A Blockchain-based Decentralized Electronic Marketplace for Computing Resources

AbstractWe propose a framework for building a decentralized electronic marketplace for computing resources. The idea is that anyone with spare capacities can offer them on this marketplace, opening up the cloud computing market to smaller players, thus creating a more competitive environment compared to today's market consisting of a few large providers. Trust is a crucial component in making an anonymized decentralized marketplace a reality. We develop protocols that enable participants to interact with each other in a fair way and show how these protocols can be implemented using smart contracts and blockchains. We discuss and evaluate our framework not only from a technical point of view, but also look at the wider context in terms of fair interactions and legal implications

Developing and Evaluating a University Recommender System

A challenge for many young adults is to find the right institution to follow higher education. Global university rankings are a commonly used, but inefficient tool, for they do not consider a person's preferences and needs. For example, some persons pursue prestige in their higher education, while others prefer proximity. This paper develops and evaluates a university recommender system, eliciting user preferences as ratings to build predictive models and to generate personalized university ranking lists. In Study 1, we performed offline evaluation on a rating dataset to determine which recommender approaches had the highest predictive value. In Study 2, we selected three algorithms to produce different university recommendation lists in our online tool, asking our users to compare and evaluate them in terms of different metrics (Accuracy, Diversity, Perceived Personalization, Satisfaction, and Novelty). We show that a SVD algorithm scores high on accuracy and perceived personalization, while a KNN algorithm scores better on novelty. We also report findings on preferred university features.publishedVersio

Open source systems security certification

Open Source Advances in Computer Applications book series provides timely technological and business information for: Enabling Open Source Systems (OSS) to become an integral part of systems and devices produced by technology companies; Inserting OSS in the critical path of complex network development and embedded products, including methodologies and tools for domain-specific OSS testing (lab code available), plus certification of security, dependability and safety properties for complex systems; Ensuring integrated systems, including OSS, meet performance and security requirements as well as achieving the necessary certifications, according to the overall strategy of OSS usage on the part of the adopte

Trustworthy Cloud Certification: A Model-Based Approach

International audienceCloud computing is introducing an architectural paradigm shift that involves a large part of the IT industry. The flexibility in allocating and releasing resources at runtime creates new business opportunities for service providers and their customers. However, despite its advantages, cloud computing is still not showing its full potential. Lack of mechanisms to formally assess the behavior of the cloud and its services/processes, in fact, negatively affects the trust relation between providers and potential customers, limiting customer movement to the cloud. Recently, cloud certification has been proposed as a means to support trustworthy services by providing formal evidence of service behavior to customers. One of the main limitations of existing approaches is the uncertainty introduced by the cloud on the validity and correctness of existing certificates. In this paper, we present a trustworthy cloud certification approach based on model verification. Our approach checks certificate validity at runtime, by continuously verifying the correctness of the service model at the basis of certification activities against real and synthetic service execution traces

Platforms for Serverless at the Edge : A Review

The continuous demand for low latency, high reliability, and context-aware content has pushed the existing computational models to their limit. The cloud with its infinite resources can accommodate many of the existing scenarios, however, as new scenarios emerge in the IoT area, the cloud falls short. In this context, the Edge Computing model emerged as an extension to the cloud in support of low latency and high-performance applications, by placing part of cloud resources at the edge of the network, in close proximity to the data sources and applications. The goal of Edge Computing is to provide the same level of abstraction at the cloud but in a local context. However, since Edge Computing inherits many of the benefits provided by the cloud, it also inherits some of its drawbacks. One such limitation is the management overhead needed to set-up and continuously configure the Edge Computing applications. In the cloud space, this problem has been addressed using a new paradigm called serverless technology. Similarly, in the Edge Computing, few attempts are being developed to bring the concept of Serverless Computing at the edge. In this paper, we survey the main edge computing platforms that provide support for serverless computing comparing their characteristics and identifying issues and research directions.acceptedVersionPeer reviewe

Patterns for serverless functions (Function-as-a-Service) : A multivocal literature review

[Context] Serverless is a recent technology that enables companies to reduce the overhead for provisioning, scaling and in general managing the infrastructure. Companies are increasingly adopting Serverless, by migrating existing applications to this new paradigm. Different practitioners proposed patterns for composing and managing serverless functions. However, some of these patterns offer different solutions to solve the same problem, which makes it hard to select the most suitable solution for each problem. [Goal] In this work, we aim at supporting practitioners in understanding the different patterns, by classifying them and reporting possible benefits and issues. [Method]We adopted a multivocal literature review process, surveying peer-reviewed and grey literature and classifying patterns (common solutions to solve common problems), together with benefits and issues. [Results] Among 24 selected works, we identified 32 patterns that we classified as orchestration, aggregation, event-management, availability, communication, and authorization. [Conclusion] Practitioners proposed a list of fairly consistent patterns, even if a small number of patterns proposed different solutions to similar problems. Some patterns emerged to circumvent some serverless limitations, while others for some classical technical problems (e.g. publisher/subscriber).publishedVersionPeer reviewe

Developing and Evaluating a University Recommender System

A challenge for many young adults is to find the right institution to follow higher education. Global university rankings are a commonly used, but inefficient tool, for they do not consider a person's preferences and needs. For example, some persons pursue prestige in their higher education, while others prefer proximity. This paper develops and evaluates a university recommender system, eliciting user preferences as ratings to build predictive models and to generate personalized university ranking lists. In Study 1, we performed offline evaluation on a rating dataset to determine which recommender approaches had the highest predictive value. In Study 2, we selected three algorithms to produce different university recommendation lists in our online tool, asking our users to compare and evaluate them in terms of different metrics (Accuracy, Diversity, Perceived Personalization, Satisfaction, and Novelty). We show that a SVD algorithm scores high on accuracy and perceived personalization, while a KNN algorithm scores better on novelty. We also report findings on preferred university features

Anomaly Detection and Analysis for Reliability Management Clustered Container Architectures

Virtualised environments such as cloud and edgecomputing architectures allow software to be deployed andmanaged through third-party provided services. Here virtualisedresources available can be adjusted, even dynamically to changingneeds. However, the problem is often the boundary between theservice provider and the service consumer. Often there is no directaccess to execution parameters at resource level on the provider'sside. Generally, only some quality factors can be directly observedwhile others remain hidden from the consumer. We propose anarchitecture for autonomous anomaly analysis for clustered cloudor edge resources. The key contribution is that the architecturedetermines possible causes of consumer-observed anomalies inan underlying provider-controlled infrastructure. We use HiddenHierarchical Markov Models to map observed performanceanomalies to hidden resources, and to identify the root causes ofthe observed anomalies in order to improve reliability. We applythe model to clustered hierarchically organised cloud computingresources. We illustrate use cases in the context of containertechnologies to show the utility of the proposed architectur

A Certification Technique for Cloud Security Adaptation

Unpredictability of cloud computing due to segregation of visibility and control between applications, data owners, and cloud providers increases tenants’ uncertainty when using cloud services. Adaptation techniques become fundamental to provide a reliable cloud-based infrastructure with definite behavior, which preserves a stable quality of service for tenants. Existing adaptation techniques mostly focus on performance properties and are based on unverifiable evidence, which is collected in an untrusted way. In this paper, we propose a security-oriented adaptation technique for the cloud, based on evidence collected by means of a reliable certification process. Our approach adapts the cloud to maintain stable security properties over time, by continuously verifying certificate validity. It uses the output of verification activities to index a feature model, where equivalent configurations are used as the basis for adaptation. We also provide an analysis of the approach on British Telecommunications (BT) premises