Posts Tagged ‘Cloud Architecture

Trust challenges of Cloud computing

The Security and Privacy challenges discussed above are also relevant to the general requirement upon Cloud suppliers to provide trustworthy services. If Cloud providers find adequate solutions to address the data privacy and security specificities of their business model,they will have met in a certain way the requirement of offering trusted services. Yet, there are a few other challenges which, if tackled properly, would enhance users confidence in the application of Cloud computing and would build market trust in the Cloud service offerings.

Continuity and Provider Dependency - The increasing complexity of Cloud architectures and the resulting lack of transparency also increase the security risk. In many Cloud implementations, the centralized management and control introduces several so-called single points of failure. These could threaten the availability of Cloud users’ data or computing capabilities indirectly, as a small incident in the Cloud could have an exponential impact.

Compliance with applicable regulations and good practices - If privacy is one regulatory area particularly relevant to Cloud computing, it is certainly not the only area. Once the applicable law to a Cloud service is determined, the provider will need to comply with other regulations than privacy, such as: General civil law and contract law, Consumer protection law, “e-commerce regulation”, Fair trade practices law.

Change in Cloud ownership and “Force Majeure”- The Cloud market is still immature and the situation of global economy may affect some of the Cloud industry players too in the coming months or year(s). Accordingly, users of the Cloud must be confident that the services externalized to the Cloud provider, including any important assets (personal data, confidential information)will not be disrupted as it was discussed above(“Continuity and Provider Dependency”).

Trust enhancement through assurance mechanisms – By definition, the Cloud-computing concept cannot guarantee full, continuous and complete control of the Cloud users over their assets. For these reasons, the establishment of appropriate “checks and controls” to ascertain that Cloud providers meet their obligations becomes very relevant for Cloud users (for example,through adherence to generally-accepted standards).

Despite security, privacy and trust concerns, the benefits offered by Cloud computing are too significant to ignore. Thus, rather than discarding cloud computing because of the risks involved, the Cloud participants should work to overcome them so that they can maximize the benefits (e.g. reduced cost, increased storage, flexibility, mobility, etc.). Cloud users should become Risk Intelligent by taking a proactive approach to managing risks and challenges in Privacy, Security and Trust. Risk will become an even more important part of doing business when adopting Cloud concepts.

Risk can then provide both opportunity and peril: poorly managed, it allows a security breach by a hacker or a disgruntled employee, exposing an organisation to potential loss and liability. Effectively addressed, it enables management to exploit e-channels, mobile offices and process efficiency gains and positive results. The Risk Intelligent C-suite should manage information security from the perspective of making money by taking intelligent risks, avoiding losing money by failing to manage risk intelligently.

 

Tags : , , , , , , , , , ,

Market Oriented Cloud Architecture

As consumers rely on Cloud providers to supply all their computing needs, they will require specific QoS to be maintained by their providers in order to meet their objectives and sustain their operations. Cloud providers will need to consider and meet different QoS parameters of each individual consumer as negotiated in specific SLAs. To achieve this, Cloud providers can no longer continue to deploy traditional system-centric resource management architecture that do not provide incentives for them to share their resources and still regard all service requests to be of equal importance.Instead, market-oriented resource management is necessary to regulate the supply and demand of Cloud resources at market equilibrium, provide feedback interms of economic incentives for both Cloud consumers and providers, and promote QoS-based resource allocation mechanisms that differentiate service requests based on their utility.

Figure 1 shows the high-level architecture for supporting market-oriented resource allocation in Data Centers and Clouds. There are basically four main entities involved:

Figure 1: High-level market-oriented cloud architecture.

  1. Service Request Examiner and Admission Control: When a service request is first submitted, the Service Request Examiner and Admission Control mechanism interprets the submitted request for QoS requirements before determining whether to accept or reject the request. Thus, it ensures that there is no overloading of resources whereby many service requests cannot be fulfilled successfully due to limited resources available. It also needs the latest status information regarding resource availability (from VM Monitor mechanism) and workload processing (from Service Request Monitor mechanism) in order tomake resource allocation decisions effectively. Then, it assigns requests to VMs and determines resource entitlements for allocated VMs.
  2. Pricing: The Pricing mechanism decides how service requests are charged. For instance, requests can be charged based on submission time(peak/off-peak), pricing rates(fixed/changing) or availability of resources (supply/demand). Pricing serves as a basis for managing the supply and demand of computing resources within the Data Center and facilitates in prioritizing resource allocations effectively.
  3. Accounting: The Accounting mechanism maintains the actual usage of resources by requests so that the final cost can be computed and charged to the users. In addition, the maintained historical usage information can be utilized by the Service Request Examiner and Admission Control mechanism to improve resource allocation decisions.
  4. VM Monitor: The VM Monitor mechanism keeps track of the availability of VMs and their resource entitlements.
  5. Dispatcher: The Dispatcher mechanism starts the execution of accepted service requests on allocated VMs.
  6. Service Request Monitor: TheService Request Monitor mechanism keeps track of the execution progress of service requests.

In the case of a Cloud as a commercial offering to enable crucial business operations of companies, there are critical QoS parameters to consider in a service request, such as time, cost, reliability and trust/security. In particular, QoS requirements cannot be static and need to be dynamically updated over time due to continuing changes in business operations and operating environments. In short, there should be greater importance on customers since they pay for accessing services in Clouds. In addition, the state-of the-art in Cloud computing has no or limited support for dynamic negotiation of SLAs between participants and mechanisms for automatic allocation of resources to multiple competing requests. Recently, we have developed negotiation mechanisms based on alternate offers protocol for establishing SLAs. These have high potential for their adoption in Cloud computing systems built using VMs.

Commercial offerings of market-oriented Clouds must be able to:

  1. support customer-driven service management based on customer profiles and requested service requirements,
  2. define computational risk management tactics to identify, assess, and manage risks involved in the execution of applications with regards to service requirements and customer needs,
  3. derive appropriate market-based resource management strategies that encompass both customer-driven service management and computational risk management to sustain SLA-oriented resource allocation,
  4. incorporate autonomic resource management models that effectively self-manage changes in service requirements to satisfy both new service demands and existing service obligations, and
  5. leverage VM technology to dynamically assign resource shares according to service requirements.

Tags : , , , , , , , , , , , , , , , , , ,