Internet-based virtual computing environment(iVCE):Concepts and architecture

Resources over Internet have such intrinsic characteristics as growth, autonomy and diversity, which have brought many challenges to the efficient sharing and comprehensive utilization of these resources. This paper presents a novel approach for the construction of the Internet-based Virtual Computing Environment (iVCE), whose sig- nificant mechanisms are on-demand aggregation and autonomic collaboration. The iVCE is built on the open infrastructure of the Internet and provides harmonious, transparent and integrated services for end-users and applications. The concept of iVCE is presented and its architectural framework is described by introducing three core concepts, i.e., autonomic element, virtual commonwealth and virtual executor. Then the connotations, functions and related key technologies of each components of the architecture are deeply analyzed with a case study, iVCE for Memory.     

SelfTrust: leveraging self-assessment for trust inference in Internetware

Internetware is envisioned as a new software paradigm for software development in platforms such as the Internet.The reliability of the developed software becomes a key challenge due to the open,dynamic and uncertain nature of such environment.To make the development more reliable,it is necessary to evaluate the trustworthiness of the resource providers or potential working partners.To this end,we propose a novel trust inference approach to evaluating the trustworthiness of potential partners to guide the software development in Internetware.The main insight of our approach is to employ the self-assessment information in order to improve the trust inference accuracy.Especially,we frst extend the balance theory and the status theory from social science to incorporate self-assessment,and then propose a machine learning framework to extract several features from the extended theories and infer trustworthiness scores based on these features.Experimental results on a real software developer network show that the self-assessment information truly helps to improve the accuracy of trust inference,and the proposed SelfTrust model is more accurate than other state-of-the-art methods.     

Internetware: An Emerging Software Paradigm for Internet Computing

The Internet is undergoing a tremendous change towards the globalized computing environment.Due to the open,dynamic and uncontrollable natures of the Internet,software running in the Internet computing environment has some new features,which bring challenges to current software technologies in terms of software model,software operating platform,software engineering approaches and software quality.Researchers in China have proposed the term "Internetware" to present the emerging software paradigm.Sponsored by the National Basic Research 973 Program,several research practices have been done on the Internetware in the past decade.This paper summarizes the progress and status of the Internetware researches.A technical solution framework for the Internetware paradigm is proposed from four aspects:the Internetware software model defines what the Internetware is to be;the Internetware middleware determines how to run the Internetware applications;the engineering methodology determines how to develop the Internetware applications;the Internetware quality assurance determines how well the Internetware applications can perform.The paper also discusses the ongoing research issues and future trends of Internetware.     

Secure System Modeling: Integrating Security Attacks with Statecharts

Software security is becoming an important concern as software applications are increasingly depending on the Internet, an untrustworthy computing environment. Vulnerabilities due to design errors, inconsistencies, incompleteness, and missing constraints in software design can be wrongly exploited by security attacks. Software functionality and security, however, are often handled separately in the development process. Software is designed with the mindset of its functionalities and cost, where the focus is mainly on the operational behavior. Security concerns, on the other hand, are often described in an imprecise way and open to subjective interpretations. This paper presents a threat driven approach that improves on the quality of software through the realization of a more secure model. The approach introduces systematic transformation rules and integration steps for integrating attack tree representations into statechart-based functional models. Through the focus on the behavior of an attack from the perspective of the system behavior, software engineers can clearly define and understand security concerns as software is designed. Security analysis and threat identification are then applied to the integrated model in order to identify and mitigate vulnerabilities at the design level.     

Preface

The vision of ''Internet as a computer'' motivates many technical trends, like pervasive computing, grid computing, service computing and recently, cloud computing, as well as some business trends, like modern service industry, digital economy and smarter planet. These evolutionary changes demand that the software systems which are running on the open and dynamic Internet have to be autonomous, context-sensitive, continuous-reactive, evolutionary, and proactive, and the software entities dispersed on distributed nodes over the Internet will be turned into self-contained, autonomous and adaptive. Thus, like the information Web, i.e. the World Wide Web, these Internet-based software entities will constitute a software Web. That gives birth a new software paradigm. A portmanteau term ''Internetware'' is used to denote the future software-web. An Internetware system will be able to perceive the changes of the open and dynamic environment, respond to the changes, and exhibit the context-aware, adaptive and trustworthy behaviors. The mission of Internetware may challenge many aspects of software technologies, from the operating platforms and the programming models to the engineering approaches. Internetware 2010, the second Asia-Pacific Symposium on Internetware, aims to provide an interactive forum where researchers and professionals from multiple disciplines and domains meet and exchange ideas to explore and address the challenges brought by Internetware. The symposium was held at Suzhou, China, during the 2-4 of Nov, 2010. Thirty three papers were submitted and each of them was reviewed by at least two members of an International Program Committee. Among them, 12 have been accepted (which means an acceptance rate of 36%) for their quality as well as for their interesting terms of discussions for the symposium attendees. This special issue contains 7 revised and substantially extended papers from the 12 based on presentations at the symposium: ......     

CORBA-Based Analysis of Multi Agent Behavior

An agent is a computer software that is capable of taking independent action on behalf of its user or owner. It is an entity with goals, actions and domain knowledge, situated in an environment. Multiagent systems comprises of multiple autonomous, interacting computer software, or agents. These systems can successfully emulate the entities active in a distributed environment. The analysis of multiagent behavior has been studied in this paper based on a specific board game problem similar to the famous problem of GO. In this paper a framework is developed to define the states of the multiagent entities and measure the convergence metrics for this problem. An analysis of the changes of states leading to the goal state is also made. We support our study of multiagent behavior by simulations based on a CORBA framework in order to substantiate our findings.     

Trustworthy assurance of service interoperation in cloud environment

Cloud computing can be realized by service interoperation and its essence is to provide cloud services through network. The development of effective methods to assure the trustworthiness of service interoperation in cloud environment is a very important problem. The essence of cloud security is trust and trust management. Combining quality of service (QoS) with trust model, this paper constructs a QoS-aware and quantitative trust-model that consists of initial trust value, direct trust value, and recommendatory trust value of service, making the provision, discovery, and aggregation of cloud services trustworthy. Hence, it can assure trustworthiness of service interoperation between users and services or among services in cloud environment. At the same time, based on this model, service discovery method based on QoS-aware and quantitative trust-model (TQoS-WSD) is proposed, which makes a solid trust relationship among service requestor, service provider and service recommender, and users can find trustworthy service whose total evaluation value is higher. Compared to QoS-based service discovery (QoS-WSD) method, it is proved by the experiment for TQoS-WSD method that more accurate result of service discovery will be achieved by service requestor, while reasonable time cost is increased. Meanwhile, TQoS-WSD method strongly resists the effect of service discovery by untrustworthy QoS values and improves service invocation success-rate and thus assures trustworthiness of services interoperation.     

Internetware Computing: Issues and Perspective

The Internetware addresses the unique challenges of software development and maintenance in the open and dynamic Internet environment. The project identifies the four major features as the vision of future Internetware including autonomous services, dynamic collaboration, environment-aware evolution and adaptation, and verifiable and justifiable trustworthiness. The paper discusses four key enabling techniques to achieve the above Internetware capabilities. 1) The lifecycle model: it proposes the model-driven and reuse- centric adaptive lifecycle of service software and the mashup approach for composition-based application development. 2) The ontology system: it discusses a wide range of software development ontology systems that can be used at various abstraction levels throughout all the stages of software lifecycle, and the issues with ontology systems such as consistency and completeness, dependency analysis, merging and change management. 3) Modeling and simulation: it identiˉes the necessary characteristics of the modeling language in the new paradigm such as the modeling of environment , system and environment interactions,the environment-system co-engineering process, and the ontology support for modeling and simulation. 4) Social ranking: it points out that social network will play an important role in Internetware development framework. Traditional software activities such as requirements solicitation and testing can be improved following this social approach. From these above four perspectives, the paper gives an outlook to the emerging techniques and their potential power in Internetware software engineering.     

Middleware Support for Internetware: A Service Perspective

The advent of Internet technology introduces a revolution to software application and development paradigms. Traditional software development and application patterns have been shifted to Internet-based service sharing and collaboration among partners across the Internet. This new paradigm imposes new challenges and complexity in the lifecycle of software development, deployment, execution and maintenance. Middleware, an intermediate layer to abstract the homogeneity and hide the di?erence of underlying systems, can be used to reduce the complexity of managing the lifecycle of Internet applications. In this paper, we exploit the needs of middleware support for Internet-based applications from a service perspective. We investigate the potential requirements and features of Internetware, and analyze the state-of-the-art solutions. We also discuss the remaining issues and their challenges, and explore the potential future research directions.     

Optimized statistical analysis of software trustworthiness attributes

Software trustworthiness has become one of the key restrictions for software service quality and the development of the software industry.However,trustworthiness attributes interlace structured and dynamical coupling relations,which causes great barriers for trustworthiness measurements of large-scale software.According to the dynamical evolutionary characteristics of software trustworthiness attributes,this paper proposes a new approach for optimizing the trustworthiness measurement in terms the kernel trustworthiness attributes,and improves a downsize-optimized statistical analysis method for software trustworthiness attributes based on their nonlinear relations.The improved method considerably simplifies the trustworthiness assessment of largescale software.Using theoretical analysis and numerical simulations,the feasibility of this method is verified using two typical examples that illustrate the realization of the trustworthiness measurement.     

虚拟计算环境下信任管理研究

可信保证体系是虚拟计算环境的基础组件.虚拟计算环境下信任管理具有不确定性和动态性特点,因此,虚拟计算环境下的可信保证体系应具备主观性、基于证据以及上下文相关性的特性.针对虚拟计算环境下虚拟共同体的服务选取以及自主元素的可信度计算的安全问题,提出了基于贝叶斯分析的信任模型.     

VirtMan: design and implementation of a fast booting system for homogeneous virtual machines in iVCE

Internet-based virtual computing environment (iVCE) has been proposed to combine data centers and other kinds of computing resources on the Internet to provide efficient and economical services. Virtual machines (VMs) have been widely used in iVCE to isolate different users/jobs and ensure trustworthiness, but traditionally VMs require a long period of time for booting, which cannot meet the requirement of iVCE’s large-scale and highly dynamic applications. To address this problem, in this paper we design and implement VirtMan, a fast booting system for a large number of virtual machines in iVCE. VirtMan uses the Linux Small Computer System Interface (SCSI) target to remotely mount to the source image in a scalable hierarchy, and leverages the homogeneity of a set of VMs to transfer only necessary image data at runtime. We have implemented VirtMan both as a standalone system and for OpenStack. In our 100-server testbed, VirtMan boots up 1000 VMs (with a 15 GB image of Windows Server 2008) on 100 physical servers in less than 120 s, which is three orders of magnitude lower than current public clouds.     

A Programming Language Approach to Internet-Based Virtual Computing Environment

There is an increasing need to build scalable distributed systems over the Internet infrastructure. However, the development of distributed scalable applications suffers from lack of a wide accepted virtual computing environment. Users have to take great efforts on the management and sharing of the involved resources over Internet, whose characteristics are intrinsic growth, autonomy and diversity. To deal with this challenge, Internet-based Virtual Computing Environment (iVCE) is proposed and developed to serve as a platform for distributed scalable applications over the open infrastructure, whose kernel mechanisms are on-demand aggregation and autonomic collaboration of resources. In this paper, we present a programming language for iVCE named Owlet. Owlet conforms with the conceptual model of iVCE, and exposes the iVCE to application developers. As an interaction language based on peer-to-peer content-based publish/subscribe scheme, Owlet abstracts the Internet as an environment for the roles to interact, and uses roles to build a relatively stable view of resources for the on-demand resource aggregation. It provides language constructs to use 1) distributed event driven rules to describe interaction protocols among different roles, 2) conversations to correlate events and rules into a common context, and 3) resource pooling to do fault tolerance and load balancing among networked nodes. We have implemented an Owlet compiler and its runtime environment according to the architecture of iVCE, and built several Owlet applications, including a peer-to-peer file sharing application. Experimental results show that, with iVCE, the separation of resource aggregation logic and business logic significantly eases the process of building scalable distributed applications.     

可信人工智能系统的质量属性与实现: 三级研究

人工智能系统以一种前所未有的方式,被广泛地用于解决现实世界的各种挑战,其已然成为推动人类社会发展的核心驱动力.随着人工智能系统在各行各业的迅速普及,人们对人工智能系统的可信性愈发感到担忧,其主要原因在于,传统软件系统的可信性已不足以完全描述人工智能系统的可信性.对于人工智能系统的可信性的研究,具有迫切的需要.目前已有大量相关研究,且各有侧重,但缺乏一个整体性、系统性的认识.本研究是一项以现有二级研究为研究对象的三级研究,旨在揭示人工智能系统的可信性相关的质量属性和实践的研究现状,建立一个更加全面的可信人工智能系统质量属性框架.本研究收集、整理和分析了2022年3月前发表的34项二级研究,识别了21种与可信性相关的质量属性及可信性的度量方法和保障实践.研究发现,现有研究主要关注在安全性和隐私性上,对于其它质量属性缺乏广泛且深入的研究.对于需要跨学科协作的两个研究方向,需要在未来的研究中引起重视,一方面是人工智能系统本质上还是一个软件系统,其作为一个软件系统的可信值得人工智能和软件工程专家合作研究;另一方面,人工智能是人类对于机器拟人化的探索,如何从系统层面保障机器在社会环境下的可信,如怎样满足人本主义,值得人工智能和社会科学专家合作研究.     

Embedded DHT overlays in virtual computing environments

With the rapid development of computing and networking technologies, people propose to build harmonious, trusted and transparent Internet-based virtual computing environments (iVCE). The overlay-based organization of dynamic Internet resources is an important approach for iVCE to realizing efficient resource sharing. DHT-based overlays are scalable, low-latency and highly available; however, the current DHT overlay (SKY) in iVCE cannot satisfy the trust requirements of Internet applications. To address this...     

虚拟计算环境中的DHT拓扑构建技术研究综述

基于互联网的虚拟计算环境(iVCE)是一种新型网络计算平台.互联网资源的成长性、自治性和多样性等自然特性给iVCE中的资源共享带来巨大的挑战.DHT覆盖网(简称DHT)具有可扩展、延迟低、可靠性高等优点,是iVCE实现资源有效共享的重要途径之一.拓扑构建是DHT的基础性关键技术,实现了DHT的动态维护与消息路由等基本功能.本文首先概述传统DHT的拓扑构建技术,主要包括各种典型DHT的动态维护机制与消息路由算法、支持复杂查询的DHT索引构建技术,以及支持管理域匹配的DHT分组构建技术等;进而针对互联网资源的特点,综述在iVCE中DHT拓扑构建技术的最新研究进展.本文在最后对DHT拓扑构建技术的未来发展方向进行探讨.     

虚拟计算环境中基于资源池的资源聚合机制

虚拟计算环境中存在着极为丰富的资源,但由于其系统的动态性与自治性特点非常突出,系统服务质量很难得到保证。本文提出一种基于资源池的资源聚合方法,即根据应用需求将所需资源聚合成资源池,并以资源池的形式为用户提供服务,使得在任务执行过程中即使部分节点由于系统故障、超载等原因中途退出任务处理,用户的服务请求仍能得到处理和响应。此外,该方法结合负载均衡,优化了资源节点的选择与资源池的构建,从而有效地提高了系统服务质量。     

A Unified Measurement Solution of Software Trustworthiness Based on Social-to-Software Framework

As trust becomes increasingly important in software domain, software trustworthiness — as a complex high-composite concept, has developed into a big challenge people have to face, especially in the current open, dynamic and ever-changing Internet environment. Furthermore, how to recognize and define trust problem from its nature and how to measure software trustworthiness correctly and effectively play a key role in improving users’ trust in choosing software. Based on trust theory in the field of humanities and sociology, this paper proposes a measurable S2S (Social-to-Software) software trustworthiness framework, introduces a generalized indicator loss to unify three parts of trustworthiness result, and presents a whole metric solution for software trustworthiness, including the advanced J-M model based on power function and time-loss rate for ability trustworthiness measurement, the fuzzy comprehensive evaluation advanced-model considering effect of multiple short boards for basic standard trustworthiness, and the identity trustworthiness measurement method based on the code homology detecting tools. Finally, it provides a case study to verify that the solution is applicable and effective.     

构造基于互联网的可信软件生产服务系统

基于互联网构造可信软件的大规模协作开发环境是近年来软件工程领域的热点。对当前若干典型软件协作开发方法和技术进行了分析,参考人类社会生产概念体系,提出了一种面向互联网的可信软件生产框架,对可信软件生产的概念、生产要素、生产活动和生产方式进行了系统的分类和阐述,给出了基本生产过程和核心生产要素组织方法。结合国家863重点项目软件成果"可信的国家软件资源共享与协同生产环境(Trustie)",分析了该可信软件生产框架在软件资源共享、协作开发和可信评估等方面的机理和有效性。