Trust and Dependability in Cloud Computing Claus Pahl IC4 Principal Investigator November 7 th, 2013
Research Philosophy design for growth design for best service provision design for widest acceptance building trust and dependability in the cloud
Research Themes Dr Claus Pahl (DCU) Architecture Dr Brian Lee (AIT) Cloud and Mobile Security Service Lifecycle Prof. John Morrison (UCC) Business Dr Theo Lynn (DCU)
Architecture Research Interoperability Migration Interoperability SOA Cloud Migration and Cloud Architecture Modelling SOA Data and Service Integration Catalogue of Migration Patterns Managing and Maintaining Interoperable Solutions Developing a Strategy for Migrating Legacy Software to the Cloud
Auto-configuration and Deployment Best Practice Cloud Messaging and Monitoring Systems Service Lifecycle Management Research Metrics for QoS and QoE Cloud Messaging Bus Cloud Services Brokerage
Business Research Organisation Development Effectiveness Toolboxes Capabilities Cloud Readiness Regulation EU Review US Briefing Note Competitive Advantage Cases Strategic Alignment Model Costing & Pricing Assurance, Accountability and Trustmarks
Cloud and Mobile Security Research Risk Catalogue for Authentication in the Cloud Risk catalogue for Mobile Deployment Attack Penetration Test Software Prototype Managing Mobile Computing Risk Searchable Encryption Critical Analysis of HTML 5 Threats
Selected Research Projects Trust and Dependability in Cloud Computing
CloudPASS: an Integrated Framework for Assurance and Accountability in the Cloud
CloudPASS: an Integrated Framework for Assurance and Accountability in the Cloud CloudPASS : a computing architecture, patterns and programming models independent integrated accountability, assurance and trustmark system to build trust and confidence in cloud computing Key features: enabling cloud service providers to give consumers appropriate control and transparency over the definition and execution of cloud processes and workflows providing assurance to consumers and regulators that processes and workflows were executed in accordance with declared service and compliance expectations providing independent third-party services for monitoring, auditing, certification, trust modelling to support accountability in the cloud verifying the authenticity of trustmarks through certification.
CloudPASS: an Integrated Framework for Assurance and Accountability in the Cloud
CloudPASS: an Integrated Framework for Assurance and Accountability in the Cloud Provenance in the Cloud : Provenance is information about entities, activities, and people involved in producing a piece of data or thing Provenance can be used to form assessments about its quality, reliability or trustworthiness Provenance data integrity and data confidentiality of importance in the cloud data processed by cloud services Provenance logging supported by database/repository Monitoring Data: Provenance applies - cloud service metadata Providing assurance that SLAs are observed
CloudPASS: an Integrated Framework for Assurance and Accountability in the Cloud CloudPass System Architecture : Signup and Identity Management Module Trustmark Interface QA Level Description Module (min-max to inform risk assessment) Transparency and Third Party Verification Interface Pattern Analysis and Preventative Controls Trustmarks : Framework Design Energy and Food Labels Metadata Platform in the form of an Ontology Trustmark Process Design Trustmark Visualisation
PaaS Provider PaaS Migration Process PaaS Migration: Migrating Application Software to PaaS Clouds Consultation with ISV CEO On Premise Analysis motivation discovery Discussion change implications Business Level costing and operation Business - FROM classical licensing model TO SaaS ISV PaaS Infrastructure Assessment and Requirements Infrastructure Architecture architecture statelessness scoping and and data analysis definition externalisation Technical - FROM local TO virtualised (self-hosted, or better 3rd party-hosted) TO public configuration (3rd-party hosted, data centres) Re-engineering/ Development stateless architecture ISV Developer and Software Development Re-engineering/ Development data externalisation Development pricing, support and marketing Technical - FROM on-premise environment TO cloud data centres ISV Provisioning Migration PaaS-level infrastructure Migration SaaS-level infrastructure Cloud Solution Business - FROM Installation TO PaaS access channels (for clients)
PaaS Migration Processes Research IC4 Research into Migration Processes to determine commonalities and differences between cloud scenarios. Research Activities: Expert interviews with several multinationals covering the IaaS, PaaS and SaaS space Definition of Migration Processes and Patterns for difference Migration Scenarios Collaborators and Contributors: Microsoft, IBM, Salesforce, Cloud Consulting
PaaS Migration Research Benefits PaaS Cloud User for example ISVs: Management: Clarification of migration process by defining common process activities and best-practice approaches Concerns: Transparency of migration process with Technical aspects: architecture, software lifecycle Business aspects: change of expenditure model; skills needs Migration Experts PaaS platform providers: Documentation of reference cases as guidelines for migration project management Summary of best-practice for specific settings
PaaS Migration Test Case 10 servers serving 1000 users 100 100 1 10
PaaS Migration Test Case 10 servers serving 100 users 10 10 1 10
PaaS Migration Test Case 1 server serving 100 users? 10 10 1 10
PaaS Migration Test Case 1 server serving 100 users? 10 10 Problem! Sticky Session State (Statefulness) 1 10
PaaS Migration Solutions In a migration process, software architecture and programming need to be embedded into: methodological process support, e.g. enhanced questionnaires (infrastructure used, complexity of programs/data) analytical and diagnostic tools supporting dependency analysis and preparations for the actual re-engineering and refactoring Overall, a productivity support system that aims at scalability (scaleout, scale-down) and performance as a cloud benefit. This identifies possible software architecture and engineering techniques software re-engineering or refactoring
PaaS Migration Techniques Software engineering in the PaaS migration process Migration method and technique development Experimental research quantifying benefits Software Migration and Modernisation Techniques: Programming Models for Stateless Programming Databases for State Management Data Externalisation for Resiliency This results in an identification of some key solution components the first two address elasticity, the third addresses resiliency.
PaaS Migration Research Benefits PaaS Vendor Migration Experts: Quantification of experimental results to substantiate benefits of re-engineering and modernisation for the cloud Software engineering techniques to adjust to changing cloud landscape PaaS Cloud Technology Users: Convincing arguments for the need of optimising migration activities Tools to make the migration process more effective and reliable.
Thank You! Dr. Claus Pahl Claus.Pahl@dcu.ie