Abstracts:In 2015, Wang proposed the first identity-based provable data possession scheme named ID-DPDP (IEEE Transactions on Services Computing, vol. 8, no. 2, pp. 328-340, Mar./Apr. 2015) to verify outsourced data publicly without the implementation of PKI. Unfortunately, in this letter, we demonstrate that this scheme is insecure in the sense that cloud servers can generate valid proofs without possessing the original data blocks. We also show another security issue in this scheme which leads to some data blocks can never be verified unless all the data blocks are challenged. Meanwhile, we provide solutions to these problems while preserving the security features of the original scheme.

Abstracts:In the era of cloud computing and big data, virtualization is gaining great popularity in storage systems. Since multiple guest virtual machines (DomUs) are running on a single physical device, disk I/O fairness among DomUs and aggregated throughput remain the challenges in virtualized environments. Although several methods have been developed for disk I/O performance virtualization among multiple DomUs, most of them suffer from one or more of the following drawbacks. (1) A fair scheduling mechanism is missing when requests converge together from multiple queues. (2) Existing methods rely on better performance of the underlying storage system such as solid state drive (SSD). (3) Throughput and latency are not considered simultaneously. To address these disadvantages, this paper presents a virtual multi-channel of disk I/O (VMCD) method that can be built on top of an ordinary storage utility, which mitigates the interference among multiple DomUs by using separated virtual channel (V-Channel) and an I/O request queue for each DomU. In our VMCD, several mechanisms are employed to enhance the I/O performance, including a credit allocation mechanism, a global monitoring strategy, and a virtual multi-channel fair scheduling algorithm. The proposed techniques are implemented on the Xen virtual disk and evaluated on Linux guest operating systems. Experiments results show that VMCD increases fairness by 70 percent approximately compared with CFQ and Anticipatory schedulers, by 30 percent approximately compared with Deadline scheduler; and enhances bandwidth utilization by 28 percent approximately compared with CFQ and Anticipatory schedulers, by 37 percent compared with Deadline in the case of three or more virtual DomUs running on the same physical host.

Abstracts:In modern distributed systems, service consumers are faced with pools of service providers that offer similar functionalities. This reality renders the selection of web services a challenging task. One popular solution is to base the selection decisions on the web services’ non-functional requirements depicted by a variety of QoS metrics. In this paper, we present a new approach for solving the web service selection problem; a QoS-aware trust model that leverages the correlation information among various QoS metrics. This model, based on the probability theory, estimates the trustworthiness of web services by exploiting two statistical distributions, namely, Dirichlet and generalized Dirichlet. These distributions represent the outcomes of multiple correlated QoS metrics. The former distribution is employed when the QoS metrics are positively correlated while the latter handles negatively correlated metrics. We also propose an algorithm to aggregate reputation feedback that propagate among the interacting web services. This algorithm deals with malicious feedback and various strategic behavior commonly performed by web services. Experimental results endorse the advantageous capability of our trust model and reputation algorithm compared to the state-of-the-art.

Abstracts:This work aims to advance Web Service retrieval, also known as Matching, in two directions. First, it introduces a matching algorithm for SAWSDL, which adapts and extends known concepts with novel strategies. Effective logic-based and syntactic strategies are introduced and combined in a novel hybrid strategy, targeting an envisioned well-defined, real-world scenario for matching. The algorithm is evaluated in a universal environment for matching algorithms, SME2, in an objective, reproducible manner. Evaluation ranks Tomaco high amongst state of the art, especially for early recall levels (first in macro-averaging precision, up to 0.7 recall). Secondly, this work introduces the Tomaco web application, which aims to promote wide-spread adoption of Semantic Web Services while targeting the lack of user-friendly applications in this field, by integrating a variety of configurable matching algorithms proposed in this paper. It, finally, allows discovery of both existing and user-contributed service collections and ontologies, serving also as a service registry.

Abstracts:In multi-domain service-based systems, services from different domains are composed together to accomplish critical tasks. In these systems, data flow from one domain to another through the composed services. Thus, security and trustworthiness are the major concerns. Many access control models have been developed for service-based systems. Also, many data provenance schemes have been proposed in recent years to support data quality assessment and enhancement, data reproduction, etc. However, none of the existing mechanisms consider both access control and data provenance in an integrated model. In this paper, we propose an integrated role-based access control and data provenance model to secure the cross-domain interactions. We develop a role-based data provenance scheme which tracks the roles of originators/contributors of a data object and uses this information to help evaluate data trustworthiness. We also make use of the data provenance information and the derived data quality attributes to assist with cross domain access and information flow control. This integrated model mutually enhances data provenance and access control, providing better security and trustworthiness for many multi-domain service-based applications.

Abstracts:Video-on-demand (VoD) services historically rely on commercial content distribution networks (CDNs) for on-demand capacity provisioning. Content providers gradually prefer a self-managed content infrastructure because of its full control and customization. However, such a dedicated physical infrastructure could be costly in initial capital investment, and complex in management. It has become a promising alternative to host VoD services on pay-as-you-go cloud platforms, on which using dynamic server provisioning to reduce server rental cost is the key objective of content providers. In this paper we address two major challenges to reducing cost: to minimize content reorganization and to tolerate imperfect workload prediction. We first present a practical VoD servicing system design based on a pay-as-you-go cloud. We prove that previous works, focusing exclusively on cost savings, cause significant content reorganization and are vulnerable to imperfect workload prediction. To address such issues, we propose a novel idea called workload absorber, and design a provisioning algorithm called Absorb Window based on the idea. Workload absorbers eliminate the bandwidth wastage and significantly reduce content reorganization. We conduct extensive evaluations with real VoD access traces, and demonstrate the superior scalability of the proposed algorithm by producing highly optimized provisioning in seconds for thousands of servers.

Abstracts:Cloud computing is getting more prevalent and finding a way to reduce the cost of cloud computing platform through the migration of virtual machines (VM) is a concerned issue. In this paper, the problem of dynamic migration of VMs (DM-VM) in the cloud computing platform (or simply the cloud) is investigated. A triple-objective optimization model for DM-VM is established, which takes energy consumption, communication between VMs, and migration cost into account under the situation that the platform works normally. The DM-VM problem is divided into two parts: (i) forming VMs into groups, and (ii) determining the best way to place the groups into certain physical nodes. A binary graph matching-based bucket-code learning algorithm (BGM-BLA) is designed for solving the DM-VM problem. In BGM-BLA, bucket-coding and learning is employed for finding the optimal solutions, and binary graph matching is used for evaluating the candidate solutions. The computational results demonstrate that the proposed BGM-BLA algorithm performs relatively well in terms of the Pareto sets obtained and computational time in comparison with two optimization algorithms, i.e., Non-dominated Sorting Genetic Algorithm (NSGA-II) and binary graph matching-based common-coding algorithm.

Abstracts:Mobile cloud computing offers an appealing paradigm to relieve the pressure of soaring data demands and augment energy efficiency for future green networks. Cloudlets can provide available resources to nearby mobile devices with lower access overhead and energy consumption. To stimulate service provisioning by cloudlets and improve resource utilization, a feasible and efficient incentive mechanism is required to charge mobile users and reward cloudlets. Although auction has been considered as a promising form for incentive, it is challenging to design an auction mechanism that holds certain desirable properties for the cloudlet scenario. Truthfulness and system efficiency are two crucial properties in addition to computational efficiency, individual rationality and budget balance. In this paper, we first propose a feasible and truthful incentive mechanism (TIM), to coordinate the resource auction between mobile devices as service users (buyers) and cloudlets as service providers (sellers). Further, TIM is extended to a more efficient design of auction (EDA). TIM guarantees strong truthfulness for both buyers and sellers, while EDA achieves a fairly high system efficiency but only satisfies strong truthfulness for sellers. We also show the difficulties for the buyers to manipulate the resource auction in EDA and the high expected utility with truthful bidding.

Abstracts:Cloud system management is complex due to their diversity and frequent runtime changes. Cloud systems were previously managed through cloud specific management tools that focus on optimising technical metrics, such as performance. However, business users care business metrics (such as cost and revenue) more than technical metrics. To address these issues, this paper proposes a unified business-driven cloud management framework, which enables optimisation of business metrics without limiting business to a specific cloud provider. The main contributions include: (1) a taxonomy which defines a set of actions, events and metrics for unified cloud management; (2) a cloud management policy language that specifies cloud management policies from a business perspective; and (3) middleware architecture that allows business-driven management of diverse clouds. The proposed solutions are evaluated in terms of feasibility, functional correctness, generality, usefulness, and performance.

Abstracts:In task-oriented service computing, a user's computing goal is modeled and represented as a task, which is composed of activities that are performed by accessing service instances in a local environment. The abstract service requirements specified in an activity of a task are resolved and bound to service instances dynamically in runtime. When there are many candidate services that provide similar capabilities for a task, it is essential to consider quality of service (QoS) such as response time, latency, and availability to determine which service instances to use. Finding a service composition that meets the optimal level of quality is a well-known NP-hard problem-the time complexity for task-level (global) optimization increases exponentially as the number of services and the number of quality attributes increase. Although it is possible to use a heuristic approach that shows a reasonable response time with a certain level of service quality, this strategy often fails when there are hard QoS constraints that need to be considered in the task level. In this paper, to overcome this limitation, we propose an adaptive method of selecting services based on the hardness of QoS constraints. The basic idea is to sample services that represent a specific quality-value range. The quality-value range of candidate services is divided into smaller sub-ranges in which representative services are sampled and evaluated. At this time, the size of the QoS sub-ranges is determined adaptably based on the hardness of the QoS constraints. In a QoS sub-range, candidate services may have a similar QoS value for a quality attribute. We calculate the utility of candidate services in a QoS sub-range and sample the highest utility service. This process of sampling services and evaluating their utility value is repeated until it makes a composite service that has the highest level of global utility for a task. Our experiment results show that the proposed approach effectively improves the - uccess rate of service composition while achieving a certain level of global optimality and maintaining a reasonable level of performance. Our approach shows up to 80 percent improvement in success rate in comparison to the existing heuristic approaches.