação do projeto e concluir qual será o curso de ação adequado, dado o contexto do problema. Após distinguir quais são os maiores pontos de incerteza, uma prova de conceito é apresentada juntamente com os respetivos detalhes de implementação. Finalmente, este trabalho tem como intenção detalhar uma arquitetura tecnológica viável para construir um IDE na web capaz de manter uma performance aceitável, semelhante à do Service Studio IDE, e garantir a escalabilidade do sistema, de forma a conseguir oferecer o serviço a um número elevado de utilizadores. Por outras palavras, apresentar uma conclusão em relação à viabilidade do projeto proposto

Modern computing: Vision and challenges

Over the past six decades, the computing systems field has experienced significant transformations, profoundly impacting society with transformational developments, such as the Internet and the commodification of computing. Underpinned by technological advancements, computer systems, far from being static, have been continuously evolving and adapting to cover multifaceted societal niches. This has led to new paradigms such as cloud, fog, edge computing, and the Internet of Things (IoT), which offer fresh economic and creative opportunities. Nevertheless, this rapid change poses complex research challenges, especially in maximizing potential and enhancing functionality. As such, to maintain an economical level of performance that meets ever-tighter requirements, one must understand the drivers of new model emergence and expansion, and how contemporary challenges differ from past ones. To that end, this article investigates and assesses the factors influencing the evolution of computing systems, covering established systems and architectures as well as newer developments, such as serverless computing, quantum computing, and on-device AI on edge devices. Trends emerge when one traces technological trajectory, which includes the rapid obsolescence of frameworks due to business and technical constraints, a move towards specialized systems and models, and varying approaches to centralized and decentralized control. This comprehensive review of modern computing systems looks ahead to the future of research in the field, highlighting key challenges and emerging trends, and underscoring their importance in cost-effectively driving technological progress

Verbesserung von Cloud Sicherheit mithilfe von vertrauenswürdiger Ausführung

The increasing popularity of cloud computing also leads to a growing demand for security guarantees in cloud settings. Cloud customers want to be able to execute sensitive data processing in clouds only if a certain level of security can be guaranteed to them despite the unlimited power of the cloud provider over her infrastructure. However, security models for cloud computing mostly require the customers to trust the provider, its infrastructure and software stack completely. While this may be viable to some, it is by far not to all customers, and in turn reduces the speed of cloud adoption. In this thesis, the applicability of trusted execution technology to increase security in a cloud scenario is elaborated, as these technologies are recently becoming widespread available even in commodity hardware. However, applications should not naively be ported completely for usage of trusted execution technology as this would affect the resulting performance and security negatively. Instead they should be carefully crafted with specific characteristics of the used trusted execution technology in mind. Therefore, this thesis first comprises the discussion of various security goals of cloud-based applications and an overview of cloud security. Furthermore, it is investigated how the ARM TrustZone technology can be used to increase security of a cloud platform for generic applications. Next, securing standalone applications using trusted execution is described at the example of Intel SGX, focussing on relevant metrics that influence security as well as performance of such an application. Also based on Intel SGX, in this thesis a design of a trusted serverless cloud platform is proposed, reflecting the latest evolution of cloud-based applications.Die steigende Popularität von Cloud Computing führt zu immer mehr Nachfrage und auch strengeren Anforderungen an die Sicherheit in der Cloud. Nur wenn trotz der technischen Möglichkeiten eines Cloud Anbieters über seine eigene Infrastruktur ein entsprechendes Maß an Sicherheit garantiert werden kann, können Cloud Kunden sensible Daten einer Cloud Umgebung anvertrauen und diese dort verarbeiten. Das vorherrschende Paradigma bezüglich Sicherheit erfordert aktuell jedoch zumeist, dass der Kunde dem Cloud Provider, dessen Infrastruktur sowie den damit verbundenen Softwarekomponenten komplett vertraut. Während diese Vorgehensweise für manche Anwendungsfälle einen gangbaren Weg darstellen mag, ist dies bei Weitem nicht für alle Cloud Kunden eine Option, was nicht zuletzt auch die Annahme von Cloud Angeboten durch potentielle Kunden verlangsamt. In dieser Dissertation wird nun die Anwendbarkeit verschiedener Technologien für vertrauenswürdige Ausführung zur Verbesserung der Sicherheit in der Cloud untersucht, da solche Technologien in letzter Zeit auch in preiswerteren Hardwarekomponenten immer verbreiteter und verfügbarer werden. Es ist jedoch keine triviale Aufgabe existierende Anwendungen zur portieren, sodass diese von solch gearteten Technologien profitieren können, insbesondere wenn neben Sicherheit auch Effizienz und Performanz der Anwendung berücksichtigt werden soll. Stattdessen müssen Anwendungen sorgfältig unter verschiedenen spezifischen Gesichtspunkten der jeweiligen Technologie umgestaltet werden. Aus diesem Grund umfasst diese Dissertation zunächst eine Diskussion verschiedener Sicherheitsziele für Cloud-basierte Anwendungen und eine Übersicht über die Thematik "Cloud Sicherheit". Zunächst wird dann das Potential der ARM TrustZone Technologie zur Absicherung einer Cloud Plattform für generische Anwendungen untersucht. Anschließend wird beschrieben wie eigenständige und bestehende Anwendungen mittels vertrauenswürdiger Ausführung am Beispiel Intel SGX abgesichert werden können. Dabei wurde der Fokus auf relevante Metriken gesetzt, die die Sicherheit und Performanz einer solchen Anwendung beeinflussen. Zuletzt wird, ebenfalls basierend auf Intel SGX, eine vertrauenswürdige "Serverless" Cloud Plattform vorgestellt und damit auf aktuelle Trends für Cloud Plattformen eingegangen