Análise do impacto das plataformas pay-as-you-go de computação em nuvem na construção e precificação de software / An analysis of the impact of pay-as-you-go cloud plataforms in the software development and pricing

Barbosa, Fernando Pires

30 September 2011

Cloud computing is a new paradigm that is changing the way we consume IT resources. One of the major changes is related to the pay-as-you-go pricing model. There are several kinds of cloud services being offered and the best option for software developers are Platform as a Service (PaaS). Even with cloud computing beeing a buzzword nowadays, there are few studies being developed to cover the way it will impact the software development. This thesis intents to contribute to fill this gap and provide the basis for new detailed studies about this subject. It presents an analysis about the main aspects in software delevopment that must be afected by the pay-as-you-go cloud model and highlights some of theses changes trough a case study. We noticed significant changes in the following areas: software pricing, performance benchmarks, software development estimation and requirements engineering. These changes are related to a new paradigm in which the IT resources used by software systems will directly impact the software price at all. This should also generate changes in how we deal with software optimization improvement. There is a large research field to be explored and this thesis contributes to point ou some directions. / Cloud Computing é um novo paradigma que está mudando a forma com que consumimos os recursos de TI. Uma das grandes mudanças está relacionada ao modelo de cobrança pay-asyou- go, em que se paga conforme o volume de recursos efetivamente consumidos. Há vários tipos de serviço oferecidos no ambiente cloud e a opção mais natural para os desenvolvedores de software são as Plataformas como Serviço (PaaS). Apesar de o tema cloud computing estar em evidência, há pouco ou nenhum estudo abordando o impacto deste modelo no desenvolvimento de software. O objetivo deste trabalho é contribuir para preencher esta lacuna e servir de base para que estudos mais detalhados sejam desenvolvidos. Para isto foi feita uma análise dos principais aspectos do desenvolvimento de software que serão afetados pelas plataformas pay-as-you-go de computação em nuvem, apontando itens específicos que sofrerão mudanças e evidenciando algumas destas mudanças através de um estudo de caso. Foram constatadas mudanças significativas em áreas relacionadas a precificação de software, benchmarks de desempenho, estimativas de desenvolvimento e engenharia de requisitos, sendo que esta última foi a que ficou mais evidente a partir do estudo de caso. Estas mudanças estão relacionadas a uma nova realidade em que o consumo racional dos recursos de TI tem impacto direto no preço do software, o que também deve gerar mudanças na forma como é tratada a otimização de código. O campo para novos estudos é vasto e este trabalho contribui para apontar alguns dos caminhos a seguir.

Computação em nuvem

Precificação de software

Plataformas cloud

Pay-asyou-go

Cloud computing

Software pricing

Cloud platform

Code improvement

Automation of The SLA Life Cycle in Cloud Computing

Ghumman, Waheed Aslam

09 October 2017

Cloud computing has become a prominent paradigm to offer on-demand services for softwares, infrastructures and platforms. Cloud services are contracted by a service level agreement (SLA) between a cloud service provider (CSP) and a cloud service user (CSU) which contains service definitions, quality of service (QoS) parameters, guarantees and obligations. Cloud service providers mostly offer SLAs in descriptive format which is not directly consumable by a machine or a system. The SLA written in natural language may impede the utility of rapid elasticity in a cloud service. Manual management of SLAs with growing usage of cloud services can be a challenging, erroneous and tedious task especially for the CSUs acquiring multiple cloud services. The necessity of automating the complete SLA life cycle (which includes SLA description in machine readable format, negotiation, monitoring and management) becomes imminent due to complex requirements for the precise measurement of QoS parameters. Current approaches toward automating the complete SLA life cycle, lack in standardization, completeness and applicability to cloud services. Automation of different phases of the SLA life cycle (e.g. negotiation, monitoring and management) is dependent on the availability of a machine readable SLA. In this work, a structural specification for the SLAs in cloud computing (S3LACC in short) is presented which is designed specifically for cloud services, covers complete SLA life cycle and conforms with the available standards. A time efficient SLA negotiation technique is accomplished (based on the S3LACC) for concurrently negotiating with multiple CSPs. After successful negotiation process, next leading task in the SLA life cycle is to monitor the cloud services for ensuring the quality of service according to the agreed SLA. A distributed monitoring approach for the cloud SLAs is presented, in this work, which is suitable for services being used at single or multiple locations. The proposed approach reduces the number of communications of SLA violations to a monitoring coordinator by eliminating the unnecessary communications. The presented work on the complete SLA life cycle automation is evaluated and validated with the help of use cases, experiments and simulations.

Service level agreements

Cloud computing

SLA negotiation

SLA monitoring

Cloud-Service

Service level agreements

Cloud computing

SLA monitoring

ddc:004

rvk:ST 257

Riziká využívania cloudových technológií v podnikovom prostredí / Risks of cloud computing use in industrial enviroment

Hrnčárová, Iveta

January 2014

This thesis is focused on cloud technologies and their ever increasing implementation into corporate sector throughout industry branches, starting from cloud technology risks that are named and defined. This part is followed by business branches specification itself, their challenges, possibilities of solutions and risks that companies will probably encounter. Each chapter contains a summary of findings and proposal for acceptable solution.

Automation of The SLA Life Cycle in Cloud Computing

Ghumman, Waheed Aslam

30 January 2017

Cloud computing has become a prominent paradigm to offer on-demand services for softwares, infrastructures and platforms. Cloud services are contracted by a service level agreement (SLA) between a cloud service provider (CSP) and a cloud service user (CSU) which contains service definitions, quality of service (QoS) parameters, guarantees and obligations. Cloud service providers mostly offer SLAs in descriptive format which is not directly consumable by a machine or a system. The SLA written in natural language may impede the utility of rapid elasticity in a cloud service. Manual management of SLAs with growing usage of cloud services can be a challenging, erroneous and tedious task especially for the CSUs acquiring multiple cloud services. The necessity of automating the complete SLA life cycle (which includes SLA description in machine readable format, negotiation, monitoring and management) becomes imminent due to complex requirements for the precise measurement of QoS parameters. Current approaches toward automating the complete SLA life cycle, lack in standardization, completeness and applicability to cloud services. Automation of different phases of the SLA life cycle (e.g. negotiation, monitoring and management) is dependent on the availability of a machine readable SLA. In this work, a structural specification for the SLAs in cloud computing (S3LACC in short) is presented which is designed specifically for cloud services, covers complete SLA life cycle and conforms with the available standards. A time efficient SLA negotiation technique is accomplished (based on the S3LACC) for concurrently negotiating with multiple CSPs. After successful negotiation process, next leading task in the SLA life cycle is to monitor the cloud services for ensuring the quality of service according to the agreed SLA. A distributed monitoring approach for the cloud SLAs is presented, in this work, which is suitable for services being used at single or multiple locations. The proposed approach reduces the number of communications of SLA violations to a monitoring coordinator by eliminating the unnecessary communications. The presented work on the complete SLA life cycle automation is evaluated and validated with the help of use cases, experiments and simulations.

info:eu-repo/classification/ddc/004

ddc:004

Sicheres Cloud Computing in der Praxis: Identifikation relevanter Kriterien zur Evaluierung der Praxistauglichkeit von Technologieansätzen im Cloud Computing Umfeld mit dem Fokus auf Datenschutz und Datensicherheit

Reinhold, Paul

02 February 2017

In dieser Dissertation werden verschiedene Anforderungen an sicheres Cloud Computing untersucht. Insbesondere geht es dabei um die Analyse bestehender Forschungs- und Lösungsansätze zum Schutz von Daten und Prozessen in Cloud-Umgebungen und um die Bewertung ihrer Praxistauglichkeit. Die Basis für die Vergleichbarkeit stellen spezifizierte Kriterien dar, nach denen die untersuchten Technologien bewertet werden. Hauptziel dieser Arbeit ist zu zeigen, auf welche Weise technische Forschungsansätze verglichen werden können, um auf dieser Grundlage eine Bewertung ihrer Eignung in der Praxis zu ermöglichen. Hierzu werden zunächst relevante Teilbereiche der Cloud Computing Sicherheit aufgezeigt, deren Lösungsstrategien im Kontext der Arbeit diskutiert und State-of-the-Art Methoden evaluiert. Die Aussage zur Praxistauglichkeit ergibt sich dabei aus dem Verhältnis des potenziellen Nutzens zu den damit verbundene erwartenden Kosten. Der potenzielle Nutzen ist dabei als Zusammenführung der gebotenen Leistungsfähigkeit, Sicherheit und Funktionalität der untersuchten Technologie definiert. Zur objektiven Bewertung setzten sich diese drei Größen aus spezifizierten Kriterien zusammen, deren Informationen direkt aus den untersuchten Forschungsarbeiten stammen. Die zu erwartenden Kosten ergeben sich aus Kostenschlüsseln für Technologie, Betrieb und Entwicklung. In dieser Arbeit sollen die zugleich spezifizierten Evaluierungskriterien sowie die Konstellation der obig eingeführten Begriffe ausführlich erläutert und bewertet werden. Für die bessere Abschätzung der Eignung in der Praxis wird in der Arbeit eine angepasste SWOT-Analyse für die identifizierten relevanten Teilbereiche durchgeführt. Neben der Definition der Praktikabilitätsaussage, stellt dies die zweite Innovation dieser Arbeit dar. Das konkrete Ziel dieser Analyse ist es, die Vergleichbarkeit zwischen den Teilbereichen zu erhöhen und so die Strategieplanung zur Entwicklung sicherer Cloud Computing Lösungen zu verbessern.

info:eu-repo/classification/ddc/000

ddc:000

Cloud Computing; Bewertung

Reaching High Availability in Connected Car Backend Applications

Yadav, Arpit

23 May 2017

The connected car segment has high demands on the exchange of data between the car on the road, and a variety of services in the backend. By the end of 2020, connected services will be mainstream automotive offerings, according to Telefónica - Connected Car Industry Report 2014 the overall number of vehicles with built-in internet connectivity will increase from 10% of the overall market today to 90% by the end of the decade [1]. Connected car solutions will soon become one of the major business drivers for the industry; they already have a significant impact on existing solutions development and aftersales market. It has been more than three decades since the introduction of the first software component in cars, and since then a vast amount of different services has been introduced, creating an ecosystem of complex applications, architectures, and platforms. The complexity of the connected car ecosystem results into a range of new challenges. The backend applications must be scalable and flexible enough to accommodate loads created by the random user and device behavior. To deliver superior uptime, back-end systems must be highly integrated and automated to guarantee lowest possible failure rate, high availability, and fastest time-to-market. Connected car services increasingly rely on cloud-based service delivery models for improving user experiences and enhancing features for millions of vehicles and their users on a daily basis. Nowadays, the software applications become more complex, and the number of components that are involved and interact with each other is extremely large. In such systems, if a fault occurs, it can easily propagate and can affect other components resulting in a complex problem which is difficult to detect and debugg, therefore a robust and resilient architecture is needed which ensures the continuous availability of system in the wake of component failures, making the overall system highly available. The goal of the thesis is to gain insight into the development of highly available applications and to explore the area of fault tolerance. This thesis outlines different design patterns and describes the capabilities of fault tolerance libraries for Java platform, and design the most appropriate solution for developing a highly available application and evaluate the behavior with stress and load testing using Chaos Monkey methodologies.

info:eu-repo/classification/ddc/004

ddc:004

Informatik; Cloud Computing

The Standardization Vs. Customization Debate Continues for PCI DSS Compliant Products

IMERI, DODONA

January 2015

When it comes to cloud services, security has many a times been the hot topic. This has been especially relevant within the payment card industry and the secure handling of payment card data. The Payment Card Industry Security Standards Council (the council) was formed in order to ensure a global enhancement of payment card data. The council has issued requirements that all companies that handle payment card data are obliged to follow. However, the council has become much more strict as of recently, creating an urgency to become compliant. Thus, cloud service providers (CSP) have constructed standardized, PCI DSS compliant products so as to relief such customers. Since this emerging market is somewhat new, this thesis has researched how CSPs should relate to products within that market and the potential customer base. The case study for this research was conducted at Tieto, an IT service company, and its standardized, PCI DSS compliant product TiCC. The study collected empirical data in the form of qualitative interviews as well as quantitative telephone interviews with companies within the payment card industry. The study came to the conclusion that there is a demand that is not being met within the payment card industry related to products that aid organizations to become PCI DSS compliant. Standardized products have been constructed so as to fit financial customers while overlooking the demand of another large customer base, retail. Additionally, the products are being tweaked and features are being added, thus providing customization. CSPs are striving for both standardization as well as customization, something that has been considered counterproductive. The existing demand is thus not met with the current supply in the market, which has both multiple competitors and heterogeneity in market demand. The above mentioned thus leaves room for market seizure, to create own rules and thus making all competitors irrelevant. A potential way of doing that is through mass customization by standardizing higher levels of cloud computing.

Customization

Cloud Service Provider

cloud layers

cloud services

mass customization

PCI DSS compliant

Standardization

retail

the payment card industry

Economics and Business

Ekonomi och näringsliv

GHG impact of cloud IT solutions from Scania's commercial autonomous vehicles in use phase: Assessment, challenges, and possible recommendations to reduce GHG impact

Huifen, Cong

January 2022

Sustainability study in the ever-growing Information technology (IT) sector is an emerging interdisciplinary research field. As one essential element in this sector, the development and implementation of cloud-based autonomous vehicles have the great potential to bring convenience to society and are defined as the climate change mitigation strategy. For instance, autonomous vehicles are able to fully utilize the eco-driving systems to reduce carbon emissions and reach high energy efficiency. Previous studies have shown that cloud IT service, one of the critical technologies for autonomous vehicles, is likely to yield novelties and advantages to the IT industry and reduce the greenhouse gas (GHG) emissions from other sectors. However, cloud services and their data center infrastructures consume plenty of electricity globally and cause GHG emission impacts. Robust methodologies to assess the environmental impacts related to cloud IT solutions are still lacking in academia and industry. In sum, there are knowledge gaps between empirical studies and general interest in software- supported and data-driven autonomous vehicles and their cloud service.  The purpose of this study is to investigate the possibilities and challenges connected to the assessment of the GHG impact related to cloud IT solutions in an autonomous vehicle set up. This study also aims to explore possible recommendations to reduce the GHG emission of cloud IT services. A qualitative in-depth case study is performed. The primary data is collected by semi-structured interview method, while the secondary data is collected by the scoping literature review method. The interviews are conducted with employees with different roles related to cloud services and/or sustainability at the case company.  The findings show the lack of transparent methodologies and calculation guidelines to assess cloud GHG emissions, both in the research community and industry. It shows the great opportunity and market demand for sound assessment methodologies and tools. Besides, six challenges to assessing cloud GHG emissions on the autonomous vehicle set up are identified: i) assessing system boundaries, ii) data quality and collection methods, iii) measurement methodologies, iv) calculation process, v) validation process, and vi) some other challenges. Additionally, five possible recommendations are developed to reduce the cloud GHG emissions: i) cloud GHG emission visualization and measurement tool, ii) better promotional schemes for user’s awareness and engagement, iii) investigations on both top-down and bottom-up approaches, iv) optimization through usage demand shaping, and v) optimization of the infrastructure services.

Sustainable Development

Green IT

cloud service solution

cloud GHG emissions

cloud GHG assessment

Sustainable Software Development

Earth and Related Environmental Sciences

Geovetenskap och miljövetenskap

Securing Cloud Storage Service

Zapolskas, Vytautas

January 2012

Cloud computing brought flexibility, scalability, and capital cost savings to the IT industry. As more companies turn to cloud solutions, securing cloud based services becomes increasingly important, because for many organizations, the final barrier to adopting cloud computing is whether it is sufficiently secure. More users rely on cloud storage as it is mainly because cloud storage is available to be used by multiple devices (e.g. smart phones, tablets, notebooks, etc.) at the same time. These services often offer adequate protection to user's private data. However, there were cases where user's private data was accessible to other users, since this data is stored in a multi-tenant environment. These incidents reduce the trust of cloud storage service providers, hence there is a need to securely migrate data from one cloud storage provider to another. This thesis proposes a design of a service for providing Security as a Service for cloud brokers in a federated cloud. This scheme allows customers to securely migrate from one provider to another. To enable the design of this scheme, possible security and privacy risks of a cloud storage service were analysed and identified. Moreover, in order to successfully protect private data, data protection requirements (for data retention, sanitization, and processing) were analysed. The proposed service scheme utilizes various encryption techniques and also includes identity and key management mechanisms, such as "federated identity management". While our proposed design meets most of the defined security and privacy requirements, it is still unknown how to properly handle data sanitization, to meet data protection requirements, and provide users data recovery capabilities (backups, versioning, etc.). / Cloud computing erbjuder flexibilitet, skalbarhet, och kapital kostnadsbesparingar till IT-industrin. Eftersom fler företag vänder sig till moln lösningar, trygga molntjänster blir allt viktigare, eftersom det för många organisationer, det slutliga hindret att anta cloud computing är om det är tillräckligt säkert. Fler användare förlita sig påmoln lagring som det är främst pågrund moln lagring är tillgängligt att användas av flera enheter (t.ex. smarta telefoner, tabletter, bärbara datorer, etc.) påsamtidigt. Dessa tjänster erbjuder ofta tillräckligt skydd för användarens privata data. Men det fanns fall där användarens privata uppgifter var tillgängliga för andra användare, eftersom denna data lagras i en flera hyresgäster miljö. Dessa händelser minskar förtroende molnleverantörer lagring tjänsteleverantörer, därför finns det ett behov av att säkert migrera data från en moln lagring till en annan. Denna avhandling föreslår en utformning av en tjänst för att erbjuda säkerhet som tjänst för molnmäklare i en federativ moln. Detta system gör det möjligt för kunderna att säkert flytta från en leverantör till en annan. För att möjliggöra utformningen av detta system, möjliga säkerhet och risker integritet av ett moln lagring tjänst har analyserats och identifierats. Dessutom att man framgångsrikt skydda privata uppgifter, dataskydd krav (för data retention, sanering och bearbetning) analyserades. Den föreslagna tjänsten systemet utnyttjar olika krypteringsteknik och även inkluderar identitet och nyckelhantering mekanismer, såsom "federerad identitetshantering". Även om vår föreslagna utformningen uppfyller de flesta av den definierade säkerhet och integritet krav, är det fortfarande okänt hur korrekt hantera data sanering, för att uppfyller kraven för dataskydd och ge användarna data recovery kapacitet (säkerhetskopior, versionshantering osv.)

Cloud

storage

security

privacy

zero knowledge

Security as a Service

federation

broker

Cloud Service Provider (CSP)

federated cloud

federated identity management

OAuth

OpenID

CDMI

interoperability

Communication Systems

Kommunikationssystem

Semantic based cloud broker architecture optimizing users satisfaction / Une architecture de cloud broker basée sur la sémantique pour l'optimisation de la satisfaction des utilisateurs

Fakhfakh, Inès

07 May 2015

Le Cloud Computing est un nouveau modèle économique hébergeant les applications de la technologie de l’information. Le passage au Cloud devient un enjeu important des entreprises pour des raisons économiques. La nature dynamique et la complexité croissante des architectures de Cloud impliquent plusieurs défis de gestion. Dans ce travail, nous nous intéressons à la gestion des contrats SLA. Vu le manque de standardisation, chaque fournisseur de service décrit les contrats SLA avec son propre langage, ce qui laisse l'utilisateur perplexe concernant le choix de son fournisseur de services. Dans ce travail, nous proposons une architecture de Cloud Broker permettant d’établir et de négocier les contrats SLA entre les fournisseurs et les consommateurs du Cloud. L’objectif de cette architecture est d’aider l’utilisateur à trouver le meilleur fournisseur en utilisant une méthode multi-critère. Cette méthode considère chaque critère comme une fonction d’utilité à intégrer dans une super-fonction d’utilité. Nous proposons d’illustrer chaque fonction d’utilité par une courbe spécifique à lui représentant bien le critère de choix. Nous essayons de cerner la plupart des critères qui contribuent dans le choix du meilleurs service et de les classer en critères fonctionnels et critères non fonctionnels. Les contrats SLA établit par notre broker sont formalisés sous forme d’ontologies qui permettent de masquer l'hétérogénéité et d’assurer l'interopérabilité entre les acteurs du Cloud. En outre, l’utilisation des règles d'inférence nous a permis de détecter les violations dans le contrat SLA établit et de garantir ainsi le respect de la satisfaction client dans le temps / Cloud Computing is a dynamic new technology that has huge potentials in enterprises and markets. The dynamicity and the increasing complexity of Cloud architectures involve several management challenges. In this work, we are interested in Service Level Agreement (SLA) management. Actually, there is no standard to express Cloud SLA, so, providers describe their SLAs in different manner and different languages, which leaves the user puzzled about the choice of its Cloud provider. To overcome these problems, we introduce a Cloud Broker Architecture managing the SLA between providers and consumers. It aims to assist users in establishing and negotiating SLA contracts and to help them in finding the best provider that satisfies their service level expectations. Our broker SLA contracts are formalized as OWL ontologies as they allow hiding the heterogeneity in the distributed Cloud environment and enabling interoperability between Cloud actors. Besides, by combining our ontology with our proposed inference rules, we contribute to detect violations in the SLA contract assuring thereby the sustainability of the user satisfaction. Based on the requirements specified in the SLA contract, our Cloud Broker assists users in selecting the right provider using a multi attribute utility theory method. This method is based on utility functions representing the user satisfaction degree. To obtain accurate results, we have modelled both functional and non functional attributes utilities. We have used personalized utilities for each criterion under negotiation so that our cloud broker satisfies the best consumer requirements from functional and non functional point of view

Informatique dans les nuages

Cloud broker

SLA

Sémantique

Ontologie

Méthode multi-critère

Utilité

OCCI

Cloud computing

Cloud broker

SLA

Semantics

Ontology

Multi attribute method

Utility

OCCI