ICT Cloud Computing, Internet of Services & Advanced Software Engineering, FP7-ICT

Size: px
Start display at page:

Download "ICT-2011.1.2 Cloud Computing, Internet of Services & Advanced Software Engineering, FP7-ICT-2011-8"

Transcription

1 ICT Cloud Computing, Internet of Services & Advanced Software Engineering, FP7-ICT Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets Deliverable OPENi Cloudlet Platform Design Document Workpackage: Authors: Status: WP3 Design Dónal McCarthy (WIT), Eric Robson (WIT), Michael O'Brien (WIT), Stepan Ivanov (WIT), David Benson (WIT), Dylan Conway (WIT), Robert Kleinfeld (FOKUS), Lukasz Radziwonowicz (FOKUS), Johannes Hange (FOKUS) Final Date: 20/09/2013 Version: 1.0 Classification: Public Disclaimer: The OPENi project is co-funded by the European Commission under the 7 th Framework Programme. This document reflects only authors views. EC is not liable for any use that may be done of the information contained therein.

2 OPENi Project Profile Contract No.: Acronym: Title: URL: FP7-ICT OPENi Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets Start Date: 01/10/2012 Duration: 30 months Partners Waterford Institute of Technology Coordinator National Technical University of Athens (NTUA), Decision Support Systems Laboratory, DSSLab Ireland Greece Fraunhofer-Gesellschaft Zur Foerderung Der Angewandten Forschung E.V Germany INFORMATICA GESFOR SA (CGI) Spain AMBIESENSE LTD UK VELTI SA Greece BETAPOND LIMITED Ireland Document History 2

3 Version Date Author (Partner) Remarks John McGovern (WIT) /07/13 Dónal McCarthy (WIT) /07/2013 Dónal McCarthy (WIT) /07/2013 Dónal McCarthy (WIT) Initial Document Structure. Updated Document Structure. Added FOKUS alterations. Added market analysis sections and updated preface /08/ /08/ /08/ /09/2013 Dónal McCarthy (WIT), Michael O'Brien (WIT), Stepan Ivanov (WIT), David Benson (WIT), Dylan Conway (WIT), Robert Kleinfeld (FOKUS), Lukasz Radziwonowicz (FOKUS), Johannes Hange (FOKUS) Dónal McCarthy (WIT), Stepan Ivanov (WIT), David Benson (WIT), Dylan Conway (WIT), Robert Kleinfeld (FOKUS), Lukasz Radziwonowicz (FOKUS), Johannes Hange (FOKUS) Dónal McCarthy (WIT), Johannes Hange (FOKUS), Dylan Conway(WIT) Dónal McCarthy (WIT), Johannes Hange (FOKUS), Dylan Conway(WIT), David Benson (WIT), Stepan Ivanov (WIT), Robert Kleinfeld (FOKUS), Lukasz Radziwonowicz (FOKUS) First draft to be circulated to all partners. Second draft. Third draft. Final draft. 3

4 Executive Summary As a research project OPENi s primary objective is to produce an innovative solution that integrates personal data storage and cloud-based services. To reach this goal we will develop a solution composed of two distinct, independent, but interrelated components 1) an API Platform to enhance access to cloud based services and 2) a Cloudlet platform to store users data. Applications can access cloudlet data independent of the API platform, likewise applications can utilise the API platform without accessing Cloudlets. There are many services available that offer personal data storage similar to OPENi s Cloudlet. We profile and analyse a number of these services to ascertain the De facto industry standards with regard to data privacy, data control, and interoperability with 3 rd party apps and services. Cognisant of existing solutions in OPENi we allow users store any type of data in any schema (or object type). This dynamic data approach makes the Platform more appealing to 3 rd party developers; however it complicates matters with regard to the key OPENi goal of seamless interoperability between applications. To address this complication the OPENi Cloudlet Platform will apply a schema to the data retrospectively through the use of folksonomies with usage metrics dictating the global schemata in the OPENi registry. The primary goal of OPENi is to give the user maximum control of their data. We address this through a number of technical solutions and privacy policies by: implementing non-intrusive logging, allowing users purge their data, enabling users realise the monetary value of their data, enabling them port their data to other platforms, and giving them control over 3 rd party access to their data through the use of intuitive GUIs. We aim to give insight into OPENi s research agenda by formulating a number of research questions which we will answer over the lifetime of the project. The questions cover a number of thematic areas such as: mobile application interoperability, meta-processing and data discovery, data monetisation, personal identity, and minimal exposure. Building on the research question and usecases we identified the components required to create an OPENi compliant cloudlet platform. The list of requirements can be split into two sections, one to deal with the management of the overall platform (monitoring, data aggregation, platform administration, provider GUI, and communications) and the other deals with the individual cloudlets (data access, management, authentication notification, and Cloudlet GUIs). The Cloudlet Platform will be implemented in the form of a distributed application. Distributed applications are composed of a number of software components called workers distributed across a number of hardware nodes; workers communicate with each other by passing messages. In OPENi we will create workers for each platform component. Each worker will have its own internal REST API (and some will have external REST APIs) and will communicate with other workers via a messaging framework. The software stack to implement the Cloudlet Platform includes: ZeroMQ as the distributed application enabling messaging library, node.js as the preferred programming language, CouchDB as the datastore, Mongrel2 as the webserver, nginx as the load balancer, and OpenStack as the cloud platform. 4

5 The platform will be developed using some agile software techniques including: SCRUM an iterative software development process, and test driven development. 5

6 Table of Contents 1 Preface OPENi High Level Architecture Overview Introduction API platform Cloudlet platform Mobile Client Library Platform Interoperability Service Enablers Introduction Purpose and Objectives Methodological Approach Document Structure Personal Data Storage Market Analysis Personal Data Storage Solutions CAYOVA FreedomBox Gigya Personal Mydex OwnCloud Pidder Privowny Qiy OPENi s Position OPENi s Personal Data Storage Research Research Questions Relevant Requirements and Use Cases Cloudlet Platform Components APIs Data Storage Platform Management Monitoring Data Aggregation Platform Administration

7 5.3.4 Provider GUI Communications Cloudlet Management Data access Management Authentication, Authorisation, and Accounting Notification Cloudlet GUIs Component Interaction Research to Component Mapping Use Case to Component Mapping Data model Inheritance Interfaces Multiple types Duck typing Shadowing OPENi Types Objects Registry Architecture Software Stack Languages Messaging Framework DataStore CouchDB Web Server Load Balancer Cloud Platform OpenStack Orchestration Chef Ganglia Nagios Mobile Client

8 7.2.1 Native vs. Web Mobile Development Mobile Client Libraries jquery Mobile Titanium Mobile Xui Cloudlet Platform Cloudlet API Authentication and Authorization API Data API Type API Auditing API Notification API User Management API Platform Management API Workflows Application Subscription Alter or read cloudlet data Application creation User alter Cloudlet data automated rd party access data (aggregator) Techniques SCRUM Test Driven Development Conclusions Acronyms References Appendix I Appendix II: Data Storage Relational Vs. NoSQL NoSQL Datastores Accumulo Cassandra CouchDB HBase MongoDB

9 RiakCS Conclusion Appendix III: Cloud Framework Infrastructure as a Service (IaaS) CloudSpaces Eucalyptus mosaic Nimbus OpenNebula OpenStack Platform as a Service (PaaS) Cloud Foundry DotCloud Heroku OpenShift Stackato Conclusion

10 List of Figures Figure 1 Dual Platform Architecture Figure 2 OPENi API Platform Figure 3: The OPENi Cloudlet Platform Figure 4: Cloudlet Platform Variations Figure 5: Interactions between platforms hosted by different providers Figure 6: Personal data storage services similar to OPENi s Figure 7 The Cloudlet Platform components and external entities Figure 8 A visualization of the OPENi s components interconnection Figure 9 A single inheritance model with the ability to extend types Figure 10 A single and multi-inheritance model Figure 11 Structural relations between types Figure 12 JSON-LD used for duck typing Figure 13 A depiction of scopes Figure 14 Cloudlet and registry interaction Figure 15 Cloudlet and registry interaction Figure 16 Cloudlet Platform components and the ZeroMQ topology Figure 17 Subscribing to Third Party Application Figure 18 Read/Update Cloudlet Data Figure 19 Registering Third Party Applications Figure 20 Automatic Cloudlet Data Update Figure 21 Third Party Data Access Figure 22 CAP theorem with real world examples Figure 23 Separation of Responsibilities [45] List of Tables Table 1 Summary of Data Storage Technologies

11 1 Preface OPENi High Level Architecture Overview 1.1 Introduction OPENi will be composed of two distinct, independent, but interrelated components 1) an API Platform to enhance access to cloud based services and 2) a Cloudlet platform to store users data. Applications can access cloudlet data independent of the API platform, likewise applications can utilise the API platform without accessing Cloudlets. This section presents a high level view of each platform's architecture and details how together they create a powerful combined platform. Figure 1 Dual Platform Architecture 1.2 API platform The OPENi API platform will incorporate an open framework that will be capable of interoperating with a variety of cloud-based services, abstracting the integration challenges to a single open standard without losing any service features. It will be a single platform that will inherently promote innovation by offering application developers an advanced framework that enables them to design and build complex applications involving the combinations of independent cloud-based services. Figure 2 depicts the OPENi API platform, the details of which are discussed in Deliverable D

12 Figure 2 OPENi API Platform 1.3 Cloudlet platform The OPENi cloudlet platform will provide application consumers with a single location to store and control their personal data. The cloudlet will empower application consumers to remain in control of their data. The control mechanisms will be inherently secure and trustworthy. As an open technology, validated by the open source community, consumers will be assured their data is not being used without their consent. The OPENi Cloudlet Platform Standard defines a number of key components that make up the Cloudlet Platform. These components are shown in Figure 3 with further details available in deliverable. 12

13 Figure 3: The OPENi Cloudlet Platform The architecture for the cloudlet is defined using a design-by-contract methodology, it acts as a contract defining features like authentication, authorisation, etc. that the platform must provide. As depicted in figure 4 the cloudlet platform can be realised using many different technological approaches. Leading from the diverse nature of the requirements specified in deliverable D2.5 we investigated and broadly specified four potential platforms that could fulfil this platform contract. It is envisaged that one of these platforms will be implemented in proceeding work-packages, however through the open-source nature of this project other platforms could be accommodated. The focus of the OPENi development will concentrate on a multi-tenancy platform with a single large datastore, see figure 4B multi-tenancy platform. Figure 4: Cloudlet Platform Variations 13

14 1.4 Mobile Client Library To provide convenient access to the OPENi APIs and cloudlet storage we will provide a mobile client library. This library will abstract and simplify access to the OPENi services across multiple mobile platforms and will take the form of a lightweight developer SDK. This library will be designed to promote rapid application development and easy developer on-boarding. 1.5 Platform Interoperability The combination of the open API and cloudlet concept creates a platform of user data and service connectivity making OPENi both powerful and beneficial for consumers, application developers and service providers. The vision for OPENi is to provide a platform that could be deployed and operated by many different application hosting or service providers looking to add value to their proposition. These OPENi hosting providers will take advantage of various facets of the OPENi platform in ways that best suit their business model. To accommodate this we have structured OPENi as two discrete services. From the normal consumers perspective we envisage that they will be largely unaware of the OPENi platform, with only the technology and data aware consumers cognisant of cloudlet platform technologies. To that effect we predict that consumers could have many applications provided by many OPENihosting-providers. In practice we are planning for consumers to have a single cloudlet that can be connected to multiple API platforms. Figure 5 shows how the platforms interact with each other and mobile apps deployed by another provider. More details of this can be found in this deliverable (). Figure 5: Interactions between platforms hosted by different providers. 14

15 This separation of concerns between the platforms is further emphasised in terms of their data models, with the API Platform presenting the Graph API's conceptual meta-model and the Cloudlet Platform's data schemas exposed through the standalone Registry. Application developers utilise this Registry; a component that servers both Platforms; to design the logical schemas that will model their applications' data. The registry 1) collates existing schemas and 2) allows developers discover new schemas for use in OPENi compliant mobile applications. The API Builder provides a mechanism for developers to access the registry to build enhanced features from existing schemas and models. The API platform presents its community managed Graph API meta-model to application developers to simplify the integration of Cloud Based Services and Cloudlet data; over time popular developer defined schemas may be incorporated into the Graph API's meta-model by the OPENi community. The Cloudlet Platform is responsible for storing the physical schemas. An application's physical schema consists of data objects composed of multiple data types. Schemas are dynamically augmented as developers extend objects with new data elements. The platforms are independent; the Cloudlet Platform can serve mobile applications that do not utilise the Graph API or any other part of the API Platform; likewise the API Platform's integration with Cloud Based Services and Graph API can function just as well with another data storage mechanism. However, as the Graph API's schema will be the most widely used on the Cloudlet Platform, its metamodel will form the core of the Cloudlets folksonomy driven data model. 1.6 Service Enablers An OPENi service enabler is an agent running on the OPENi Platform that allows (by providing it with adequate power, means, opportunity, or authority to function) a group of services be developed that otherwise could not. It has access to aggregated data from multiple Cloudlets, performs on-platform data processing, has access to its own datastore, and exposes its functionality through its own API. In essence, a Service Enabler simplifies the development of services saving mobile application developers time and money. 15

16 2 Introduction 2.1 Purpose and Objectives Deliverable 3.2 will specify the OPENi cloudlet platform that will be utilised by users to create and deploy their cloudlets but also by developers to enable their applications to access stored user data. It outlines necessary components for secure storage of cloudlet data, regulating the operation of the entire cloud platform, and enabling user interaction (create, deploy, update, delete) and application communication. Additionally all readily available components and technologies will be identified for integration with the Cloudlet Platform. 2.2 Methodological Approach With the main objective to define and specify the OPENi cloudlet platform, the work carried out for the present report is based on the WP2 results and particularly bears the following steps: Baseline Analysis Identifying the existing state of art through market analysis of OPENi competitors. Evaluating suitable candidates from relevant technologies for the cloudlet platform in the context of its defined components. Elaborating on research questions. Preparatory Analysis Ascertaining the essential concerns required to fulfill user requirements. Discussing the implementation of the platform and exploring all choices. Identifying actors, components and use cases. Recognising key developments methods facilitating quality of components. Iterative Specifications Classifying the communication and connections between components. Defining the data storage mechanisms. Defining the cloudlet management tools. Specifying a suitable data model for persistence. Implementation Directions Charting the architecture of the OPENi cloudlet platform. Recommending the most appropriate technologies as a foundation for the cloudlet components. Defining potential API endpoints for interacting with cloudlet platform. Conclusions & Key Take-Aways Analysing the characteristics and features of the specified cloudlet platform. 16

17 2.3 Document Structure The report starts with an overview of the high level architecture of the OPENi concept. It introduces the main components: API Platform, Cloudlet Platform, and Mobile Client and outlines their relationships. This overview; which is repeated in deliverable 3.1 and 3.3; contextualises the subsequent sections which describe the Cloudlet Platform in detail. Section 3 includes an analysis of existing personal data storage services and research initiatives. It also outlines how OPENi will be positioned amongst its peers. Section 4 reiterates our research position and identifies the use cases driving our research. Section 5 describes the components that compose a Cloudlet Platform. The descriptions are kept generic so that they can fit a multitude of architectures. Section 6 details the OPENi data model. Section 7 compares technologies that can be utilised to realise an OPENi Platform. Section 8 and 9 communicate the cloudlet API and use case workflows respectively. Section 10 provides an illustration of the development techniques to be employed. 17

18 3 Personal Data Storage Market Analysis There are many services available that offer personal data storage similar to OPENi s Cloudlet. In this section we profile and analyse a number of these services to ascertain the De facto industry standards with regard to data privacy, data control, and interoperability with 3 rd party apps and services. We also gauge their accessibility and ease of use. The services that we analyse include: CAYOVA, FredomBox, Gigya, Personal, Mydex, OwnCloud, Pidder, Privowny, and Qiy. Later we outline OPENi s position with regard to each of these standards. Additionally we outline OPENi s key innovations and discuss its key points of differentiation. 3.1 Personal Data Storage Solutions The following are high level descriptions and analyses of Personal Data Storage solutions in general terms. Security and privacy are mentioned, however for a more in depth security analysis please see section 5.1 in D CAYOVA Cayova [1], which stands for Capture Your Value, is an emerging social networking site. The site (beta) initially went live in April Cayova was established in Britain and is a commercial entity. Their stated main goal is to provide a new social platform that empowers its users in the context of data privacy and control. The ideology of Cayova is that our personal information is a valuable commodity that we should have full ownership and control over. Cayova is a centralised solution and their infrastructure is out sourced to Amazon's Web Services (AWS) [2]. Cayova's stated business model generates revenue through targeted advertising that user's must opt into. Cayova also commit to providing a financial incentive for their users to opt in. According to Cayova's terms of use, the company gives a user half of any payments it receives for ads "targeted at you or for access to your content and data," minus sales taxes and transaction costs, such as bank fees. Users then have the option of donating that money to charity, receiving a cheque or deducting that amount from their mobile phone bill. Users receive a bonus value for inviting a new user to join. Cayova dispenses a browser plug-in that allows users see what companies are tracking them, through cookies and other technology, as they browse the web. When logged into their system through the plug-in it will block third party cookies from tracking users. Lastly the Cayova box gathers information about users as they browse. Users can then opt-in to sharing this with third parties. A native ios app is provided allowing users to interact with the system in the same manner as they would the web interface. Users can opt out of any of the above services at any point. Cayova commits to permanently removing deleted accounts from their system. Cayova stores Users data in an unencrypted format where sys-admins have full access to this data and users do not have complete control over how this data is shared. The information stored by Cayova is limited to browsing data which can then be shared with select 3 rd parties. 18

19 3.1.2 FreedomBox FreedomBox [3] is a fully distributed software suite for privacy and control in the home which enables free communication among its users. The solution involves a peer-to-peer mesh networking of commodity boxes. By exploiting a distributed model over a centralised approach, users are given greater control and freedom when using the Internet. FreedomBox is a Debian platform that is completely open source and free to use, modify, and redistribute. FreedomBox promises: and telecommunications that protects privacy and resists eavesdropping. A publishing platform that resists oppression and censorship. An organizing tool for democratic activists in hostile regimes. An emergency communication network in times of crisis. That anyone regardless of technical skill can use this solution. The creators of FreedomBox recommend loading the platform onto a low power plug based computer. The software has been made available for Raspbian, the optimised Raspberry Pi operating system. FreedomBox attempts to achieve its goal of private secure communications through the FreedomBuddy software. FreedomBuddy works by forwarding communications over an anonymising worldwide network, with direct secure connections set up for transmission of large files/data. Also included is a custom version of the Privoxy software. This is a web proxy that strips web pages of ads and ensures secure connections. Its main components are AdBlock, EasyPrivacy and the HTTPS Everywhere plug-in. Finally the other software packages are focused on making FreedomBox easy to use with Plinth (a web interface), Freedom Maker (the installation helper), ExMachina (configuration tool) and Project Publish (publishing tool). FreedomBox is a very privacy conscious and user-centric system where users own all the data and have complete control over it. It has very limited 3 rd party accessibility and has very specific data domain Gigya Gigya [4] is a commercial entity based in the USA which provides business solutions for connected consumer management. They claim to facilitate businesses in engaging with their consumers with more targeted services. Gigya specialises in the gathering, transfer and storage of user information. They provide a centralised/distributed hybrid model. Gigya supplies the ability to embed their functionality into a client's services. The storage of user data obtained through Gigya can be stored with them or in a client's own storage mechanisms. Gigya boasts a large list of multinational clients and partners. Gigya caters to clients who want to tailor and target their services to the individual s needs and preferences of their users. This is done by allowing users to register/sign in using existing social networking and accounts. Data is then gathered from a user's profiles and is synced automatically when changes are detected. They also offer game mechanics (rewards for completing actions), commenting, sharing with social networks, activity feeds, RSS feeds and a graphical analysis of aggregated data. A suite of tools are furnished for integrating these components and customising a 19

20 client's service platform. Companies can then use this data to personalise and drive their products and advertising. Gigya provides client side and server side developer APIs for utilising their platform. The client side APIs are exposed through a JavaScript library. The server side APIs are REST with JSON payloads. These REST APIs can be integrated into mobile and server applications through a number of SDKs provided. Gigya is an enterprise-centric data storage solution in which users data is owned by Gigya, accessible by Gigya and stored in encrypted form by Gigya. Users can share their data with select 3 rd parties but do not have complete control over it as they do not own the data Personal Personal Inc. [5] is a commercial entity, launched in November 2011, which provides a suite of proprietary tools for securely storing and sharing personal information. They offer users absolute control over their identity and over access to their data. Personal's product focuses on allowing users to aggregate and manage their personal information in an online vault (50MB of storage per vault). The information stored in these vaults can vary hugely from financials to pet information and covers almost all aspects of life. The product offered by Personal is a centralised solution i.e. all data is stored on their Hadoop infrastructure. Their infrastructure is hosted by Rackspace in the United States. Data stored includes gems (nuggets of personal information), activity streams (logs) and contacts. The company makes many promises with regards to privacy and data ownership. Personal Inc. commits to not monetising your data, not giving access to third parties without explicit permission and to not push targeted marketing at users without consent. They also commit to non-intrusive logging. Personal encrypts and stored user data and allows users to have complete control over their data. Users and 3 rd party applications can only access data they own or that has been shared with them Mydex Mydex [6] has an almost identical business model to Personal Inc. however it does offer partnerships with other organisations. Another key differentiator is their hybrid storage model versus Personal's centralised model. In the future users will be given the choice of controlling where their personal data actually exist (currently only cloud storage supported). Mydex states that all technologies they use are open source; however they do not make the software running on their cloud platform available publicly. The proposed decentralised structure of Mydex's solution addresses some of the issues with Personal's. Chiefly Mydex will have neither physical access to the hardware storing data nor access the data itself as it is encrypted. The data they store centrally will simply be meta data about the distributed data stores that allow the system to work i.e. where is the data store? The size of the data store can vary hugely restricted only by the capacity of the physical hard drive storing it. The hybrid model allows users greater control over their data. 20

21 Mydex encrypts any user data that is on their system and only the user can access it. The users completely own their data stored by mydex and can selectively share this data with multiple third parties OwnCloud OwnCloud is a cloud storage platform for business enterprise. It offers businesses the opportunity to provide their own cloud storage service to employees with a larger degree of control than existing public cloud service providers. OwnCloud cites the legal difficulties enterprises have using Dropbox as the niche for the product. OwnCloud is a completely open source solution and as such is transparent and extensible. OwnCloud provides services similar to Dropbox, except that it affords greater control for organisations concerned with the confidentiality of their information. Due to the open source nature of the project organisations can add, remove, and modify any features they want. The organisations are responsible for setting their own security and privacy policies. Each business is also responsible for the how the data is managed. The businesses are the owners of the data. The only stipulation of using OwnCloud is to limit testing for vulnerabilities to your own installation and reporting them to the community. OwnCloud has linked up with hosting providers who offer the ability to rent their cloud solution, allowing organisations without data centres or technical staff to use the OwnCloud platform for their business. The partners that offer this are Net.de, vboxx, A2 Hosting, Standing Cloud and Saxons IT solutions. The expertise required to set up OwnCloud makes it infeasible for typical users. However there is nothing to stop an organisation from allowing public access to their OwnCloud. OwnCloud provides a huge variety of functions to businesses that simply aren't on offer from some of the large cloud storage SPs such as Dropbox, Google Drive etc. It is a powerful piece of software with a beautiful interface to exploit it to the maximum. Most importantly it gives enterprise the ability to control and tailor their cloud storage. Privacy for individual employee is low as their data is stored unencrypted, thus it is accessible by system administrators. Owncloud owns any data that the users stores on their system and as such has full access to it. The data itself is not encrypted when stored and the user can install plugins which has access to the data Pidder Pidder is a charity organisation with a pay what you want model which facilitates the creation of private social networks among its users. Their platform is centralised and all data is stored on relational databases. Pidder promises users privacy and anonymity when using the service, they claim no interest or use in sharing your data with thirds parties. Their claims are backed up by hard solutions. Pidder locks themselves out of the data by encrypting it on the client side. For additional privacy they do not log IP addresses of those accessing the service. Users of Pidder own any data they store using the services and this data is encrypted by the user and can only be accessed by the user. Pidder has limited interoperability with 3 rd part applications. 21

22 3.1.8 Privowny Privowny is a commercial digital privacy company based in the US whose goal is to empower users by providing a digital memory of all information gathered about them. The system creates a record of all data given; knowingly or not; to third parties while browsing. Users can discover companies that have shared their data through a Privowny account. Privowny is a deployed on centralised platform and Amazon's Web Services is used to store the digital footprints. Privowny users own all the data stored upon the system which is encrypted on rest. Privowny allows users to selectively share their data with select third parties Qiy QIY is a non-profit organisation whose stated goal is to redistributing the balance of power with regards to personal data in favour of individuals. The central purpose of QIY is to aggregate a user's personal data and allow them greater control over who has access to it. The site is presently in beta and no public APIs are available. Currently only one Qiy app; called Doors; is live. Doors facilitates the easy and secure login to other services. The browser plug-in gathers login information and presents it to the user. Qiy is in its infancy and as such a security comparison and analysis cannot be completed. 3.2 OPENi s Position As a research project OPENi s primary objective is to produce an innovative solution that integrates personal data storage and cloud-based services. Similar to FredomBox and OwnCloud OPENi s output will be released as open-source, however as outlined in the DOW, commercial adoption of the project is also important. Consequently a commercialisation friendly licence will be used for OPENi itself and only 3 rd party open-source tools and technologies with commercialisation friendly licences will be integrated into the platform. 22

23 Figure 6: This diagram compares personal data storage services similar to OPENi s under a number of categories. Based on our perception, each company is placed along a scale from least to most in each category. The diagram shows that OPENi is grouped with the companies that allow their users the most control, it is the most interoperable, and it has the most support for dynamic data. However to lead in these areas some privacy features are sacrificed; consequently other services overtake OPENi in this regards. The services that we analysed took a varied approach to the type of data that they allow users store on their system. Some are restrictive and only store data from a single domain or data in predefined schemas/structures. Examples are: FreedomBox and Pidder primarily concerned with communications and social networking data, CAYOVA and Privowny concentrating on web browsing data, OwnCloud on enterprise data like contacts, calendar and documents. Other services give their users more control over the type and structure of data that is stored. Included in this group are Mydex and Personal which allow their users define custom data structures, and Gigya which integrates with many 3 rd party services. In OPENi we allow users store any type of data in any schema (or object type). This dynamic data approach makes the Platform more appealing to 3 rd party developers; however it complicates matters with regard to the key OPENi goal of seamless interoperability between applications. To address this complication the OPENi Cloudlet Platform will apply a schema to the data retrospectively through the use of folksonomies with usage metrics dictating the global schemata (See section 6). Of the competitors FreedomBox, Pidder, and Privowny are quite insular; they operate in isolation and do not integrate with 3 rd parties applications or services. Others do integrate with 3 rd parties to varying degrees, with: OwnCloud utilising plugins frameworks, and CAYOVA, mydex, and Personal 23

24 directly integrating with mobile applications. However OPENi is the most accessible to 3 rd parties as it allows users share their data across applications and cloud-based services. This presents a wealth of data that application developers can tap into and enhance their service with. In addition OPENi also boasts an aggregation feature (that allows users monetise their data in a privacy preserving way (see sub-section 5.3.2)) which gives 3 rd parties access to information composed of data from many cloudlets. The primary goal of OPENi is to give the user maximum control of their data. We address this through a number of technical solutions and privacy policies. Similar to Personal and Pidder OPENi will implement non-intrusive logging. It will allow a user purge their data from the system as do CAYOVA, Personal, Pidder and FreedomBox. Similar to CAYOVA we will allow a user to realise the monetary value of their data by rewarding them for sharing it with 3 rd parties. Uniquely it will allow users port their data to other platforms, and give them control over 3 rd party access to their data through the use of intuitive GUIs. All the services that we analysed heavily emphasised their security and privacy features. FreedomBox s view is that centralised systems are a privacy concern as the platform owners can access all user data. To counter this perceived risk they implemented a distributed system where each user installs their software on a personal server in their home. FreedomBox was unique in this view, the rest opting for a traditional centralised platform. However their attitude to data protection and privacy differed. Privowny, Pidder, Personal, and Mydex utilise client side encryption to encrypt data before it is sent to their platform; consequently only the user can decrypt their data. In OPENi we cannot take this approach as it would restrict mobile application interoperability. However we do understand that there will be instances where users will want to protect some data so we will allow users to encrypt their data on a per data-point basis. As a result this data will not be intelligible to the platform rendering it unusable to the application interoperability, and data aggregation features. To further address users privacy concerns we ll implement non-intrusive logging and provide a detailed privacy policy. This approach is similar to CAYOVA s. In OPENi we re going to implement the Cloudlet Platform on a centralised cloud based platform; however we took care when selecting technologies to choose lightweight options so that more tech savvy and privacy concerned users can install the platform on a personal server. 24

25 4 OPENi s Personal Data Storage Research In this section we aim to give insight into OPENi s research agenda by formulating a number of research questions which we will answer over the lifetime of the project. The questions cover a number of thematic areas such as: mobile application interoperability, meta-processing and data discovery, data monetisation, personal identity, and minimal exposure; the questions are closely aligned with the research agendas outlined in D3.1 and D3.3. Later in this section we identify the requirements and use cases that will help answer these research questions. 4.1 Research Questions The key overall research question for the OPENi Cloudlet Platform is as follows: How should a scalable, extensible, secure Cloudlet Platform be developed in order to provide the ability to store users data for mobile Apps, social media add-ons, and enterprise level applications? In order to address the overall research question (RQ) we need to carefully investigate various aspects of storing users data: user data unification and monetization, personal user space instantiation on the cloud, digital user-identity formation. The specific research questions that address these issues are as follows: 1. How should an open source Cloudlet Platform enable the instantiation of user spaces in the cloud, with capabilities such as storage, discoverability, addressability, access, and security of users data across applications and devices? 2. How should potential differences in data representation by the 3rd party applications be negotiated in order to facilitate data re-use and interoperability? 3. How should the Cloudlet Platform present data to enable convenient meta-processing; both indexing and searching; to facilitate the user in monetising their data in a privacy preserving way? 4. How should the Cloudlet Platform for each individual user encompass and manage their data (e.g. health, finance, legal data) in order to build their personal identity? 5. How should the Cloudlets as a user centric data store further the currently observed state of the art HTTP based data access to promote privacy and enable a minimal exposure concept? 4.2 Relevant Requirements and Use Cases Each of the research questions can be linked with the use cases of the OPENi project in a manner that reinforces the concepts outline in both the use cases and the research questions. Research question one has distinct links with the scenarios of the MyLife and Personalised in-store shopping use cases. These use cases require a system that enables users to sign up to the service in an easy manner and for the system to create these accounts with all the accompanying configurations and features (storage, security, ect.). The MyLife, Personalised in-store shopping and Personalised Advertising use cases help address research question two. Each of these use cases produces user supplied data for storage in the OPENi 25

26 system. The MyHealth scenario from MyLife has both users and medical specialists accessing and editing the same data. By utilising personalised advertising 3rd parties will use the OPENi platform to supply users with targeted ads through analysis of their accessible data. The personalised in-store shopping use case will see retailers supply OPENi with details about their products, stock and offers; it will also provide recommendations on products to users. As the research question states, all the data from these different sources need to be represented in such a way that re-use and interoperability are supported within the OPENi system. Research Question MyLife Use Case Relation to OPENi Use Cases Personalised Advertising Use Case The third research question focuses solely on the Personalised advertising use case of OPENi. The personalised advertising use case will allow 3rd parties utilise user data to create targeted ad campaigns. In keeping with the data protection and privacy ethos of OPENi the shared data will be anonymised. Users must opt in to the advertising programs to allow 3rd parties access to their data. The MyLife use case helps answer the fourth research question. The MyLife use case shows scenarios where users keep details about their health, transaction, stocks and more on the OPENi platform. This information allows users to build and expand their personal identity with the OPENi platform. Similar to the second research question the fifth question is addressed by all 3 use cases. The OPENi platform will reduce the unwanted exposure of user data to all three services. Personalised In-store Shopping Use Case Q1 High Low High Q2 High High High Q3 Low High Low Q4 High Low Low Q5 High High High 26

27 5 Cloudlet Platform Components This section will describe the components required to create an OPENi compliant cloudlet platform. It is broken into two sections, one to deal with the management of the overall platform and the other deals with the individual cloudlets. For each component we define what it does and what other components it interacts with. Figure 7 The Cloudlet Platform components and external entities 5.1 APIs The APIs will provide the medium for inter-component communication in the Cloudlet and also for external communication with the API Platform and with Apps. More details of the Cloudlet API can be found in section Data Storage An OPENi cloudlet platform requires a data storage component capable of storing three categories of data, 1) user-supplied, 2) app-specific and 3) internal cloudlet data. User-supplied data is created, modified and/or deleted primarily through OPENi Cloudlet API. This data may be in various forms such as text, graphical, audio etc. This differs from app-specific data, which is data that an app may require to function correctly e.g. access tokens, cookies etc. Additionally the internal components of the cloudlet may also require storage of data such as logs, history, credentials, and tokens. The data storage component of the cloudlet platform must be capable of accommodating binary files as well as text data. 27

28 5.3 Platform Management The platform providers will be responsible for managing the underlying resources, which serve the cloudlets. To enable the management of these resources the following components are crucial to the platform Monitoring Automated monitoring of the cloudlet platform will offer providers the ability to pre-empt certain potential problems and efficiently react to many issues within the platform. In conjunction with standard infrastructure metrics, logs of platform application actions such as creating cloudlets, inserting data and querying cloudlet data stores will be aggregated and analysed by the monitoring component to provide the platform provider with comprehensive information of the platform as a whole. Alerts can be configured to notify the platform provider upon the occurrence of certain criteria e.g. available disk space less than 87%, CPU utilization greater than 98% etc Data Aggregation The data aggregation (DA) component will offer 3 rd parties the ability to view aggregated user data from multiple cloudlets while concealing the individual cloudlet owner s identity. A 3 rd party will send a request to the Cloudlet Platform for aggregated data. The DA will negotiate with the authorisation component to identify cloudlets that wish to share data with the 3 rd party in a privacy preserving way. It then requests the data from each cloudlet, aggregates the data, and sends the results to the 3 rd party. The security access levels required to access user s cloudlets is outlined in Deliverable 3.3. The DA is an important feature for a number of Service Enablers (SE) which need combined data from a set of cloudlets. We considered a number of alternatives to the DA, one of which involved each SE to negotiate with their users cloudlets and aggregate the data themselves; however this approach introduces privacy concerns as the SE could build a profile of their users by replicating their cloudlet data off-platform. The benefits of the data aggregator are: 1) it can be used by multiple SE and mobile applications. Situations may arise where the same data is queried by multiple parties. In those cases the DAs caching mechanism will optimise platform resource usage. 2) The proximity of the DA to cloudlet data and the authorisation component; in comparison to SEs and mobile applications; allows for speedy access, particularly when dealing with multiple cloudlets. 3) It simplifies the development of SEs and applications and 4) it allows users to monetise their data while making their digital personal identity. Each platform will have a separate, independent data aggregation component. This component does not aim to integrate with the corresponding component on other OPENi Cloudlet Platforms. 28

29 5.3.3 Platform Administration Platform providers require the ability to initially set, and later adjust, the resources, control and communication settings of the platform in order to maintain a high quality and efficient platform for cloudlets. The administrative tasks include: Create various types of nodes such as database master node, database slave node, application node, component node etc. Add/Remove nodes on the platform Connect to a specific node in order to troubleshoot issue(s) reported by a cloudlet owner Global platform access control. Revoke the access tokens of a cloudlet owner in the event of an account being compromised Provider GUI The provider GUI will serve as an interface for platform providers to carry out administrative tasks on the platform and view data from the monitoring component such as: Manage the platforms data e.g. log entries, load balancer metrics and users Change notification settings from the monitoring component Carry out administration tasks defined in subsection Communications This component is responsible for communicating with the platforms users. It will incorporate an and SMS service. communication is required to notify users of: registration progress, platform updates. Two way SMS communication is utilised to verify that registering users aren t automated machines. Users can also combine the communications and notification component to create alerts for cloudlet data mutations e.g. they can get an alert each time their weight is changed by an application. 5.4 Cloudlet Management The components outlined in this section will facilitate the management of the individual cloudlets on an OPENi platform Data access All data that exists in a cloudlet will be accessed via a set of APIs. This will ensure a consistent access point for all services such as Apps, Management GUIs and the API platform. In conjunction with the Authentication, Authorisation, Accounting component and policy-based security, the cloudlet owner will be in full control of who and what can access each piece of data in their cloudlet. The security of data access is outlined in more detail in D3.3 and the Cloudlet API is described in more detail in section 8 of this document. 29

30 5.4.2 Management In an OPENi platform, cloudlet owners are promised full control of their cloudlets. Together with the cloudlet GUI component, the management component provides the individual cloudlet owner with high-level control of their cloudlets. Some common management operations a cloudlet owner can perform are: Creating and deleting their cloudlet Porting their data to a cloudlet on another platform Suspend 3 rd parties access to their cloudlet data Authentication, Authorisation, and Accounting Access to the cloudlet will be restricted by a combination of the authentication and authorisation components. The authentication component will verify the credentials of the incoming request, e.g. username and access token, to determine if the request issuer is trusted. The authorisation component will evaluate if the trusted request issuer has sufficient access to carry out the requested task on the requested resource e.g. does App A have access to read the date of birth, body weight and the exercise reports from the last 6 months from the cloudlet data store. The details of all access requests, subsequent actions and cloudlet responses will be monitored and logged by the accounting component. These logs will be available in the cloudlet GUI for the cloudlet owner to inspect Notification Various components and external services can sign up for notifications of events on a user s cloudlet Cloudlet GUIs To empower Cloudlet owners in the management of their cloudlets they will be provided with GUIs. Some of the functions that will be available in this component include: Viewing access logs Edit preferences Configuring access setting of Apps 30

31 5.5 Component Interaction Figure 8 A visualization of the OPENi s components interconnection: the green components are GUIs, the red are external concerns, and the components with grey borders do not expose an external API. Storage is the central component. It is not exposed through an external API but rather through the authorization and authentication APIs. Most components alter different parts of the storage to some degree. The webserver is needed to serve the GUIs and permission dialogs. 5.6 Research to Component Mapping The first research question focuses on user spaces within the cloudlet. It outlines important concerns such as instantiation, storage, access, and data security. The instantiation and storage will require the use of the user management, storage, notification, and data components. The data monitoring component will ensure the smooth running of the system from both a security and a data integrity point of view. The authentication and authorisation components will be utilised for ensuring that all access to a user s data adheres to their data access rules. The users themselves will access the system using the user GUI. The second research question focuses on the reuse and interoperability of data representation between applications. Access to the storage and schema components is required for this; the registry is required to identify schemas within the data. If a broadly defined schema is put in place to define 31

32 how foreseeable data should be formatted then both the reuse and interoperability concerns can be limited. The third of the research questions involves processing formatted data to facilitate monetizing in a secure manner. This will require the use of the authentication, storage, notification, and data components to allow for access in order to process the data. The users will be required to use the permissions dialog component to allow for the processing and monetizing of their data. The processing of the data will be accomplished using the data aggregator component. The fourth research question focuses on allowing the user to manage their data on the cloudlet and facilitating the creation of their personal identity. To manage their data the users will needs access to it, requiring the authentication, storage, notification, and data components. The users will manage their data using the user management, user GUI, and permissions dialog components. The permissions dialog component allows the user to be selective about what elements of their personal identity that can be seen by others while the user management and GUI components enable the user to access their data and personal Identity. The final research question focuses on the security and privacy of the cloudlet and how it is accessed. The cloudlets can be secured by the authentication, authorisation and blacklist components so that only resources accessible by users will be theirs. 5.7 Use Case to Component Mapping Several of the components are integral to all the OPENi use cases. Each of the use cases requires some form of access to the data storage and notification components. Many of the key principals around OPENi focus on security and user privacy; therefore the authentication component is used for all use cases that require access to both user and system data. MyLife - The MyLife use case is a broad use case which entails the storage and management of data from the users everyday life including photo, health, financial and messaging data. As previously stated this use case requires the use of systems data storage and each user will be required to authenticate with the system in order to gain access to it. As this use case requires users to sign up, add, and edit their user details the user management and user GUI components will be utilised. As this use case focuses on bringing many different aspects of everyday life together, with each potentially having their own data format it is important for mobile application interoperability that the registry identifies schemas in the data. Users will be required to set permissions on their MyLife resources to allow others to view or modify them using the permissions dialog component. Personalised Advertising - As the title suggests this use case focuses on delivering targeted advertising to each user based upon their usage habits. As well as requiring the use of storage and authentication this use case will require the use of the User Management, User GUI and permission dialog components. As this is an opt-in/opt-out service the users will configure the setting which toggles the use personalised advertising using the GUI and permission components. The data aggregation component will assist in the personalisation of the advertising; it enables the use case collect selected data of its audiences and tailor its advertisements to suit the target audience groups. The personalised in-store shopping use case will allow for more efficient communication of product specials and recommendation from organisation to customers. This use case uses the common 32

33 components for accessing the system to store data such as company information, product ranges and more. The users in this use case will require the user management, permission dialog and user GUI components to configure purchase tracking allowing for product recommendation and rating for the user and the sharing of select purchase records to be recommended to friends. 33

34 6 Data model In OPENi we allow users store any type of data in their Cloudlet. This dynamic data approach makes Cloudlets more appealing to 3 rd party developers; however it makes it difficult to achieve seamless interoperability between applications which is one of OPENi s key goals. To address this interoperability difficulty the OPENi Registry will apply a schema to the data retrospectively through the use of folksonomies. The data model defines the systems capabilities to interact with and manipulate the objects and schemata. The Data API defines the manner in which the user can interact with the objects while the Type API defines the interaction with the schemata (or object types). As the cloudlet is a user centric data storage concept, developers are able to use it to store data within the user s domain of influence. In order to support all possible use cases a developer is able to imagine, the cloudlet must be able to store all possible objects a developer can define. Any object the developer would not be able to store as part of the cloudlet, would have to be stored externally and therefore outside the user s domain of influence. In OPENi, data is created by developers at will and at any time. This means developers are able to create data with the object type of their choosing. A key research goal of OPENi is the interoperability between applications and the ability to discover types and data of other applications. We will offer a type model under which developers may define their own types and discover those of others. A common approach to achieve interoperability is standardization. A standard is created by parties which share a common field of interest and goals, but may differ in their approach to achieve them. The development of standards may take a long time and in the end may be too narrow [11] or not specific enough to provide a useful interoperability [12]. For these reasons, standardization is not a feasible concept for the OPENi type model. OPENi must be able to support interoperability with a more dynamic approach such as folksonomies. Both dynamic data and interoperability are crucial to OPENi. Both have to be supported to enable the implementation of any developer use case while supporting seamless interoperability between applications. While researching class based type models we came to the conclusion that they may not be able to allow for a type ecosystem to grow dynamically. Following we will discuss the approaches and their shortcomings. 6.1 Inheritance Inheritance provides facility to establish a is a relation between types and other types as well as objects and their types. Many object oriented programming languages use class based inheritance. In class based inheritance, an object is guaranteed to support the properties (incl. methods) of its associated class. Single inheritance is the most common form of classed based inheritance. It allows a class to inherit its properties from a single parent class. Each object and type has exactly one parent as seen in Figure 9. The benefit of single inheritance is the ability to reuse objects. Each new type only adds properties to the base type. Any object of a higher type is compatible with a lower type in its inheritance chain due to this fact. This model of extension is based on the Liskov substitution principle. 34

35 Figure 9 A single inheritance model with the ability to extend types. The extensions of types may add new properties to the base type. The corresponding objects can be also be casted and with smaller types. This is achieved by walking the inheritance chain (e.g. objectt+1 -> Type+1 -> Type0, therefore the object can be casted to T0). This concept is called subtyping and it enables OPENi to identify all objects which can be returned. A query for T0 can return object0, 1 and 2 as they all share the properties defined by T0. The main motivation behind an inheritance model is twofold. It creates a way to relate types semantically to each other. Secondly, it provides a syntactic contract. Any object must provide the properties which are specified in the type. Likewise the inheritance from a parent to its child type guaranties that the properties of the parent are also preset in any object of the child type. This allows code to be written to these contractual expectations. The validity of the object to its type guarantees a certain amount of interoperability, by providing knowledge about the underlying data to the developer. It functions like a self-defined standard and shares some of the pitfalls. First, it only allows a static inheritance chain. This means a type does not change its ancestry during its lifetime. The parent is a fixed reference in the child class and likewise in the object. Secondly, once a property is defined, it cannot be undefined in a sub type. In order to get rid of the property, a type will need to fork the inheritance chain before the type was introduced. Thirdly, it only allows for chains of inheritance. Therefore, single inheritance is unable to express the duality of an amphibious vehicle by deriving it from the types boat and car. Multiple-inheritance allows a class (or object) to inherit from multiple parents (see Figure 10). However, multiple-inheritance creates a more complex ancestry graph, naming conflicts and violates the Liskov substitution model. Most languages today therefore avoid it. To OPENi such a model would provide a good abstraction for its interoperability but it makes objects very static and unable to adapt over time. 35

36 Figure 10 A single- and multi-inheritance model. Boat1 is a Boat, it also it a vehicle, but its unable to be a car, as a car does not share semantic (other than being a vehicle) with a boat. Boat2 is both by having a type (amphibian) which inherits both classes. This is not possible in most programming languages due to the possible name clashes of properties (and the so called diamond problem). 6.2 Interfaces Interfaces are used in order to bridge the inheritance chains in a single class based inheritance model. Interfaces, like classes declare properties (methods), but don t define them. They consist of an encapsulated subset of common functionality between multiple classes. They provide an abstraction between the declaration and definition of the structure of a type. This declaration can then be used to write code which is able to support multiple classes without a common hierarchy. Code written for an interface can then only interact with the classes functionality outlined by the interface. Interfaces are either pre-defined or refactored out of existing code. In most languages they must be declared in the type (class) to apply. Some languages like Google s Go provide implicit interfaces, which are not declared as part of the type but dynamically identified. As OPENi objects do not contain implementations, interfaces are similar to types. The important difference to singularly inherited types is that a type generally defines the structure of an object in full. An interface may be a partial description and multiple may co-exist and overlay each other similar to a multiple-inheritance class-based model. 36

37 Figure 11 The graphic visualizes the structural relations types can have to each other. A type can overlap with another type. These two types share common property names and may share a common property type. A type can be contained within another one. This means all of the properties of one type can be found in the other. They can also be equal, meaning they share all properties of each other. Lastly they can be distinct from each other, meaning they do not share properties with each other. 6.3 Multiple types Both interfaces and classes provide a contractual description for objects. OPENis object types are closely related to interfaces as they do not carry implementations (like classes). When combining multiple interfaces (or types), the potential for naming conflicts exists. Figure 11 visualizes the different constellations types may have to each other when being combined. With the exception of the distinct case, all combinations have overlapping properties. These properties, if they share a common type are not problematic. However, if their types differ, the question which property should be used arises. An example related to Figure 10: Boat as well as Car may have a color property. If, the types of Boat.color and Car.color have a different type, which color declaration is to be used in Amphibious? This is outlined in Example 2. A common solution to this problem is the ability to select or rename attributes explicitly or to accept a declaration by convention (e.g. the right most type declaration is to be used). It is important to notice that multiple types do not necessarily imply multiple-inheritance. If a type inherits multiple types, this type can again be a parent to another type. This can lead to complex inheritance graphs. On the other hand objects with multiple may not suffer from complex inheritance graphs, as the inheritance model of these types itself may still be singular. 6.4 Duck typing Duck typing is a form of dynamic typing which allows the developer to express objects and code without any hard conventions. If an object is able to support the properties that the code requires, it is seen as a valid object. This means, code can process many types of objects as long as they support the required properties. Duck typing ignores the semantic of objects or simplifies it to an observed semantic which is often demonstrated through the slogan: If it quacks like a duck it is a duck. As 37

38 duck typing is a feature of dynamic languages, it does not suffer from naming conflicts. If a property is re-defined, it simply carries a different type from this point forward. This follows an analogous ideology to convention over configuration. Code may be receiving faulty objects at any time and the system will not assure how an object looks. This is a very dynamic model that would fit the goal of a dynamic type system for the OPENi cloudlet. However, it does not provide any facility for interoperability and is therefore unsuitable for an open type system. Developers could constantly be in conflict as to how an object should look. Figure 12 visualizes how duck typed objects can be perceived in a typed environment. Figure 12 On the left a multiple type model. On the right a link data model like JSON-LD which can be used for duck typing. The right side types of attributes are declared in the object itself. The model does not support a class inheritance model, but requires type knowledge to be defined in the object. Objects can be very expressive in the right model; unfortunately they also convey a lot of duplicate information and no clear structure. JSON-LD does allow for the liking of other types as part of a class like structure, but does not define any enforcement or interoperability of these types (seen on the right most side). A typical single inheritance model is omitted but can be deduced from the left side. 6.5 Shadowing Shadowing is a concept that can be found in most modern programming languages. It is related to the concept of scopes. Methods, functions and classes commonly create scopes. Each scope may contain properties of any type and name even if these property names have been used in a parent scope. If a property has been used in a parent scope, and is redefined in a child scope the parent property is shadowed. The observer (e.g. code) sees the properties of the current scope and those of the parent scope which have not been shadowed. Shadowing can also be applied to an inheritance or interface model. However, it is commonly not, as it would re-define the semantic of a property in the 38

39 derivative (child) type which would break the substitution model. Likewise shadowing can also apply to an object. Shadowing is depicted in Figure 13. Figure 13 A depiction of scopes. A scope may have a property name and gender which may be redefined shadowed in its child scopes. The code sees the variables of the current scope and those of the parent scope, provided they have not been shadowed. This can be used in a type and object model as well. 6.6 OPENi Types Singular inheritance is a model which has proven suitable to programming. In programming languages, inheritance serves as a contractual assurance that enables subtyping and casting. It enables the system to return objects of a larger type even when a smaller type is requested as seen in Figure 9. However, a static inheritance model does not allow the developer to reduce an existing type freely and to get rid of unwanted properties. In order to find all compatible objects the subtype must exist in the inheritance chain. We will investigate whether explicit inheritance can be useful to the system. A typical inheritance model, demands that the developer knows the type hierarchy a- priory or refactors it later. Both seem unlike for OPENi, as multiple developers will use a type and will likely disagree on later changes or a-priory structures. Nobody, not even the initial developer must be able to alter a provided schema as long as other developers have applications based on objects of this type. Otherwise other developers would be unable to follow the changes and their applications could break. On the other hand, the introduction of compatible subtypes into an inheritance chain is possible. It would require the system to rewire the subtype s parent relation and would create a new subtype. An automated inheritance system could also be able to solve this problem. Such a system can relate the semantic as well as syntactic type information to each other, when it is provided with sufficient information. JSON-LD offers a way to express the semantic relation of a type (any object) by linking it to external semantic data. Once the OPENi types are related to semantic concepts, they can then be 39

40 automatically liked together by the system. After types are linked on a semantic level, the syntax the developer has provided can be used to build an implicit and changing inheritance model. The dynamic approach allows OPENi to continuously accept new types of any form and weave them into each other, semantically and syntactically, without the developers expressed intents. This allows the system to rewrite its inheritance model and to perform housekeeping on the type system. An interesting challenge will occur as different developers will add a type with the same intention and therefore name, but with a different structure or attributes in mind. A type typically consists of human readable id and address to reference it. For an open type system it is not feasible to let developers name the schemata they provide. The names of schemata could only be used once and it would be unclear if the community agrees to the naming. The developer instead suggests a name, description and tags which are used as meta-data to guide the automated system. Therefore, the type contains semantic links and a syntactic structure. Additionally the developer is able to provide other hints such as tags, and type names as hints to the system. This provides a challenge as developers have to find, identify and use types defined by others. Even when developers agree on the syntactic structure of a type, they can provide additional semantic hints to the system. Following is an example schema. The corresponding object is shown in 6.2. The OPENi type system allows the use of multiple types which are referenced by the object. As such, the object supports type composition without multiple-inheritance and can be composed of different so called traits. In this example, a person consists of personal information like the name but is enriched by address and birth information. These three schemata can also be combined into a single one, if the developer feels this is a common approach. As such, the type system prefers a composition over inheritance approach. This is but one approach, and we will further investigate other type and schema approaches during the development. Appendix I shows another. A type is expressed via a URI (or IRI) and therefore uniquely identified. The objects and schemata are stored and indexed. An index over the types and identifiers of the objects and the schemata is necessary to provide adequate lookup speeds for the most common use cases. type/afb5e73f7079d9ce805381a380bbf7e5 :{ openi : // namespace givenname : openi:type/string // attribute: type pairs familyname : openi:type/string : [ openi:type, ] // static type declaration + : openi:type/afb5e73f7079d9ce805381a380bbf7e5, // Person, type id $name : Person, //human readable name $description : A human being., // description $tags : [ person, human ], //tags } 40

41 type/acbd a4d8 :{ openi : address : : openi:type/acbd a4d8/address // nested street : openi:type/1ffd 2f11, // Include Street type named zip : openi:int } : openi:type/acbd a4d8, // Address, type id } type/1b34e73f7079d9ce805381a380bb7a68 :{ openi : birthday : : openi: type/1b34e73f7079d9ce805381a380bb7a68/birthday // : openi:type/1ffd 2f11 // Include a Date type (year, month, day) directly time : openi:type/string // add time } : openi:type/37b5 51f2, // Birthday, type id } Example 1 The type approached outlined here is based on JSON-LD. The schemata itself are JSON- LD objects which provide a context for the objects. The attributes are declared in the context with a possibility to reference external schemata to compose a type through other types. It is not yet decided how OPENi will present types (schemata) Objects OPENi stores the data as JSON objects. An object is composed of one or several types. The context of the object is provided by the types. They provide a name resolution for the human readable properties like address or givenname. A property consists of a unique name throughout the object, a type for the property which is identified in one of the object types as well as a value. Objects have an id to uniquely identify them. 41

42 Since multiple types can be used, name conflicts as outlined before are possible. If types have overlapping properties, their types may not match. We will investigate the feasibility of choosing one type for a property or storing multiple values; one for each type of the property. While multiple values for a property may seem odd, it may be necessary. If an object is found and accessed through one but not all of its types, it should be expected to return the appropriate properties (similar to subtyping). When we allow a type-property combination shadow another, these properties will contain no value when accessed through the subtype and will not be accessible. Such a dual property approach can be found in C# concerning interfaces. Another approach could be to disallow any name conflicts in type compositions, comparable to JAVA. Likewise, an important concern of ours is the development of an object model which allows the sharing of properties between objects. This will result in a highly relational model which is likely to negatively impact the systems query performance. An important part of our work will be to identify a suitable way to increase the performance of this model or to support it with a technical and fast solution. Technics like caching will likely reduce the impact of the abstraction. A duck typing approach will allow us to dynamically alter and bind object properties at any point. Without the late-binding at a property level (outlined in duck typing) it would be impossible to recombine objects dynamically and even morph them to a different form. While the type system represents a static and standardized object view to the outside, the underlying objects will be highly dynamic and system managed. The view or representation of an object will be type bound and therefore static again to any viewer. The technological implementation of the outlined model will be an interesting research challenge which will be studied further in WP4. Lastly, objects must be able to migrate from one compatible type to the next. This is a complex challenge in OPENi as developers share objects and types with each other. However it is very likely that developers want to extent and alter current types and therefore objects at some point and develop a new model without losing the old data. While the addition of new types into an object is possible, the reduction of old types is problematic. A developer may use the object under the old type. If the type was removed, the developer would no longer see the object. Shadowing provides the possibility to do such a dynamic migration but as discussed prior, it needs to be carefully designed to avoid the pitfall of over-relating objects and therefore slowing down queries. Enclosed you can find a simple object example which facilitates multiple types and provides a semantic hint that helps to identify the object. /object/0570e73f7079d9ce805381a380b1345 : : }, // where to find : object/0570e73f7079d9ce805381a380b1345, // object : [ object, afb5e73f7079d9ce805381a380bbf7e5, acbd a4d8, 37b5 51f2, ] // type composition + ext. link givenname : John, familyname : Doe, address : { street : { 42

43 name : 2st Street, number : 42 } zip : }, birthday : { year : 1970, month : 6, day : 31 time : 11:11 } } Example 2 This is an example of a person object. It contains multiple attributes and nested structures. is a JSON-LD compatible keyword which is used to express the classes this object is based on. is also JSON-LD compatible and provides a unique id for the object (which is also the relative IRI the object can be found under). The context identifies the base for identifiers. 6.7 Registry The types are introduced to the cloudlet via the application. Developer outfit their applications with the appropriate types by compiling the schema into the application. The users are prompted by the application for their cloudlets addresses. Once they enter the address, the application can connect to the cloudlet server. The application registers the schemata it requires with the cloudlet platform. The platform will store the schemata. The application will afterwards request access to the schemata and the cloudlet server will ask the user if they agree to these access rights. If the user agrees, the cloudlet will provide an access token to the application, which enables it to access the corresponding data. In order to allow developers discover schemata, the cloudlet platforms can pool their knowledge and statistics to a common component, the registry. While multiple registries are possible, it serves as a central point to the connected cloudlet platforms. Developers are able to gain a wider view of existing schemata and their usage through a searchable index. While cloudlet schemata lack a defined name, their meta-data enables the registry to display them in a humanly readable form. A schema implicitly represents a type and therefore an abstract entity, which can be linked via a resource description language. 43

44 Figure 14 Cloudlet and registry interaction 44

45 Figure 15 Cloudlet and registry interaction. 45

46 7 Architecture As outlined in section 2 we investigated and broadly specified four potential platforms but opted to develop a multi-tenancy platform with a single large datastore. The Cloudlet Platform itself will be implemented in the form of a distributed application. Distributed applications are composed of a number of software components called workers distributed across a number of hardware nodes; workers communicate with each other by passing messages. In OPENi we will create workers for each platform component as outlined in section 5. Each worker will have its own internal REST API and will communicate with other workers via a messaging framework. The benefits of a distributed application are: Functional separation The overall functionality of a distributed application is partitioned into small workers covering a single functional area. As the OPENi project has a large development team distributed across a number of countries partitioning the application into many components has its benefits. Smaller groups from one or two countries can autonomously develop individual components focusing on their functionality; due to the design-by-contract nature of the REST APIS integration difficulties are minimised. For Example, OPENi s service enablers can be deployed directly on the platform and request all data from the internal components via their APIs. Heterogeneity Components can be implemented with different programming languages and on different operating systems. Resilience In a distributed application workers can be replicated on multiple hardware nodes. If a node was to die the application can recover by re-routing messages to anther node with similar workers. Scalability Scaling a distributed application simply requires adding more hardware resources. Furthermore, as the application is partitioned into many functional areas, each functional area can be scaled independent of others. A slow functional worker can have extra resources thrown at it so that it doesn t slow the whole system. Load balancing Distributed applications allow for worker migration within a cluster to achieve load balancing and improve performance. Economy Sharing hardware reduces the cost of maintaining a platform. 7.1 Software Stack The software stack to implement the Cloudlet Platform includes: ZeroMQ as the distributed application enabling messaging library, node.js as the preferred programming language, CouchDB as the datastore, Mongrel2 as the webserver, nginx as the load balancer, and OpenStack as the cloud platform Languages Most components will be written in node.js, the platforms preferred programing language. The benefits of node.js are: 1) it is a dynamic language which allows for rapid prototyping, 2) it can 46

47 handle thousands of concurrent connections with low overhead, 3) its strong support with JSON (our preferred API and messaging format), 4) its event loops, and 5) a number of application frameworks have been built for the language e.g. express and Geddy. However, a recurring criticism of node.js is that it s codebases are difficult to maintain as it grows; splitting the Cloudlet Platform into many smaller components will help address this inherent drawback with the language Messaging Framework ZeroMQ [9] is an open source socket library that acts as a concurrency framework for scalable, distributed and concurrent application. It includes features that allow messages to be sent via inprocess, inter-process, TCP and multicast as well as the ability to support many-to-many connections [10]. ZeroMQ libraries are available in a wide range of languages including C, C++, Java,.NET, node.js and Python. Software patterns utilise asynchronous I/O in order to build scalable multicore message passing applications. Its suitability to our platform are categorised as follows: Patterns ZeroMQ supports a number of communication patterns including: pipeline, fan-out, fan-in, publish-subscribe, task distribution and request-reply and exclusive pair. These patterns allow us to create multiple topologies within the one distributed application. I.e. workers/components can communicate with each other as they wish. Asynchronous I/O it handles asynchronous I/O in background threads so there are no locks or wait states in concurrent ZeroMQ applications. Multiple transport methods - Different ways of passing messages including: TCP, multicast, in-process, and inter-process which means that the same application code can be deployed on a large cluster of computers or alternatively a single personal plug server. Languages Supported libraries are available in a wide range of languages including C, C++, Java,.NET, node.js, and Python. While node.js is the preferred language the development of some components may be accelerated by utilising code libraries and applications written in another language like Java. Libraries - there are many libraries that build upon the native APIs. OSs supported on the main operating systems including Windows, Mac and Linux DataStore Primarily due their scalability, NoSQL databases appear to the most appropriate solution for the OPENi datastore. NoSQL databases are designed for high performance and throughput when handling vast amounts of data from large numbers of concurrent users. Of the many NoSQL datastores we compared (See Appendix II for the full analysis) we opted for CouchDB. Couch was selected because of its multitenancy support; it can support millions of databases allowing a database per user. In addition it is lightweight enough to install in a personal plug server. CouchDB s support for the map-reduce paradigm is essential for the data aggregation component. Additionally, CouchDB has built in compression, native JSON and JavaScript support, and can support secondary indexes. 47

48 CouchDB CouchDB (cluster of unreliable commodity hardware) is an open source databases system, managed by the Apache Software Foundation. CouchDB is a document based storage system that persist data in a JSON format. According to the CAP theorem partition tolerant distributed databases have to make a design choice between availability and consistency, CouchDB provides high availability and partition tolerance with eventual consistency. The simplistic data model employed by CouchDB is a flat collection of independent self-contained documents. Structures can be applied dynamically to the data through the creation of views. Views are controlled by implementing JavaScript functions, these describe how to aggregate and filter documents to produce a view. These functions are analogous to the mapper function associated with Map Reduce. View representations of the data do not affect the underlying document; it is an illustration of data within documents based on some criteria. CouchDB operates in a peer-to-peer distributed architecture. Each instance can have its own independent replica of the data. Each replica can be altered independently and changes will eventually be synchronised in a bi-directional and incremental (only what has changed since the last update) fashion. Instances can also continue to operate when connectivity is lost with other nodes and it will continue to operate as normal when the problem is solved. Secondary index support has been added to the views to allow for more efficient querying. As the database changes the views and their indexes are incrementally updated to reflect the alterations. The view engine is optimised to only evaluate documents that are new or have changed since the previous view update. This incremental approach as well as the option to allow data to be manipulated in memory (which is flushed to disk when a threshold is reached) is designed to reduce the time used writing to disk. Since version compression is enabled by default with Google s snappy, with the option to use Gzip as an alternative. The primary method of accessing data is through a set of REST APIs and HTTP. This feature makes CouchDB extremely interoperable with any programming paradigm. Extensible security and validation functionality is delivered. JavaScript functions can be used to create a more complex access control system than the basic one provided Web Server Mongrel2 [11] is a protocol and language agnostic web server. It has supports HTTP, Flash sockets, WebSockets, Long Polling on the user facing side and exposes ZeroMQ handlers on the backend. The Cloudlet Platforms workers will integrate with Mongrel2 s handlers. Conveniently the node opensource community created a node.js handler for Mongrel2 called m2node Load Balancer nginx [12] is a compact software package containing a HTTP proxy, load balancer, edge cache and origin server. nginx has many features which cover protocols and performance, request routing, security, edge cache and origin server, and configuration and management. Some of the key features are IPv6 support, support for up to a million concurrent connections, multi-tenancy, session persistence, connection and request policing, header manipulation, load balancing and many more. 48

49 nginx provides reverse proxy and load balancing features that allows the act of load balancing to be done in software rather than hardware. The configuration of the load balancers is done in a configuration files which allow for the fine tuning of the logic behind the load balancing. Weights can be assigned to each interface and this will dictate the amount of traffic routed to each as well as IP hashing to ensure that returning IP addresses are returned to the same interface [13] Cloud Platform When deciding on which cloud technology we should employ on the OPENi project we analysed a number of Infrastructure-as-a-Service (Iaas) and (Paas) offerings (see Appendix III for the full analysis). Of the PaaS offerings CloudFoundry was the closest to meeting our stack requirements however it doesn t provide built in support for ZeroMQ. Therefore CloudFoundry and the other PaaS offerings were excluded. After reviewing the IaaS solutions it was felt that OpenStack was the most suitable for this project due to several key factors. OpenStack is an open source project and as such there is no cost associated with airing the use of the technology and utilising it for the purpose of this project. Its interoperability with other cloud providers and hypervisor technologies allows for freedom from vendor lock-in. The OpenStack Foundation which protects, empowers and promotes the OpenStack community consists of many internationally renowned organisations such as AT&T, Canonical(Ubuntu), IBM, Rackspace, Red Hat, Cisco, VMWare and many more [14]. The collaboration with these technological leading organisations shows that OpenStack will not easily be pushed from its place among the top cloud technologies and provides a sense of reassurance about the future of OpenStack OpenStack OpenStack [15], as described in deliverable 2.2, is a collection of open source components used to deliver public and private clouds. OpenStack s interoperability with multiple hypervisors, such as Xen, KVM and VMWare ESXi, and other cloud providers, like Amazon EC2 and S3, have made it a popular solution for cloud platforms. OpenStack provides access to the underlying hardware with the use of the OpenStack APIs. This coupled with the ability to use a command line interface for the management of the physical hosts allows for finer control of the system as a whole. Managing the virtual machines in the system can be done several ways. OpenStack has a web Dashboard GUI that can be used to manage all the main aspects of the system including but not limited to VM instance and image management, VM provisioning, user management and other security features. The OpenStack API can also be used to manage these aspects of the system as well using the Amazon EC2 API as OpenStack has implemented the system so that it can support the EC2 API. The key security features are the ability to create security groups, user groups and the user management system. The security groups allow for the finer control over the flow of information in the system and can be used to isolate groups of machines from one another and mitigate any 49

50 possible security risks that would be present in a system where all machines had access to one another Orchestration We will use Chef to orchestrate the OPENi platform s hardware nodes, virtual machines, and ZeroMQ workers. Ganglia and Nagios are system monitoring tools Chef Chef is an IT infrastructure automation and configuration management tool used by system administrators and DevOps personnel [16]. Chef uses ruby as its main language and its configuration groups and files called cookbooks and receipts. The CLI tool known as knife provides an interface between the local Chef repo and the Chef server; it is also the main means to manage cookbooks and receipts. A Chef cookbook is a collection of receipts that can be used to configure a system in a certain manner. It could have a database cookbook which could install all the services required on a machine to be a database. Normally separate cookbooks would be created for each application, i.e. the user could create an Apache cookbook and then download all the receipts for apache into that cookbook. The apache cookbook could then be included in different configurations i.e. a database configuration, which would then be pushed to all machines using that configuration. The run list knife command is used to push or configure what cookbooks need to be running on a certain machine. Using the knife command the Chef server can connect to its hosts and push the configuration cookbooks to the host Ganglia Ganglia [17] is an open source distributed monitoring system for systems such as clusters, grids and clouds. It is optimized in such a way that it has very low per node overhead while still providing accurate statistics about each node using a combination of XML, XDR and RRDTool. Ganglia has a hierarchical structure and runs a script on each node in the system. The information is gathered and then passed up the tree; this collected information is then displayed upon a web interface that shows graphs of many of the details of the system including CPU usage, network usage, memory usage and many more. Ganglia can be extended to application level monitoring. E.g. The data authorisation component could notify Ganglia each time an app is refused access to a cloudlet. The resulting Ganglia graphs give the platform manager insights into usage patterns over time Nagios Nagios [18] is an IT infrastructure monitoring system that allows organisations to identify and resolve issues when they first appear and before they progress further. It can be set up to monitor different 50

51 aspects of the IT infrastructure such as system metrics, network infrastructure, applications, services and servers. Nagios includes many useful features including the ability to set up alerts for critical failures of the system that will be sent via , SMS or a custom script. These alerts can also be grouped in different levels of alert so that if an alert is not handled promptly it can be escalated to a higher level of priority. It can generate detailed historical reports for review that include outages, events, notifications and alerts 7.2 Mobile Client Native vs. Web Mobile Development With the current proliferation of mobile devices among consumers, companies and organisations are moving towards mobile development to reach a wider audience and keep up with current technological trends [19]. Development can take several forms, native mobile development, web mobile development or a hybrid of the two. Native application development is the developing of an application specifically for a particular platform e.g. ios or Android. It has many advantages over web development in areas such as: performance, direct access to the device s sensors and hardware, and as the application logic is not executed in a web browser security is enhanced [20]. With web mobile applications are created in HTML5, CSS, and JavaScript for mobile devices such as phones or tablets. While native application development has many advantages, web has some key features that often make it much more appealing to mobile app developers than native. Mobile web development allows for cross deployment on any number of devices with almost no additional cost. Also the knowledge base for web development greatly exceeds that of native application development. Mobile web development gives app developers more control over the distribution of their apps as it allows them to circumventing the app stores Mobile Client Libraries The OPENi platform will use its own lightweight JavaScript library that will allow the mobile client to access both the Cloudlet Platform and the API Platform. OPENi will utilise pre-existing technologies like jquery Mobile, Titanium mobile, and Xui to accomplish this. To further extend OPENi s appeal to developers and to help OPENi adoption we will develop extensions to the aforementioned libraries jquery Mobile jquery mobile [22] is a web framework for smartphones and tablets that allows for the creation of cross-platform mobile applications for devices running a multitude of OSs such as ios, Android, Windows, Blackberry, Symbian and more. jquery mobile contains a custom builder that will allow for a jquery bundle to be created with only the features required. While jquery mobile is already lightweight it will allow for further control over the overhead that it will have on the mobile web application. 51

52 Titanium Mobile Titanium mobile [23] is a mobile web development framework with an open source SDK that includes API support for over 5000 devices including devices from the ios, Android and Blackberry families. The open source JavaScript libraries can be used and extended to create a cross platform application that can then be wrapped in a native shell and deployed as a native and HTML hybrid application Xui Xui [24] is an extremely lightweight mobile library for mobile web applications for standard client side tasks such as event-handling, webpage manipulation, Ajax and simple animations. Xui is designed to be as lightweight as possible while still being compatible with all devices in the mobile landscape [24]. Due to Xui being extremely lightweight it could easily be used in the creation of the OPENi library if its features are required by the OPENi library. 52

53 7.3 Cloudlet Platform Figure 16 illustrustrates the workers that make up the distributed application that is the Cloudlet Platform. The workers map to the components as outlined in section 5 of this document. Components developed specifically for OPENi are marked with a yellow background; 3 rd party components are marked with a white background. In some cases multiple instances of a worker will be deployed, for other components only one is needed. The type of ZeroMQ connection between workers is illustrated by a coloured directed arrow. The solid black bidirectional arrows represent a request-responce message pattern, this pattern is used for cases where workers need to act on responces from other workers. It should be noted that the request-response patterns can contain another patterns like fanout for workers with tasks that require a lot of processing, fan-in for workers that require less etc, these patterns will be implemented as required. The solid red unidirectional arrows represent the publish-subscribe message pattern. For the moment this pattern is used for monitoring purposes only. In accordance with the agile development methedology the technologies, components, messaging pattersn, and the way components interact with each other will change as challenges are encountered during the development. Figure 16 Cloudlet Platform components and the ZeroMQ topology. 53

54 8 Cloudlet API This paragraph outlines the APIs which are responsible for exposing the cloudlets functionality and are necessary in order to provide the secure and user centric scalable platform. 8.1 Authentication and Authorization API OPENi s auth* concept and protocols are outlined in greater detail as part of D3.3. The authentication is based on OpenID Connect [7] [25], an identity layer on top of OAuth 2.0 [8]. The protocol allows relying parties to verify the identity of a user and to obtain information about him. Information can be exposed via claims and scopes. A scope is a set of access privileges which are being requested. A claim is an attribute which is returned by the OpenID connect provider (such as OPENi). A response for a scope request may contain multiple claims. OpenID connect defines some scopes as part of the standard, but they can be freely added. "Profile" is one of the predefined scopes. This basic profile may include the , name, date of birth or the gender. Therefore, OpenID Connect provides a minimal interoperability-base and adds authentication and single sign-on (SSO) functionality to OAuth 2.0. The authorization concept is based on OAuth 2.0, which uses tokens to provide an access delegation mechanism. OAuth has been developed as a standard, to authorize third parties and grant access to resources that would typically not be accessible by them. It was designed specifically to enable services to access user data without the need to provide a password to the services. Instead a token, which has an access scope and can be revoked, is used to grant access. In OPENi tokens will be granted by the security server and accepted by the cloudlet and the API platform. 8.2 Data API The data API is a REST API which follows the design of the Resource Query Language (RQL) and the System for Cross-domain Identity Management (SCIM). RQL is a URL based query language which provides similar capabilities as simple (transaction-less) SQL. SCIM is a standard which can be used to transport identity and profile data. 8.3 Type API The type API is used to register a new object type with the cloudlet. The cloudlets schema knowledge is continuously extended via the API to provide additional data types to the platform. The schemata need to be registered before the corresponding data objects can be created within the cloudlet. For privacy concerns, the current approach does not expose the registered schemata within the cloudlet in small scale deployments. In large scale deployments this privacy concern does not exist. The registry component exists as a tracker which allows developers to search for and retrieve a schema. If an application is used by any user on a cloudlet for the first time, the application registers the schema with the cloudlet. It requests access to the registered schemata and can access objects afterwards. The schema registry is able to retrieve all registered schemas via the schema API, and use them as a statistical source to measure importance. The user is able to use the API to list the schemata which affect him. 54

55 8.4 Auditing API The auditing API exposes a feature which allows users see actions and changes to their data and allows reverting mutations if they feel it is necessary. For a centralized, user centric data storage concept which supports an open service landscape, the user must have the ability to audit the changes to their data. The monitoring system logs API calls and data changes. The user is able to manage their logging preferences via the user management API. The auditing system follows a similar approach to bank statements or credit card bills in which clients are able to review and dispute certain changes to their data. The auditing system is described in more detail as part of D Notification API The Notification API exposes a publish subscribe interface which uses web solutions such as web sockets to provide a feedback notification channel to the application. An application can register to the notification channel and receives all notifications it has been authorized to receive, through its specified scopes. As such, an application is able to, but not required to, listen to the notification channel once it has obtained the right to do so via a scope which contains the appropriate claim. 8.6 User Management API The user management API enables the user to manage their account. They are able to alter their log settings, granted permissions, and account data such as the password. This API exposes all capabilities the user has with the exclusion of the features provided by the auditing and data API. The API may be further divided during development. 8.7 Platform Management API The platform management API exposes the management features to the OPENi provider. A provider is able to disable user accounts, alter platform settings and block malicious or unwanted applications. The provider is also able to define which claims and scopes are not allowed on this particular OPENi deployment due to law and regulative restrictions. Additionally the API exposes system monitoring capabilities to the provider. The API may be further divided during development. 55

56 9 Workflows In this section we'll outline how the cloudlets and the cloudlet platform interact with the API Platform and the mobile device. 9.1 Application Subscription The application registration begins when the user opens the application the first time and enters their cloudlet address (not shown).the cloudlet validates the applications registration. If the application was registered with an OPENi provider, it can register its object type. The user is prompted for agreement on the requested access. A token is created and stored for the application. Afterwards, it is provided to the application, to access the user s resources. The application continues and the whole process is logged. Figure 17 Subscribing to Third Party Application. 56

57 9.2 Alter or read cloudlet data The data request contains an access token. The cloudlet validates the Token the application supplied. If the token is valid, the scopes are checked in order to validate if the token has the necessary rights to perform the action. If the token has the necessary rights to access a claim, the action is performed and logged. Figure 18 Read/Update Cloudlet Data 9.3 Application creation The developer starts by searching for an object type that match their needs. If none are found, the developer can create their own. The schemata are embedded into the application in order to be supplied to the cloudlet. When the application is opened, the application subscription is performed. 57

58 Figure 19 Registering Third Party Applications. 9.4 User alter Cloudlet data automated The user, like an application can freely edit their data. In order alter existing objects or define new ones, the user expresses an object or type to the system. The system looks for a suitable schema. If none is found the system creates one and asks for the users validation. If the schema does not match, the user is able to edit it. Once user has identified a suitable object type, they edit or create objects. 58

59 Users should be able to define bookmarks to types they commonly created objects for. Figure 20 Automatic Cloudlet Data Update rd party access data (aggregator) The aggregator is registered with the system via the Aggregator API. Like an application the user will need to agree to the aggregator, which presents its access permissions. Once the user has agreed, the aggregator can be run periodically by the developer. A user is able to opt-out explicitly once they have agreed to participate in an aggregation. All aggregators, like apps are displayed to the user in their dashboard. Once and aggregator is finished, the data is made available to the developer who will only have access to the aggregate. 59

60 Figure 21 Third Party Data Access. 60

61 10 Techniques In this section we outline the techniques that the OPENi development team will utilise when creating the OPENi Platform SCRUM Agile Scrum Development [26] is an iterative software development process tailored to small development teams who meet daily for a Scrum meeting. These teams are focused on the successful iterative development and releases of good working software as outlined by the OPENi project. The tasks within the OPENi project can be split between several contributors at once. Each of these contributors has a team or teams working upon their task that meet on a daily basis to discuss their progress and then have a larger meeting at the end of each iteration, typically two weeks in length, to discuss the overall progress made and plan for the next iteration. The SCRUM process consists of specific roles that aim to keep the levels of productivity up. The Scrum master is responsible for any resolving any issues that may arise to impede the team in their completion of the goals for this iteration. The team, which consists of several members and should be self-organising, is responsible for producing a potentially shippable product as outlined in the goal for the current iteration. Finally the Product owner is the voice of the customer throughout each iteration and must ensure that anything produced should be of value for the stakeholders. This is typically done through the use of prioritised tasks that are recorded in a product backlog to be completed during this iteration or in coming interactions. A project management system can be used to store and process this backlog. Tasks in the backlog can be assigned to team members for them to work upon and they can then mark it as complete or report any issues they may be having. Such a management system would be Redmine [27] Test Driven Development Test driven development is an iterative software development approach focused on very short iterations in which tests are written that define new features or modifications. The test driven development process consists of a number of tasks. The initial step is to define a test case for a desired feature/modification, and then running it to ensure it fails (as expected). Subsequently the developer creates functional code that will pass these new tests. Next the test cases are run again to confirm the latest alterations to the code base are successful in addressing the desired requirement. Functional code is finally refactored in small phases while the tests are repeated alongside this, guaranteeing modifications do not behave unexpectedly. The process is repeated iteratively in cycles. This style compliments the Agile software development methodology and promotes the development of small modular features. Its suitability towards a distributed development team environment is assured through this compartmentalised approach. Developers can operate in parallel on different nuggets of code without interfering with others. As a by-product software tends to be more loosely coupled with better defined interfaces between components. 61

62 Test Driven Development also promotes greater test coverage, which acts as a very basic software quality assurance mechanism. Developers in turn have more confidence in the quality of the software produced and as such team moral may be enhanced. 62

63 11 Conclusions We ve outlined OPENi s primary objectives which are to create a platform that is capable of interoperating with a variety of cloud-based services and will also provide application consumers with a single location to store and control their personal data. The platform will have secure and trustworthy control mechanisms that empower application consumers to remain in control of their data. Based on a detailed analysis of competing services we describe OPENi s position with regard to data privacy, data control, and interoperability with 3 rd party apps and services. We maximise user control by: implementing non-intrusive logging; allowing users purge their data; enabling them port their data to other platforms; giving them control over 3 rd party access to their data through the use of intuitive GUIs; and enabling users realise the monetary value of their data. We describe OPENi s research agenda for the Cloudlet Platform. At a high level our questions can be summarised as follows: How should a scalable, extensible, secure Cloudlet Platform be developed in order to provide the ability to store users data for mobile Apps, social media add-ons, and enterprise level applications?. We also outline the connection between our research questions and the usecases as outline in previous deliverables. We specified in detail the components that comprise the Cloudlet Platform, the software stack, and described how the components and the stack influence the architectural design. We opted to implement the Cloudlet Platform as a distributed application with a worker for each platform component. Adhering to distributed application best practices each worker will have its own internal REST API and will communicate with other workers via a messaging framework. The software stack to implement the Cloudlet Platform includes: ZeroMQ as the distributed application enabling messaging library, node.js as the preferred programming language, CouchDB as the datastore, Mongrel2 as the webserver, nginx as the load balancer, and OpenStack as the cloud platform. Next we outlined the APIs responsible for exposing the cloudlets functionality and are necessary to provide the user centric scalable platform. The APIs include the: Authentication API, Data API, Type API, Auditing API, Notification API, User Management API, and the Platform Management API. Additionally we presented some workflows to illustrate how the cloudlets and the cloudlet platform interact with the API Platform, registry and the mobile device. In OPENi we allow users store any type of data in their Cloudlet. This dynamic data approach makes Cloudlets more appealing to 3 rd party developers; however it makes it difficult to achieve seamless interoperability between applications which is one of OPENi s key goals. To address this interoperability difficulty the OPENi Registry will apply a schema to the data retrospectively through the use of folksonomies. The data model defines the systems capabilities to interact with and manipulate the objects and schemata. The Data API defines the manner in which the user can interact with the objects while the Type API defines the interaction with the schemata (or object types). When describing our data model we outlined the key objective, that the cloudlet must be able to store all possible objects a developer can define. This supports a key research goal of OPENi s which 63

64 is the interoperability between applications and the ability to discover types and data of other applications. We will offer a type model under which developers may define their own types and discover those of others. To support interoperability we take a dynamic approach to data discovery through folksonomies. We describe three main concepts; OPENi types, OPENi objects and the OPENi registry; that underpin the OPENi data model. An OPENi type consists of human readable id and a reference address. The developer suggests a name, description and tags which act as a meta-data guide to the registry. Through the use of JSON-LD OPENi Types can contain semantic links and a syntactic structure allowing the system to automatically link together. This dynamic approach allows OPENi to continuously accept new types of any form and weave them into each other, semantically and syntactically, without the developers expressed intents. Nobody, not even the initial developer is able to alter a provided OPENi Type as long as other developers have applications based on objects of this type. OPENi Objects are composed of one or more OPENi Types; Objects are stored as JSON objects. The context of the object is provided by the types. Objects have an id to uniquely identify them. We outline the objects models abilities and the technical difficulties in realizing it in a scalable manner. The work on the model will continue as part of our efforts in WP4 and in tandem with a study of the technical feasibility. The model focusses on sharing data down to the property level of objects by facilitating an automated object model based on shadowing and duck typing. Lastly, objects will be able to migrate from one compatible type to the next allowing developers extent and alter current types without losing the old data. Developers compile their schemas with the appropriate types into the application. Applications register their required schemata with the Cloudlet Platform. The Platform will store the schemata. In order to allow developers discover schemata, the Cloudlet Platforms pools Cloudlet knowledge and statistics to a common component, the OPENi registry. The registry is a public tracker for the cloudlet supplied types and type statistics. Developers are able to gain a wider view of existing schemata through a searchable index. 64

65 12 Acronyms ACL Access Control List API Application Programming Interface AWS - Amazon Web Services BASE Basically Available Soft-state with Eventual-consistency BSON - Binary JavaScript Object Notation CAP Consistency, Availability and Fault tolerance CLI Command Line Interface CPU Central Processing Unit CS Cloud Storage DA Data Aggregation DOW Description of Work EBS Elastic Beanstalk EC Elastic Compute GB Gigabyte GUI Graphical User Interface HDFS Hadoop Distributed File System HTML Hypertext Markup Language HTTP(S) Hypertext Transfer Protocol (Secure) IP Internet Protocol IRI Internationalised Resource Identifier IT Information Technology JSON(-LD) JavaScript Object Notation (for Linking Data) JVM Java Virtual Machine KB - Kilobyte KVM Kernel-based Virtual Machine LDAP Lightweight Directory Access Protocol LZO Lempel-Ziv-Oberhumer MB Megabyte MQ Messaging Queue MVC Model View Controller OS Operating System PHP PHP Hypertext Preprocessor RAM Random Access Memory RBAC Role Based Access Control RDBMS Relational Database Management System 65

66 REST Representational State Transfer RFC Request For Comments RPC Remote Procedure Calls RQ Research Question RQL Resource Query Language RRDtool Round Robin Database tool RSA Ron Rivest, Adi Shamir and Leonard Adleman algorithm RSS Rich Site Summary SCIM - System for Cross-domain Identity Management SDK Software Development Kit SE Service Enablers SMS Short Messaging Service SP Service Provider SQL Structured Query Language SSO Single Sign On TCP Transmission Control Protocol URI Uniform Resource Identifier URL Uniform Resource Locator VM Virtual Machine VMM Virtual Machine Monitor XDR XML-Data Reduced XML Extensible Markup Langauge ZB - Zetabyte 66

67 13 References [1] CAYOVA Ltd., Cayova, [Online]. Available: [Accessed 2 August 2013]. [2] Amazon Web Services, Inc., Amazon Web Services, Cloud Computing: Compute, Storage, Database, [Online]. Available: [Accessed 2 August 2013]. [3] FreedomBox Foundation, FreedomBox Foundation, [Online]. Available: [Accessed 31 August 2013]. [4] Gigya Inc., Connected Consumer Management Gigya, [Online]. Available: [Accessed 2 August 2013]. [5] Personal, Inc., Personal Your private data vault available on web, iphone and Android, [Online]. Available: [Accessed 2 August 2013]. [6] Mydex, Mydex - Home, [Online]. Available: [Accessed 2 August 2013]. [7] OpenID Foundation, OpenID Foundation website, [Online]. Available: [Accessed 2 August 2013]. [8] OAuth 2.0, OAuth, [Online]. Available: [Accessed 2 August 2013]. [9] imatix Corporation, [Online]. Available: [Accessed 30 July 2013]. [10] A. Dworak, F. Ehm, W. Sliwinski, M. Sobczak and CERN, Middleware Trends and Market Leaders, [Online]. Available: [Accessed 30 Jult 2013]. [11] Mongrel2, The Mongrel2 Web Server Project, [Online]. Available: [Accessed 6 August 2013]. [12] Nginx Inc., The High Performance Reverse Proxy, Load Balancer, Edge Cache, Origin Server NGINX, [Online]. Available: [Accessed 8 August 2013]. [13] Digital Ocean, How To Set Up Nginx Load Balancing, [Online]. Available: [Accessed 8 August 2013]. [14] OpenStack, Companies Supporting The OpenStack Foundation, [Online]. Available: [Accessed 25 July 2013]. [15] OpenStack, [Online]. Available: [Accessed 23 July 2013]. [16] OpsCode, Chef, [Online]. Available: [Accessed 30 July 2013]. 67

68 [17] Ganglia, Ganglia, [Online]. Available: [Accessed 30 July 2013]. [18] Nagios, Nagios, [Online]. Available: [Accessed 30 July 2013]. [19] D. Bosomworth, Mobile Marketing Statistics 2013, 10 June [Online]. Available: [Accessed 8 August 2013]. [20] J. Rende, Native vs. HTML5 looked at objectively, the debate is over, 12 April [Online]. Available: looked-at-objectively-the-debate-is-over. [Accessed 8 August 2013]. [21] Appcelerator Inc., Native vs. HTML5: Mobile App Development, [Online]. Available: [Accessed 8 August 2013]. [22] The jquery Foundation, [Online]. Available: [Accessed 9 August 2013]. [23] Appcelerator Ltd., Titanium Mobile Development Environment, [Online]. Available: [Accessed 9 August 2013]. [24] Xui, xui, [Online]. Available: [Accessed 9 August 2013]. [25] OpenID Foundation, Connect OpenID, [Online]. Available: [Accessed 2 August 2013]. [26] J. Sutherland, Agile Development: Lessons learned from the first Scrum, October [Online]. Available: [Accessed 4 November 2012]. [27] J.-P. Lang, Redmine, [Online]. Available: [Accessed 9 August 2013]. [28] P. Williams, 2013 Trends in NoSQL, 10 January [Online]. Available: [Accessed 2 August 2013]. [29] B. Proffitt, FoundationDB's NoSQL Breakthrough Challenges Relational Database Dominance, 8 March [Online]. Available: [Accessed 6 August 2013]. [30] S. Gilbert and N. Lynch, Brewer s Conjecture and the Feasibility of Consistent, Available, Partition-Tolerant Web Services, [Online]. Available: [Accessed 6 August 2013]. [31] International Data Corporation, The Digital Universe Decade Are you ready?, [Online]. Available: [Accessed 21 July 2013]. 68

69 [32] B. E., Towards Robust Distributed Systems, [Online]. Available: [Accessed 22 July 2013]. [33] S. Gilbert and N. Lynch, Brewer's Conjecture and the Feasibility of Consistent, Available, Partition Tolerant Web Services', ACM SIGACT News, vol. 33, pp , July [34] F. Dabek and D. Peng, Large-scale incremental processing using distributed transactions and notifications, [Online]. Available: [Accessed 22 July 2013]. [35] C. a. T. B. Bucur, A comparison between several NoSQL databases with comments and notes, Reodunet International Conference, pp. 1-5, June [36] Apache Software Foundation, Accumulo, [Online]. Available: [Accessed 22 July 2013]. [37] Google Inc., Snappy, [Online]. Available: [Accessed 22 July 2013]. [38] J. a. W. G. Tang, The NoSQL Principles and Basic Application of Cassandra Model, International Conference on Computer Science and Service System, Nangjing, China, [39] J. G.-O. N. G. Y. G. E. a. O. L. Abramov, Security Issues in NoSQL Databases, IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Changsha, China, [40] R. Rivest, The MD5 message-digest algorithm. RFC 1321, MIT Laboratory for Computer Science and RSA Data Security, [Online]. Available: [Accessed 22 July 2013]. [41] S. G. S. R. S. Alagumalai, Comparison of Cloud Database: Amazon's SimpleDB and Google's BigTable, in International Conference on Recent Trends in Information Systems, Kolkata, India, [42] M. N. Vora, Hadoop-HBase for Large-Scale Data, in International Conference on Computer Science and Network Technology, Harbin, China, [43] 10gen Inc., MongoDB, [Online]. Available: [Accessed 23 July 2013]. [44] Amazon Web Services, What is Cloud Computing?, [Online]. Available: [Accessed 6 August 2013]. [45] Bright Pattern, Separation of Responsibility, [Online]. Available: [Accessed 07 August 2013]. [46] CloudSpaces, WELCOME TO CLOUDSPACES, [Online]. Available: 69

70 [Accessed 23 July 2013]. [47] CloudSpaces, Open Service Platform for the Next Generation of Personal Clouds, 31 December [Online]. Available: LOUDSPACESD Public.pdf. [Accessed 25 July 2013]. [48] Eucalyptus Systems Inc., Build AWS-compatible Private Clouds with Eucalyptus, [Online]. Available: [Accessed 23 July 2013]. [49] mosaic, mosaic Cloud, [Online]. Available: [Accessed 23 July 2013]. [50] University of Chicago, Nimbus, [Online]. Available: [Accessed 23 July 2013]. [51] OpenNebula, OpenNebula, [Online]. Available: [Accessed 24 July 2013]. [52] Cloud Foundry, [Online]. Available: [Accessed 25 July 2013]. [53] M. Norman, VMware s CloudFoundry and Red Hat s OpenShift Compare and Contrast, 9 May [Online]. Available: [Accessed 25 July 2013]. [54] DotCloud, dotcloud, [Online]. Available: [Accessed 25 July 2013]. [55] dotcloud, About Docker, [Online]. Available: [Accessed 25 July 2013]. [56] Heroku, Dynos, [Online]. Available: [Accessed 25 July 2013]. [57] Red Hat Inc., [Online]. Available: [Accessed 26 July 2013]. [58] C. Mayer, 1 May [Online]. Available: [Accessed 25 July 2013]. [59] ActiveState, Private PaaS for the Agile Enterprise, [Online]. Available: [Accessed 25 July 2013]. [60] N. Aune, PaaS bakeoff: Comparing Stackato, OpenShift, Dotcloud and Heroku for Django hosting and deployment, November [Online]. Available: [Accessed 25 July 2013]. [61] Puppet Labs, [Online]. Available: [Accessed 30 July 2013]. 70

71 [62] Apple Inc., Apple - ios 6, [Online]. Available: [Accessed 2 August 2013]. [63] Google Inc., Android, [Online]. Available: [Accessed 2 August 2013]. [64] Personal Inc., Personal for ios, [Online]. Available: [Accessed 2 August 2013]. [65] Person Inc., Personal - Android Apps on Google Play, [Online]. Available: [Accessed 2 August 2013]. [66] GoPivotal, Inc., Spring Framework, [Online]. Available: [Accessed 8 August 2013]. [67] Express, Express - node.js web application framework, [Online]. Available: [Accessed 8 August 2013]. [68] Geddy, Geddy The original MVC Web framework for Node, [Online]. Available: [Accessed 8 August 2013]. [69] Vert.x, Vert.x, [Online]. Available: [Accessed 8 August 2013]. [70] I. Sommerville, Software Engineering, Ninth Edition, Boston: Addison-Wesley Professional, [71] N. B. Ruparelia, Software Development Lifecycle Models, ACM SIGSOFT Software Engineering Notes, vol. 35, no. 3, May [72] W. W. Royce, MANAGING THE DEVELOPMENT OF LARGE SOFTWARE SYSTEMS, [Online]. Available: yce.pdf. [Accessed 3 November 2012]. [73] M. Norman, VMware s CloudFoundry and Red Hat s OpenShift Compare and Contrast, [Online]. Available: [74] R. Misra and M. McKean, COLLEGE STUDENTS' ACADEMIC STRESS AND ITS RELATION TO THEIR ANXIETY, TIME MANAGEMENT, AND LEISURE SATISFACTION., American Journal of Health Studies, vol. 16, no. 1, [75] J. Martin, Rapid Application Development, Indianapolis: Macmillan Publishing Co, [76] C. H. Lay and H. C. Schouwenburg, Trait procrastination, time management, and academic behavior., Journal of Social Behavior & Personality, vol. 8, pp ,

72 [77] C. A. Kent Beck, Extreme Programming Explained: Embrace Change, Addison-Wesley Professional, [78] J. Hanson, Passport, [Online]. Available: [Accessed 7 August 2013]. [79] R. Frey, File:MVC-Process.png, May [Online]. Available: [Accessed 30 November 2012]. [80] DonWells, File:XP-feedback.gif, 1 March [Online]. Available: [Accessed 29 November 2012]. [81] A. Cockburn, Crystal methodologies, 6 June [Online]. Available: [Accessed 16 November 2012]. [82] B. K. Britton and A. Tesser, Effects of time-management practices on college grades., Journal of Educational Psychology, vol. 83, pp , [83] B. W. Boehm, A spiral model of software development and enhancement, ACM SIGSOFT Software Engineering Notes Volume 11, pp , August [84] DocForge, Web application framework, 6 January [Online]. Available: [Accessed 7 August 2013]. [85] Red Hat, Inc., OpenShift is Open Source, [Online]. Available: [Accessed 14 August 2013]. [86] Jade - Template Engine, Node Template Engine, [Online]. Available: [Accessed 7 August 2013]. [87] Mongrel2, Mongrel2 Manual, [Online]. Available: [Accessed 6 August 2013]. [88] Logic-less templates, [Online]. Available: [Accessed 7 August 2013]. [89] Heroku Inc, Heroku, [Online]. Available: [Accessed 14 August 2013]. [90] handlebars, Handlebars, [Online]. Available: [Accessed 7 August 2013]. [91] Express, Express API, [Online]. Available: [Accessed 12 August 2013]. [92] Jupiter Consulting, Embedded JavaScript, [Online]. Available: [Accessed 7 August 2013]. [93] Spring, [Online]. Available: [Accessed 31 July 2013]. 72

73 [94] CrossCloud, [Online]. Available: [Accessed 25 July 2013]. [95] Apache Software Foundation, [Online]. Available: [Accessed 14 August 2013]. [96] Apache Software Foundation, [Online]. Available: [Accessed 14 August 2013]. [97] Apache Software Foundation, [Online]. Available: [Accessed 14 August 2013]. [98] MIT, [Online]. Available: [Accessed 14 August 2013]. [99] Basho Technologies, Inc., [Online]. Available: [Accessed 14 August 2013]. 73

74 14 Appendix I Object type hash algorithm: The schema attributes are ordered lexicographically. White spaces are removed and the schema is hashed (sha2 or sha3). The hash, a Hyphen-minus (0x2D) and the length of the ordered and cleaned schema are concatenated. Alternative object type: type/afb5e73f7079d9ce805381a380bbf7e5 :{ openi : // namespace givenname : openi:type/string // attribute: type pairs familyname : openi:type/string : [ openi:type, ] // static type declaration + : openi:type/afb5e73f7079d9ce805381a380bbf7e5, // Person, type id $name : Person, //human readable name $description : A human being., // description $tags : [ person, human ], //tags } type/acbd a4d8 :{ openi : address : : openi:type/acbd a4d8/address // nested street : openi:type/1ffd 2f11, // Include Street type named zip : openi:int } : openi:type/acbd a4d8, // Address, type id } type/1b34e73f7079d9ce805381a380bb7a68 :{ openi : 74

75 birthday : : openi: type/1b34e73f7079d9ce805381a380bb7a68/birthday // : openi:type/1ffd 2f11 // Include a Date type (year, month, day) directly time : openi:type/string // add time } } : openi:type/37b5 51f2, // Birthday, type id Example 3 The type approached outlined here is based on JSON-LD. The schemata itself are JSON-LD objects which provide a context for the objects. The attributes are declared in the context with a possibility to reference external schemata to compose a type through other types. It is not yet decided how OPENi will present types (schemata). type/afb5e73f7079d9ce805381a380bbf7e5 { : // type : [ type, ] // static type declaration + : type/afb5e73f7079d9ce805381a380bbf7e5, // Person, type id $name : Person, //human readable name $description : A human being., // description $tags : [ person, human ], //tags givenname : string, // attribute: type pairs familyname : string type/acbd a4d8 { : type/acbd a4d8, // Address, type id, address : { } street : : d9ce805381a380bb7a68 }, // Include Street zip : int type/1b34e73f7079d9ce805381a380bb7a68 : type/37b5 51f2, // Birthday, id, 75

76 birthday : { : 1b34e73f7079d9ce805381a380bb7a68, // Include a Date directly time : string // add time } } Example 4 The type approached outlined here is influenced by JSON-LD, JSON-Schema and JSchemata. The schemata itself are JSON-LD objects. The attributes are declared similarly to JSchema with a possibility to reference external schemata to compose a type through other types. It is not yet decided how OPENi will present types (schemata). 76

77 15 Appendix II: Data Storage The proliferation of cloud based services has led to a seismic shift in data storage techniques and has driven the requirement for distributed data storage that is highly available and scalable. Organisations with dependencies on the performance of their data storage are moving away from traditional relational databases to NoSQL (Not only SQL) deployments [28]. The limitations of relational databases that are ACID (Atomic, Consistent, Isolated, and Durable) compliant have become more apparent in modern data intensive environments. Relational databases make keys performance choices to preserve the consistency of data, while NoSQL seeks to provide better performance and size often at a cost of consistency [29] [30]. It is predicted that between 2010 and 2020 all digital data created or replicated will grow 44 fold each year to 35 Zetabytes (ZB) [31] Relational Vs. NoSQL Relational and NoSQL databases represent two ideologies to data storage. Relational databases through their ACID properties typically focus on the consistency of the data as a priority. NoSQL databases have emerged in recent years to provide performance to data driven globally distributed services. Inevitably data partitioning has followed to allow horizontal scalability. The CAP (Consistency, Availability, Partition Tolerance) theorem [32], submitted by Eric Brewer, hypothesises that a distributed application can only attain two of the three attributes at the same time [33]. According to the CAP theorem partition tolerant distributed databases then have to make a design choice and make a trade-off between availability and consistency. The BASE (Basically available, soft state, eventually consistent) model was a product of CAP which states that stale data is acceptable and consistency is achieved eventually. 77

78 Figure 22 CAP theorem with real world examples. Figure 1 shows that relational databases have typically fallen short when dealing with partitioning and horizontally scaling across multiple distributed nodes. Typically scalability is addressed with relational databases through scaling up (improving quality of hardware) as opposed to out (increasing the quantity of hardware). Also notice there are NoSQL solutions that will provide the consistency associated with RDBMS (e.g. HBase). Solutions exist that bolt on ACID properties to NoSQL systems (e.g. Percolator for Big Table) [34]. Traditional relational databases tend to incur a large overhead as typically they scale vertically and require specialist hardware to achieve better performances. NoSQL solutions however achieve the same capacity and performance by scaling horizontally through much larger numbers of cheaper commodity hardware. Finally in contrast to relational databases, NoSQL systems tend to be more efficient dealing with unstructured data, have little or no support for security mechanisms and provide simple data models with the intention of gaining in performance and scalability. Both relational and NoSQL have their preferred areas of operation. A RDBMS is best deployed in an environment with very small and frequent read/writes or with large batch transactions with few write transactions, while NoSQL triumphs where there is a heavy read/write workload [35]. 78

ICT-2011.1.2 Cloud Computing, Internet of Services & Advanced Software Engineering, FP7-ICT-2011-8

ICT-2011.1.2 Cloud Computing, Internet of Services & Advanced Software Engineering, FP7-ICT-2011-8 ICT-2011.1.2 Cloud Computing, Internet of Services & Advanced Software Engineering, FP7-ICT-2011-8 Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal

More information

PRIVACY AWARE ACCESS CONTROL FOR CLOUD-BASED DATA PLATFORMS

PRIVACY AWARE ACCESS CONTROL FOR CLOUD-BASED DATA PLATFORMS www.openi-ict.eu Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets PRIVACY AWARE ACCESS CONTROL FOR CLOUD-BASED DATA PLATFORMS Open-Source,

More information

Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets

Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets ICT-2011.1.2 Cloud Computing, Internet of Services & Advanced Software Engineering, FP7-ICT-2011-8 Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal

More information

ICT-2011.1.2 Cloud Computing, Internet of Services & Advanced Software. Engineering, FP7-ICT-2011-8. WP1 Coordination and Management

ICT-2011.1.2 Cloud Computing, Internet of Services & Advanced Software. Engineering, FP7-ICT-2011-8. WP1 Coordination and Management ICT-2011.1.2 Cloud Computing, Internet of Services & Advanced Software Engineering, FP7-ICT-2011-8 Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal

More information

Optimizing Service Levels in Public Cloud Deployments

Optimizing Service Levels in Public Cloud Deployments WHITE PAPER OCTOBER 2014 Optimizing Service Levels in Public Cloud Deployments Keys to Effective Service Management 2 WHITE PAPER: OPTIMIZING SERVICE LEVELS IN PUBLIC CLOUD DEPLOYMENTS ca.com Table of

More information

Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets

Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets ICT-2011.1.2 Cloud Computing, Internet of Services & Advanced Software Engineering, FP7-ICT-2011-8 Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal

More information

Security Considerations for Public Mobile Cloud Computing

Security Considerations for Public Mobile Cloud Computing Security Considerations for Public Mobile Cloud Computing Ronnie D. Caytiles 1 and Sunguk Lee 2* 1 Society of Science and Engineering Research Support, Korea rdcaytiles@gmail.com 2 Research Institute of

More information

SHARPCLOUD SECURITY STATEMENT

SHARPCLOUD SECURITY STATEMENT SHARPCLOUD SECURITY STATEMENT Summary Provides details of the SharpCloud Security Architecture Authors: Russell Johnson and Andrew Sinclair v1.8 (December 2014) Contents Overview... 2 1. The SharpCloud

More information

Project acronym: Open Source software usage by European Public Administrations

Project acronym: Open Source software usage by European Public Administrations Project acronym: OSEPA Project name: Open Source software usage by European Public Administrations Project code: INTERREG IVC, 0918R2 Document Information: Document title: Interim synthesis assessment

More information

Collaborative Open Market to Place Objects at your Service

Collaborative Open Market to Place Objects at your Service Collaborative Open Market to Place Objects at your Service D6.2.1 Developer SDK First Version D6.2.2 Developer IDE First Version D6.3.1 Cross-platform GUI for end-user Fist Version Project Acronym Project

More information

owncloud Architecture Overview

owncloud Architecture Overview owncloud Architecture Overview owncloud, Inc. 57 Bedford Street, Suite 102 Lexington, MA 02420 United States phone: +1 (877) 394-2030 www.owncloud.com/contact owncloud GmbH Schloßäckerstraße 26a 90443

More information

API Architecture. for the Data Interoperability at OSU initiative

API Architecture. for the Data Interoperability at OSU initiative API Architecture for the Data Interoperability at OSU initiative Introduction Principles and Standards OSU s current approach to data interoperability consists of low level access and custom data models

More information

CLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service

CLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service CLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service Open Data Center Alliance, Inc. 3855 SW 153 rd Dr. Beaverton, OR 97003 USA Phone +1 503-619-2368 Fax: +1 503-644-6708 Email:

More information

Queensland recordkeeping metadata standard and guideline

Queensland recordkeeping metadata standard and guideline Queensland recordkeeping metadata standard and guideline June 2012 Version 1.1 Queensland State Archives Department of Science, Information Technology, Innovation and the Arts Document details Security

More information

THE ENTERPRISE INTERNET OF THINGS PLATFORM 2015 FEATURES GUIDE

THE ENTERPRISE INTERNET OF THINGS PLATFORM 2015 FEATURES GUIDE THE ENTERPRISE INTERNET OF THINGS PLATFORM 2015 FEATURES GUIDE OVERVIEW FOCUS ON THE ENTERPRISE CUSTOMER ZATAR is a cloud-based Internet of Things platform. It makes it easy to use Internet-connected devices

More information

Data Protection Act 1998. Guidance on the use of cloud computing

Data Protection Act 1998. Guidance on the use of cloud computing Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered

More information

Middleware- Driven Mobile Applications

Middleware- Driven Mobile Applications Middleware- Driven Mobile Applications A motwin White Paper When Launching New Mobile Services, Middleware Offers the Fastest, Most Flexible Development Path for Sophisticated Apps 1 Executive Summary

More information

At Cambrian, Your Privacy is Our Priority. Regardless of how you deal with us on the phone, online, or in person we have strict security measures

At Cambrian, Your Privacy is Our Priority. Regardless of how you deal with us on the phone, online, or in person we have strict security measures Privacy Policy At Cambrian, Your Privacy is Our Priority At Cambrian Credit Union, we know our members are concerned about the confidentiality and security of their personal information. This Policy ensures

More information

Se i o Pricing Document

Se i o Pricing Document Se i o Pricing Document This document details pricing structures and policies for ServiceNow. It includes information on the ServiceNow pricing model for standard packages as well as all options and add---ons.

More information

Sage Integration Cloud Technology Whitepaper

Sage Integration Cloud Technology Whitepaper Sage Integration Cloud Technology Whitepaper Sage Christian Rubach July 21, 2016 Abstract Sage is committed to providing businesses around the world the information, insight and tools they need to succeed.

More information

ESOMAR PRACTICAL GUIDE ON COOKIES JULY 2012

ESOMAR PRACTICAL GUIDE ON COOKIES JULY 2012 ESOMAR PRACTICAL GUIDE ON COOKIES JULY 2012 Copyright ESOMAR 2012 TABLE OF CONTENTS 2 Objectives 2 Introduction 3 Definitions 4 SECTION 1: APPLICABLE LAW 4 SECTION 2: WHAT YOU NEED TO KNOW SOME FAQs 5

More information

What We Do: Simplify Enterprise Mobility

What We Do: Simplify Enterprise Mobility What We Do: Simplify Enterprise Mobility AirWatch by VMware is the global leader in enterprise-grade mobility solutions across every device, every operating system and every mobile deployment. Our scalable

More information

Service Definition Document

Service Definition Document Service Definition Document QinetiQ Secure Cloud Protective Monitoring Service (AWARE) QinetiQ Secure Cloud Protective Monitoring Service (DETER) Secure Multi-Tenant Protective Monitoring Service (AWARE)

More information

IFS-8000 V2.0 INFORMATION FUSION SYSTEM

IFS-8000 V2.0 INFORMATION FUSION SYSTEM IFS-8000 V2.0 INFORMATION FUSION SYSTEM IFS-8000 V2.0 Overview IFS-8000 v2.0 is a flexible, scalable and modular IT system to support the processes of aggregation of information from intercepts to intelligence

More information

Unless otherwise stated, our SaaS Products and our Downloadable Products are treated the same for the purposes of this document.

Unless otherwise stated, our SaaS Products and our Downloadable Products are treated the same for the purposes of this document. Privacy Policy This Privacy Policy explains what information Fundwave Pte Ltd and its related entities ("Fundwave") collect about you and why, what we do with that information, how we share it, and how

More information

People-Focused Access Management. Software Consulting Support Services

People-Focused Access Management. Software Consulting Support Services People-Focused Access Management Software Consulting Support Services A beautiful experience. Anytime, anywhere. Access: One is an industry-leading Access Management platform that provides you with versatile

More information

How to select the right Marketing Cloud Edition

How to select the right Marketing Cloud Edition How to select the right Marketing Cloud Edition Email, Mobile & Web Studios ith Salesforce Marketing Cloud, marketers have one platform to manage 1-to-1 customer journeys through the entire customer lifecycle

More information

CompatibleOne Open Source Cloud Broker Architecture Overview

CompatibleOne Open Source Cloud Broker Architecture Overview CompatibleOne Open Source Cloud Broker Architecture Overview WHITE PAPER April 2012 Table of Contents Abstract 2 Background 2 Disclaimer 2 Introduction 3 Section A: CompatibleOne: Open Standards and Open

More information

ICG PRIVACY POLICY. Developed in compliance with applicable privacy legislation in each relevant ICG operational jurisdiction

ICG PRIVACY POLICY. Developed in compliance with applicable privacy legislation in each relevant ICG operational jurisdiction ICG PRIVACY POLICY Developed in compliance with applicable privacy legislation in each relevant ICG operational jurisdiction Version 1.3, updated 5th May 2014 "Protecting the personal privacy interests

More information

DARTFISH PRIVACY POLICY

DARTFISH PRIVACY POLICY OUR COMMITMENT TO PRIVACY DARTFISH PRIVACY POLICY Our Privacy Policy was developed as an extension of our commitment to combine the highestquality products and services with the highest level of integrity

More information

Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence

Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence White Paper Vodafone Global Enterprise 3 The Apple iphone has become a catalyst for changing the way both users

More information

DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing WHAT IS CLOUD COMPUTING? 2

DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing WHAT IS CLOUD COMPUTING? 2 DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing Slide 1 Slide 3 A style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet.

More information

WHITE PAPER: STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT

WHITE PAPER: STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT WHITE PAPER: STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT IntelliDyne, LLC MARCH 2012 STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT

More information

1.1.1 Introduction to Cloud Computing

1.1.1 Introduction to Cloud Computing 1 CHAPTER 1 INTRODUCTION 1.1 CLOUD COMPUTING 1.1.1 Introduction to Cloud Computing Computing as a service has seen a phenomenal growth in recent years. The primary motivation for this growth has been the

More information

Cloud Computing: Computing as a Service. Prof. Daivashala Deshmukh Maharashtra Institute of Technology, Aurangabad

Cloud Computing: Computing as a Service. Prof. Daivashala Deshmukh Maharashtra Institute of Technology, Aurangabad Cloud Computing: Computing as a Service Prof. Daivashala Deshmukh Maharashtra Institute of Technology, Aurangabad Abstract: Computing as a utility. is a dream that dates from the beginning from the computer

More information

GigaSpaces Real-Time Analytics for Big Data

GigaSpaces Real-Time Analytics for Big Data GigaSpaces Real-Time Analytics for Big Data GigaSpaces makes it easy to build and deploy large-scale real-time analytics systems Rapidly increasing use of large-scale and location-aware social media and

More information

CLOUD STORAGE USING HADOOP AND PLAY

CLOUD STORAGE USING HADOOP AND PLAY 27 CLOUD STORAGE USING HADOOP AND PLAY Devateja G 1, Kashyap P V B 2, Suraj C 3, Harshavardhan C 4, Impana Appaji 5 1234 Computer Science & Engineering, Academy for Technical and Management Excellence

More information

Corporate Bill Analyzer

Corporate Bill Analyzer Corporate Bill Analyzer Product Description V 3.1 Contents Contents Introduction Platform Overview Core features Bill/Invoice presentment Corporate hierarchy support Billing Account hierarchy support Call

More information

IT Operations Management: A Service Delivery Primer

IT Operations Management: A Service Delivery Primer IT Operations Management: A Service Delivery Primer Agile Service Delivery Creates Business Value Today, IT has to innovate at an ever- increasing pace to meet accelerating business demands. Rapid service

More information

Media Shuttle s Defense-in- Depth Security Strategy

Media Shuttle s Defense-in- Depth Security Strategy Media Shuttle s Defense-in- Depth Security Strategy Introduction When you are in the midst of the creative flow and tedious editorial process of a big project, the security of your files as they pass among

More information

Overview. The Cloud. Characteristics and usage of the cloud Realities and risks of the cloud

Overview. The Cloud. Characteristics and usage of the cloud Realities and risks of the cloud Overview The purpose of this paper is to introduce the reader to the basics of cloud computing or the cloud with the aim of introducing the following aspects: Characteristics and usage of the cloud Realities

More information

The Scottish Wide Area Network Programme

The Scottish Wide Area Network Programme The Scottish Wide Area Network Release: Issued Version: 1.0 Date: 16/03/2015 Author: Andy Williamson Manager Owner: Anne Moises SRO Client: Board Version: Issued 1.0 Page 1 of 8 16/04/2015 Document Location

More information

Security Architecture Whitepaper

Security Architecture Whitepaper Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer

More information

Digital Marketplace - G-Cloud

Digital Marketplace - G-Cloud Digital Marketplace - G-Cloud SharePoint Services Core offer 22 services in this area: 1. SharePoint Forms SharePoint comes with out-of-the-box web-based forms that allow for data to be captured for your

More information

SOLITEC products or services for which a separate privacy policy is provided.

SOLITEC products or services for which a separate privacy policy is provided. 1 of 9 Privacy Policy This Privacy Policy explains what information SOLITEC Software Solutions GesmbH and its related entities ( SOLITEC ) collect about you and why, what we do with that information, how

More information

NCTA Cloud Operations

NCTA Cloud Operations NCTA Cloud Operations 093018 Lesson 1: Cloud Operations Topic A: Overview of Cloud Computing Solutions Identify the core concepts of cloud computing. Operations Terminology Identify the terminology used

More information

Online Data Services. Security Guidelines. Online Data Services by Esri UK. Security Best Practice

Online Data Services. Security Guidelines. Online Data Services by Esri UK. Security Best Practice Online Data Services Security Guidelines Online Data Services by Esri UK Security Best Practice 28 November 2014 Contents Contents... 1 1. Introduction... 2 2. Data Service Accounts, Security and Fair

More information

ITP 342 Mobile App Development. APIs

ITP 342 Mobile App Development. APIs ITP 342 Mobile App Development APIs API Application Programming Interface (API) A specification intended to be used as an interface by software components to communicate with each other An API is usually

More information

OPEN INNOVATION IN THE MOBILE APP ECOSYSTEM: OPENI PERSPECTIVE ON APIS & SOCIAL WEB

OPEN INNOVATION IN THE MOBILE APP ECOSYSTEM: OPENI PERSPECTIVE ON APIS & SOCIAL WEB www.openi-ict.eu Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets OPEN INNOVATION IN THE MOBILE APP ECOSYSTEM: OPENI PERSPECTIVE ON APIS

More information

IaaS Federation. Contrail project. IaaS Federation! Objectives and Challenges! & SLA management in Federations 5/23/11

IaaS Federation. Contrail project. IaaS Federation! Objectives and Challenges! & SLA management in Federations 5/23/11 Cloud Computing (IV) s and SPD Course 19-20/05/2011 Massimo Coppola IaaS! Objectives and Challenges! & management in s Adapted from two presentations! by Massimo Coppola (CNR) and Lorenzo Blasi (HP) Italy)!

More information

CloudCenter Full Lifecycle Management. An application-defined approach to deploying and managing applications in any datacenter or cloud environment

CloudCenter Full Lifecycle Management. An application-defined approach to deploying and managing applications in any datacenter or cloud environment CloudCenter Full Lifecycle Management An application-defined approach to deploying and managing applications in any datacenter or cloud environment CloudCenter Full Lifecycle Management Page 2 Table of

More information

Content Protection in Silverlight. Microsoft Corporation

Content Protection in Silverlight. Microsoft Corporation Content Protection in Silverlight Microsoft Corporation April 2010 Contents Contents...2 Introduction...3 What is Content Protection?... 3 Why Should You Protect Online Content?... 3 Techniques for Protecting

More information

Tutto quello che c è da sapere su Azure App Service

Tutto quello che c è da sapere su Azure App Service presenta Tutto quello che c è da sapere su Azure App Service Jessica Tibaldi Technical Evangelist Microsoft Azure & Startups jetiba@microsoft.com @_jetiba www.wpc2015.it info@wpc2015.it - +39 02 365738.11

More information

The Recipe for Sarbanes-Oxley Compliance using Microsoft s SharePoint 2010 platform

The Recipe for Sarbanes-Oxley Compliance using Microsoft s SharePoint 2010 platform The Recipe for Sarbanes-Oxley Compliance using Microsoft s SharePoint 2010 platform Technical Discussion David Churchill CEO DraftPoint Inc. The information contained in this document represents the current

More information

AppStack Technology Overview Model-Driven Application Management for the Cloud

AppStack Technology Overview Model-Driven Application Management for the Cloud AppStack Technology Overview Model-Driven Application Management for the Cloud Accelerating Application Time-to-Market The last several years have seen a rapid adoption for public and private cloud infrastructure

More information

Manjrasoft Market Oriented Cloud Computing Platform

Manjrasoft Market Oriented Cloud Computing Platform Manjrasoft Market Oriented Cloud Computing Platform Innovative Solutions for 3D Rendering Aneka is a market oriented Cloud development and management platform with rapid application development and workload

More information

Position Paper: OPENi Future of a Consumer-centric Cloud-based Application Platform

Position Paper: OPENi Future of a Consumer-centric Cloud-based Application Platform Position Paper: OPENi Future of a Consumer-centric Cloud-based Application Platform Robert Kleinfeld and Lukasz Radziwonowicz Fraunhofer FOKUS Berlin, Germany {robert.kleinfeld, lukasz.radziwonowicz} @fokus.fraunhofer.de

More information

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing

More information

Web Application Hosting Cloud Architecture

Web Application Hosting Cloud Architecture Web Application Hosting Cloud Architecture Executive Overview This paper describes vendor neutral best practices for hosting web applications using cloud computing. The architectural elements described

More information

Choosing Encryption for Microsoft SQL Server

Choosing Encryption for Microsoft SQL Server Choosing Encryption for Microsoft SQL Server www.securityfirstcorp.com 29811 Santa Margarita Pkwy Rancho Santa Margarita, CA 92688 888-884-7152 CONTENTS Database Security Issues 3 Balancing Database Security

More information

From Traditional Functional Testing to Enabling Continuous Quality in Mobile App Development

From Traditional Functional Testing to Enabling Continuous Quality in Mobile App Development From Traditional Functional Testing to Enabling Continuous Quality in Mobile App Development Introduction Today s developers are under constant pressure to launch killer apps and release enhancements as

More information

OpenText Information Hub (ihub) 3.1 and 3.1.1

OpenText Information Hub (ihub) 3.1 and 3.1.1 OpenText Information Hub (ihub) 3.1 and 3.1.1 OpenText Information Hub (ihub) 3.1.1 meets the growing demand for analytics-powered applications that deliver data and empower employees and customers to

More information

Migrating Lotus Notes Applications to Google Apps

Migrating Lotus Notes Applications to Google Apps Migrating Lotus Notes Applications to Google Apps Introduction.................................................... 3 Assessment..................................................... 3 Usage.........................................................

More information

Use Cases for Argonaut Project. Version 1.1

Use Cases for Argonaut Project. Version 1.1 Page 1 Use Cases for Argonaut Project Version 1.1 July 31, 2015 Page 2 Revision History Date Version Number Summary of Changes 7/31/15 V 1.1 Modifications to use case 5, responsive to needs for clarification

More information

CRM Phase 3 Development, support and maintenance - Questions and Answers

CRM Phase 3 Development, support and maintenance - Questions and Answers No. Question Answer 1. 2. 3. 4. 5. 6. 7. Are we able to discuss the requirements of this tender with the UKCES prior to submitting our proposal? Can we be placed on a list to be notified of future opportunities

More information

Ubuntu Cloud. Kyle MacDonald Canonical. @KyleMacDonald

Ubuntu Cloud. Kyle MacDonald Canonical. @KyleMacDonald Ubuntu Cloud Kyle MacDonald Canonical @KyleMacDonald What is the Cloud? The Landscape IaaS - Amazon EC2, Rackspace Cloud PaaS - Force.com, CloudFoundry, OpenShift, Heroku SaaS: SalesForce, Zoho, Google

More information

Concurrent Technologies Corporation (CTC) is an independent, nonprofit, applied scientific research and development professional services

Concurrent Technologies Corporation (CTC) is an independent, nonprofit, applied scientific research and development professional services Concurrent Technologies Corporation (CTC) is an independent, nonprofit, applied scientific research and development professional services organization providing innovative management and technology-based

More information

Adobe Digital Publishing Security FAQ

Adobe Digital Publishing Security FAQ Adobe Digital Publishing Suite Security FAQ Adobe Digital Publishing Security FAQ Table of contents DPS Security Overview Network Service Topology Folio ProducerService Network Diagram Fulfillment Server

More information

Mobilebits Inc. Privacy Policy

Mobilebits Inc. Privacy Policy Mobilebits Inc. Privacy Policy Notice: We have updated our Privacy Policy as of February 1, 2016 Protection of your privacy is of the utmost importance to the Mobilebits Inc. ( MI, us, or we ). Please

More information

Service Management Simplified

Service Management Simplified Service Management Simplified TOPdesk develops, markets, implements and supports software which helps organisations to efficiently manage the services they provide. Our vision is to create a user-friendly

More information

Analytics March 2015 White paper. Why NoSQL? Your database options in the new non-relational world

Analytics March 2015 White paper. Why NoSQL? Your database options in the new non-relational world Analytics March 2015 White paper Why NoSQL? Your database options in the new non-relational world 2 Why NoSQL? Contents 2 New types of apps are generating new types of data 2 A brief history of NoSQL 3

More information

Mobile Application Platform

Mobile Application Platform Mobile Application Platform from FeedHenry Next generation cloud-based solution that simplifies the development, deployment and management of mobile apps for enterprise. Develop native, hybrid and HTML5

More information

Object Storage: A Growing Opportunity for Service Providers. White Paper. Prepared for: 2012 Neovise, LLC. All Rights Reserved.

Object Storage: A Growing Opportunity for Service Providers. White Paper. Prepared for: 2012 Neovise, LLC. All Rights Reserved. Object Storage: A Growing Opportunity for Service Providers Prepared for: White Paper 2012 Neovise, LLC. All Rights Reserved. Introduction For service providers, the rise of cloud computing is both a threat

More information

Opinion 04/2012 on Cookie Consent Exemption

Opinion 04/2012 on Cookie Consent Exemption ARTICLE 29 DATA PROTECTION WORKING PARTY 00879/12/EN WP 194 Opinion 04/2012 on Cookie Consent Exemption Adopted on 7 June 2012 This Working Party was set up under Article 29 of Directive 95/46/EC. It is

More information

PROPOSAL To Develop an Enterprise Scale Disease Modeling Web Portal For Ascel Bio Updated March 2015

PROPOSAL To Develop an Enterprise Scale Disease Modeling Web Portal For Ascel Bio Updated March 2015 Enterprise Scale Disease Modeling Web Portal PROPOSAL To Develop an Enterprise Scale Disease Modeling Web Portal For Ascel Bio Updated March 2015 i Last Updated: 5/8/2015 4:13 PM3/5/2015 10:00 AM Enterprise

More information

owncloud Architecture Overview

owncloud Architecture Overview owncloud Architecture Overview Time to get control back Employees are using cloud-based services to share sensitive company data with vendors, customers, partners and each other. They are syncing data

More information

Integrated Billing Solutions with HP CSA 4.00

Integrated Billing Solutions with HP CSA 4.00 Technical white paper Integrated Billing Solutions with HP CSA 4.00 Table of Contents Introduction... 2 Part 1. HP CSA Concepts... 2 Part 2. Billable Service Conditions... 4 Part 3. Billable Intervals...

More information

BIG DATA Alignment of Supply & Demand Nuria de Lama Representative of Atos Research &

BIG DATA Alignment of Supply & Demand Nuria de Lama Representative of Atos Research & BIG DATA Alignment of Supply & Demand Nuria de Lama Representative of Atos Research & Innovation 04-08-2011 to the EC 8 th February, Luxembourg Your Atos business Research technologists. and Innovation

More information

PRIVACY, SECURITY AND THE VOLLY SERVICE

PRIVACY, SECURITY AND THE VOLLY SERVICE PRIVACY, SECURITY AND THE VOLLY SERVICE Delight Delivered by EXECUTIVE SUMMARY The Volly secure digital delivery service from Pitney Bowes is a closed, secure, end-to-end system that consolidates and delivers

More information

Zoho Projects. Social collaborative project management platform

Zoho Projects. Social collaborative project management platform Zoho Projects is a feature- rich and easy- to- use cloud- based collaborative project management platform for small to medium- sized businesses as well as teams and departments in larger companies. Its

More information

Introduction to Cloud Computing

Introduction to Cloud Computing Introduction to Cloud Computing Cloud Computing I (intro) 15 319, spring 2010 2 nd Lecture, Jan 14 th Majd F. Sakr Lecture Motivation General overview on cloud computing What is cloud computing Services

More information

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training McAfee Web Gateway Administration Intel Security Education Services Administration Course Training The McAfee Web Gateway Administration course from Education Services provides an in-depth introduction

More information

6 Cloud strategy formation. 6.1 Towards cloud solutions

6 Cloud strategy formation. 6.1 Towards cloud solutions 6 Cloud strategy formation 6.1 Towards cloud solutions Based on the comprehensive set of information, collected and analysed during the strategic analysis process, the next step in cloud strategy formation

More information

Implementing Software- Defined Security with CloudPassage Halo

Implementing Software- Defined Security with CloudPassage Halo WHITE PAPER Implementing Software- Defined Security with CloudPassage Halo Introduction... 2 Implementing Software-Defined Security w/cloudpassage Halo... 3 Abstraction... 3 Automation... 4 Orchestration...

More information

Evaluation of different Open Source Identity management Systems

Evaluation of different Open Source Identity management Systems Evaluation of different Open Source Identity management Systems Ghasan Bhatti, Syed Yasir Imtiaz Linkoping s universitetet, Sweden [ghabh683, syeim642]@student.liu.se 1. Abstract Identity management systems

More information

White Pages Managed Service Solution Rapid Global Directory Implementation. White Paper

White Pages Managed Service Solution Rapid Global Directory Implementation. White Paper White Pages Managed Service Solution Rapid Global Directory Implementation White Paper December 2014 Author: Tom Eggleston Version: 1.0 Status: FINAL Reference: DA-WP01 Creation Date: 03/12/14 Revision

More information

Privacy Policy. Introduction. Scope of Privacy Policy. 1. Definitions

Privacy Policy. Introduction. Scope of Privacy Policy. 1. Definitions Privacy Policy Introduction This Privacy Policy explains what information TORO Limited and its related entities ("TORO") collect about you and why, what we do with that information, how we share it, and

More information

Ensuring High Service Levels for Public Cloud Deployments Keys to Effective Service Management

Ensuring High Service Levels for Public Cloud Deployments Keys to Effective Service Management Ensuring High Service Levels for Public Cloud Deployments Keys to Effective Service Management Table of Contents Executive Summary... 3 Introduction: Cloud Deployment Models... 3 Private Clouds...3 Public

More information

GETTING STARTED WITH ANDROID DEVELOPMENT FOR EMBEDDED SYSTEMS

GETTING STARTED WITH ANDROID DEVELOPMENT FOR EMBEDDED SYSTEMS Embedded Systems White Paper GETTING STARTED WITH ANDROID DEVELOPMENT FOR EMBEDDED SYSTEMS September 2009 ABSTRACT Android is an open source platform built by Google that includes an operating system,

More information

onetransport 2016 InterDigital, Inc. All Rights Reserved.

onetransport 2016 InterDigital, Inc. All Rights Reserved. onetransport 1 onetransport: Who We are Today Platform Provider Transport Expert Analytics Sensors / Analytics Data providers / Use case owners 11 partners 2- year project 3.5m Total funding 2 How this

More information

Sistemi Operativi e Reti. Cloud Computing

Sistemi Operativi e Reti. Cloud Computing 1 Sistemi Operativi e Reti Cloud Computing Facoltà di Scienze Matematiche Fisiche e Naturali Corso di Laurea Magistrale in Informatica Osvaldo Gervasi ogervasi@computer.org 2 Introduction Technologies

More information

Cloud Computing and Government Services August 2013 Serdar Yümlü SAMPAŞ Information & Communication Systems

Cloud Computing and Government Services August 2013 Serdar Yümlü SAMPAŞ Information & Communication Systems eenviper White Paper #4 Cloud Computing and Government Services August 2013 Serdar Yümlü SAMPAŞ Information & Communication Systems 1 Executive Summary Cloud computing could revolutionise public services

More information

CA Technologies Big Data Infrastructure Management Unified Management and Visibility of Big Data

CA Technologies Big Data Infrastructure Management Unified Management and Visibility of Big Data Research Report CA Technologies Big Data Infrastructure Management Executive Summary CA Technologies recently exhibited new technology innovations, marking its entry into the Big Data marketplace with

More information

Assignment # 1 (Cloud Computing Security)

Assignment # 1 (Cloud Computing Security) Assignment # 1 (Cloud Computing Security) Group Members: Abdullah Abid Zeeshan Qaiser M. Umar Hayat Table of Contents Windows Azure Introduction... 4 Windows Azure Services... 4 1. Compute... 4 a) Virtual

More information

Customer Cloud Architecture for Mobile

Customer Cloud Architecture for Mobile Customer Cloud Architecture for Mobile Executive Overview This paper describes vendor neutral best practices for hosting the services and components required to support mobile apps using cloud computing.

More information

Customer Cloud Architecture for Mobile

Customer Cloud Architecture for Mobile Customer Cloud Architecture for Mobile Executive Overview This paper describes vendor neutral best practices for hosting the services and components required to support mobile apps using cloud computing.

More information

How cloud computing can transform your business landscape

How cloud computing can transform your business landscape How cloud computing can transform your business landscape Introduction It seems like everyone is talking about the cloud. Cloud computing and cloud services are the new buzz words for what s really a not

More information

BMC Cloud Management Functional Architecture Guide TECHNICAL WHITE PAPER

BMC Cloud Management Functional Architecture Guide TECHNICAL WHITE PAPER BMC Cloud Management Functional Architecture Guide TECHNICAL WHITE PAPER Table of Contents Executive Summary............................................... 1 New Functionality...............................................

More information