Adaptable,model-driven security engineering for SaaS cloud-based applications

Software-as-a-service (SaaS) multi-tenancy in cloud-based applications helps service providers to save cost, improve resource utilization, and reduce service customization and maintenance time. This is achieved by sharing of resources and service instances among multiple “tenants” of the cloud-hosted application. However, supporting multi-tenancy adds more complexity to SaaS applications required capabilities. Security is one of these key requirements that must be addressed when engineering multi-tenant SaaS applications. The sharing of resources among tenants—i.e. multi-tenancy—increases tenants’ concerns about the security of their cloud-hosted assets. Compounding this, existing traditional security engineering approaches do not fit well with the multi-tenancy application model where tenants and their security requirements often emerge after the applications and services were first developed. The resultant applications do not usually support diverse security capabilities based on different tenants’ needs, some of which may change at run-time i.e. after cloud application deployment. We introduce a novel model-driven security engineering approach for multi-tenant, cloud-hosted SaaS applications. Our approach is based on externalizing security from the underlying SaaS application, allowing both application/service and security to evolve at runtime. Multiple security sets can be enforced on the same application instance based on different tenants’ security requirements. We use abstract models to capture service provider and multiple tenants’ security requirements and then generate security integration and configurations at runtime. We use dependency injection and dynamic weaving via Aspect-Oriented Programming (AOP) to integrate security within critical application/service entities at runtime. We explain our approach, architecture and implementation details, discuss a usage example, and present an evaluation of our approach on a set of open source web applications.     

Customer on-boarding strategies for cloud computing services with dynamic service-level agreements

A multi-tenant software as a service (SaaS) provider has to meet the needs of several tenants which adopt its services with diverse business requirements. The tenant needs vary widely with time, and the provider has to account for such fluctuations by suitable provisioning at its end. Handling this elasticity arising out of the tenant base is one of the key challenges for the SaaS provider. In this paper, we study the problem specifically in the SaaS context with the idea built around license provisioning in a tenant–provider perspective. For a given set of tenants with diverse license requirements, it is important to analyze whether there is any way to on-board them such that all constraints laid out as part of the service-level agreement can be honored. The total number of licenses available with the provider plays a crucial role in answering this question. We propose an intuitive model of elasticity that can capture anticipated license need variations at the tenant end. We propose an ILP-based approach for solving this schedulability problem for a collection of tenants. We also propose a simple-minded greedy heuristic to solve the on-boarding problem with elasticity constraints. Results show that our approach gives acceptable performance.     

基于虚拟机部署策略的云平台容错即服务方法

针对如何充分利用云基础架构层资源,满足上层云应用系统租户对应用系统容错的需求多样性和高可靠性要求的问题,提出一种面向租户和云服务提供商的、基于虚拟机部署策略的云平台容错即服务方法。该方法根据租户的特定容错需求适配适合的容错方法及容错级别,据此计算并最优化云服务提供商的收益和资源使用量,在此基础上对提供容错服务的虚拟机进行优化部署,充分利用底层虚拟机资源为租户的云应用系统提供更为可靠的容错服务。实验结果表明,所提方法能够在保障云服务提供商收益的基础上,为多租户云应用系统实现更灵活且可靠性更高的容错服务。     

一种SaaS交付平台的多租户数据迁移策略

现有的云数据放置策略未引入SaaS特征,租户作为独立个体的特征被忽略,导致多租户数据的混合放置,常用的数据迁移策略面临着识别及迁移租户数据的挑战。提出一种面向SaaS应用的云中多租户数据动态同步迁移策略,解决了共享存储模式下无法识别SaaS应用租户,难以使用快照、日志等数据库技术进行租户数据迁移的问题。通过SaaS平台数据层面的同步迁移,保证云中各数据节点的负载均衡及良好的用户体验。     

Multi-tenant intrusion detection system for public cloud (MTIDS)

Cloud computing is an innovative paradigm technology that is known for its versatility. It provides many creative services as requested, and it is both cost efficient and reliable. More specifically, cloud computing provides an opportunity for tenants to reduce cost and raise effectiveness by offering an alternative method of service utilization. Although these services are easily provided to tenants on demand with minor infrastructure investment, they are significantly exposed to intrusion attempts since the services are offered under the administration of diverse supervision over the Internet. Moreover, the security mechanisms offered by cloud providers do not take into consideration the variation of tenants’ needs as they provide the same security mechanism for all tenants. So, meeting tenants’ security requirements are still a major challenge for cloud providers. In this paper, we concentrate on the security service offered to cloud tenants and service providers and their infrastructure to restrain intruders. We intend to provide a flexible, on-demand, scalable, and pay-as-you-go multi-tenant intrusion detection system as a service that targets the security of the public cloud. Further, it is designed to deliver appropriate and optimized security taking into consideration the tenants’ needs in terms of security service requirements and budget.     

一种透明的可信云租户隔离机制研究

租户隔离是云计算能被作为第三方服务提供给租户的重要前提,因此云租户隔离机制的安全有效性能否被租户信任对云计算服务的推广非常关键.但是在云计算这种第三方服务模式中,由于租户不能参与云服务基础设施及其安全隔离机制的建设和管理过程,因此他们难以对云租户隔离机制的安全有效性建立信心.本文将透明性要求视为可信云租户隔离机制的一部分,将云租户隔离机制和租户透明要求都转化为云服务系统中不同安全域之间的信息流, 对云租户隔离机制进行定义,并制定云计算平台中的域间信息流策略控制方式,最后基于信息流无干扰理论证明了所定义的云租户隔离机制在安全方面的有效性.     

共享式Web应用服务器集群的资源整合方法研究

PaaS(platform as a service)平台是一种重要的云计算服务类型,但传统的Web应用服务器集群管理方式无法为PaaS平台多承租和动态资源管理提供有效支持。针对上述问题,提出了一种基于进程隔离的共享式集群拓扑结构,支持多个Web应用服务器集群共享相同的物理服务器环境。同时给出了针对此共享集群的服务器整合方法,以满足租户应用的性能需求和提高服务器的有效资源使用率。实验证明,平台能够根据当前共享集群的状态选择适当数量的服务器,服务器整合方法有效可行。     

面向SaaS应用的SMTDM可伸缩多租户数据管理框架

云计算是一种可以弹性并按需提供资源的技术.在多租户共享数据存储模式下,如何实现数据的动态伸缩存储是云数据管理的关键.针对SaaS应用如何随着租户数量及请求规模的变化而进行自适应伸缩的问题,在分析数据存储层的伸缩性需求的基础上,基于Walraven等人提出的多租户架构思想,扩展典型的云应用架构,设计了一个多租户数据管理框架,实现存储资源的弹性.基于该框架,开发了一个面向网络管理领域的SaaS原型系统,验证了其有效性和可用性.     

LTSS: Load-Adaptive Traffic Steering and Forwarding for Security Services in Multi-Tenant Cloud Datacenters

Currently, different kinds of security devices are deployed in the cloud datacenter environment and tenants may choose their desired security services such as firewall and IDS (intrusion detection system). At the same time, tenants in cloud computing datacenters are dynamic and have different requirements. Therefore, security device deployment in cloud datacenters is very complex and may lead to inefficient resource utilization. In this paper, we study this problem in a software-defined network (SDN) based multi-tenant cloud datacenter environment. We propose a load-adaptive traffic steering and packet forwarding scheme called LTSS to solve the problem. Our scheme combines SDN controller with TagOper plug-in to determine the traffic paths with the minimum load for tenants and allows tenants to get their desired security services in SDN-based datacenter networks. We also build a prototype system for LTSS to verify its functionality and evaluate performance of our design.     

Efficient customization of multi-tenant Software-as-a-Service applications with service lines

Application-level multi-tenancy is an architectural approach for Software-as-a-Service (SaaS) applications which enables high operational cost efficiency by sharing one application instance among multiple customer organizations (the so-called tenants). However, the focus on increased resource sharing typically results in a one-size-fits-all approach. In principle, the shared application instance satisfies only the requirements common to all tenants, without supporting potentially different and varying requirements of these tenants. As a consequence, multi-tenant SaaS applications are inherently limited in terms of flexibility and variability.This paper presents an integrated service engineering method, called service line engineering, that supports co-existing tenant-specific configurations and that facilitates the development and management of customizable, multi-tenant SaaS applications, without compromising scalability. Specifically, the method spans the design, implementation, configuration, composition, operations and maintenance of a SaaS application that bundles all variations that are based on a common core.We validate this work by illustrating the benefits of our method in the development of a real-world SaaS offering for document processing. We explicitly show that the effort to configure and compose an application variant for each individual tenant is significantly reduced, though at the expense of a higher initial development effort.     

面向多租约SaaS应用的负载均衡机制研究与实现

随着云计算的普及,SaaS作为一种新的软件交付模式得到了越来越广泛地关注.为了支持高速业务发展带来的大量用户的访问请求,多租约SaaS应用需要负载均衡机制以支持可扩展性.本文从对多租约SanS应用用户需求的分析入手,提出了一种面向租约功能类型的服务器负载模型和面向租约用户非功能需求的执行请求按需分配算法,设计了一个面向多租约SanS 应用的负载均衡系统.实验表明本文提出的面向多租约SaaS应用的负载均衡机制能在满足不同租约用户需求的同时提高系统整体执行效率.     

Dynamic resource demand prediction and allocation in multi‐tenant service clouds

Cloud computing is emerging as an increasingly popular computing paradigm, allowing dynamic scaling of resources available to users as needed. This requires a highly accurate demand prediction and resource allocation methodology that can provision resources in advance, thereby minimizing the virtual machine downtime required for resource provisioning. In this paper, we present a dynamic resource demand prediction and allocation framework in multi‐tenant service clouds. The novel contribution of our proposed framework is that it classifies the service tenants as per whether their resource requirements would increase or not; based on this classification, our framework prioritizes prediction for those service tenants in which resource demand would increase, thereby minimizing the time needed for prediction. Furthermore, our approach adds the service tenants to matched virtual machines and allocates the virtual machines to physical host machines using a best‐fit heuristic approach. Performance results demonstrate how our best‐fit heuristic approach could efficiently allocate virtual machines to hosts so that the hosts are utilized to their fullest capacity. Copyright © 2016 John Wiley & Sons, Ltd.     

Efficient network isolation and load balancing in multi-tenant HPC clusters

Multi-tenancy promises high utilization of available system resources and helps maintaining cost-effective operations for service providers. However, multi-tenant high-performance computing (HPC) infrastructures, like dynamic HPC clouds, bring unique challenges, both associated with providing performance isolation to the tenants, and achieving efficient load-balancing across the network fabric. Each tenant should experience predictable network performance, unaffected by the workload of other tenants. At the same time, it is equally important that the network links are balanced, avoiding network saturation. The network saturation can lead to unpredictable application performance, and a potential loss of profit for the cloud service providers.In this paper, we present two significant extensions to our previously proposed partition-aware fat-tree routing algorithm, pFTree, for InfiniBand-based HPC systems. First, we extend pFTree to incorporate provider defined partition-wise policies that govern how the nodes in different partitions are allowed to share network resources with each other. Second, we present a weighted version of the pFTree routing algorithm, that besides partitions, also takes node traffic characteristics into account to balance load across the network links more evenly. A comprehensive evaluation comprising both real-world experiments and simulations confirms the correctness and feasibility of the proposed extensions.     

基于可变性模型的可复用与可定制SaaS软件开发方法

云计算环境下,软件通过互联网向租户提供服务,这种基于互联网的软件交付模式称为SaaS（软件即服务）.与传统软件交付模式相比,SaaS软件通常运行于软件供应商的服务器端,同时为多个租户提供服务.由于需要支持不同租户的个性化需求,SaaS软件应具备足够的灵活性,以应对快速变化的租户需求;而且针对某一个租户的变更,不应影响其他租户.通过扩展课题组前期开发的基于可变性管理的适应性服务组装方法及其支持平台,提出了一种云计算环境下可复用、可定制的SaaS软件开发方法,开发了相应的支持平台,包括支持SaaS模式的服务组装引擎和远程定制工具.该方法针对不同租户的共性需求,提供一个抽象服务组装模型,支持平台在运行阶段解释执行抽象服务组装模型,根据租户的个性化需求派生不同的流程实例,这些运行时流程实例多态共存、互不影响.采用一个特定领域的SaaS软件实例来验证该方法的可行性,评估了支持平台的性能.实验结果表明,该方法及其支持平台可以支持多实例多租户的交付模式.     

Development of a novel cloud-based multi-tenant model creation service for automatic virtual metrology

AVM (Automatic Virtual Metrology) is the highest-level technology for VM (Virtual Metrology) applications from the perspective of automation. Its various automatic capabilities could facilitate fast factory-wide deployment and operations of VM systems. AVM systems have been successfully applied to the semiconductor, TFT-LCD, solar-cell, and machining industries for on-line monitoring the production quality of workpieces. However, in its past industrial applications, the model creation (MC) functionality of the existing AVM system encountered several limitations, such as being a standalone application and confined to be used in situ in a factory, no support for multiuser model creation, wasting computing resources, etc., which could diminish the applicability of the existing AVM system in current global and distributed manufacturing environments. Thus, this paper is dedicated to tackling the problem of how to systematically and effectively overcome MC-related limitations of the existing AVM system so that it can robustly support multiple users across factories to create their VM models simultaneously in distributed manufacturing settings. By leveraging the advantages of cloud computing and several IT technologies (including virtualization software, XML, Web Service, Multi-tenancy technique, and HTML5), this paper proposes a novel cloud-based multi-tenant model creation service (i.e., CMMCS) for AVM. The proposed CMMCS contains a cloud-based system architecture, functional frameworks of its key components, several functional mechanisms, and HTML5-based Web GUIs. Testing results in an industrial case study that creates VM models using the CMMCS for CNC machine tools in machining wheel rims of automobiles in a factory in Taiwan demonstrate that the CMMCS can allow multiple users from different tenants to simultaneously create their VM models, while enabling the MC cloud services to be more robust for processing MC requests, having higher CPU-usage rates in the underlying virtual machines, and achieving better cross-platform usage, compared to the original MC functionality. This paper has provided a feasible solution to systematically and effectively remedying the MC-related limitations of the existing AVM system. The existing VM-related literature mainly focused on the development of VM models. To our knowledge, no papers have coped with issues addressed in this paper by leveraging cloud computing. The results of this paper can be a useful reference for industrial practitioners to construct AVM systems which support multi-tenant or multiuser model creation.     

SDSN@RT: A middleware environment for single-instance multitenant cloud applications

With the single-instance multitenancy (SIMT) model for composite Software-as-a-Service (SaaS) applications, a single composite application instance can host multiple tenants, yielding the benefits of better service and resource utilization and reduced operational cost for the SaaS provider. An SIMT application needs to share services and their aggregation (the application) among its tenants while supporting variations in the functional and performance requirements of the tenants. The SaaS provider requires a middleware environment that can deploy, enact, and manage a designed SIMT application, to achieve the varied requirements of the different tenants in a controlled manner. This paper presents the SDSN@RT (software-defined service networks at runtime) middleware environment that can meet the aforementioned requirements. SDSN@RT represents an SIMT composite cloud application as a multitenant service network, where the same service network simultaneously hosts a set of virtual service networks, one for each tenant. A service network connects a set of services and coordinates the interactions between them. A virtual service network realizes the requirements for a specific tenant and can be deployed, configured, and logically isolated in the service network at runtime. SDSN@RT also supports the monitoring and runtime changes of the deployed multitenant service networks. We show the feasibility of SDSN@RT with a prototype implementation and demonstrate its capabilities to host SIMT applications and support their changes with a case study. The performance study of the prototype implementation shows that the runtime capabilities of our middleware incur little overhead.     

面向SaaS应用基于键值对模式的多租户索引研究

面向SaaS应用的多租户数据库为满足租户的数据隔离和按需定制的需求,需要提供支持隔离和易于定制的数据存储机制及索引机制.基于键值对存储方式,提出元数据驱动的映射表索引模型,该模型根据租户定制需求,为租户业务数据形成各自的索引元数据,通过元数据驱动实现了索引数据的隔离及定制效果;给出索引的维护策略,根据租户数据访问请求进行索引切片,以逐渐细化的索引切片作为数据访问的基本单位,快速返回租户结果集.实验结果表明,该方案在数据访问分布均衡的情况下,使索引维护及数据访问具有较好的总体性能.     

面向云应用系统的容错即服务优化提供方法

通过提供高效且持续可用的容错服务以保障云应用系统的可靠运行是至关重要的.采用容错即服务的模式,提出了一种优化的云容错服务动态提供方法,从云应用组件的可靠性及响应时间等方面描述云应用容错需求,以常用的复制、检查点和NVP（N-version programming）等容错技术为基础,充分考虑容错服务动态切换开销,分别针对支撑容错服务的底层云资源是否足够的场景,给出可用容错即服务提供方案的最优化求解方法.实验结果表明,所提方法降低了云应用系统支付的容错服务费用及支撑容错服务的底层云资源的开销,提高了容错服务提供商为多个云应用实施高效、可靠容错即服务的能力.     

Framework for cloud-based software test data generation service

This paper presents the framework of cloud-based software test data generation service (CSTS) that caters to cost-effective test data generation service in a cloud environment. In contrast to existing conventional or cloud-based testing frameworks, CSTS has a number of unique benefits. First, CSTS is designed to facilitate test data generation in minimum time and cost. Second, unlike existing frameworks which mandates clients to opt for resources to test their jobs, CSTS guides customer for selecting best cluster configuration in order to minimize the cost. While the existing models do not provide any solution for trust establishment in cloud computing services, CSTS delivers it by implementing security mechanism with the provision of role based access control. The security mechanism proposed in this paper ensures the protection of data and code of different users. Third, CSTS provides a mathematical pricing model to fulfill the expectations of customers and also to maximize the net profit of service providers. Cloud service request model has also been designed that postulates service level agreements between customers and service providers. We have evaluated, compared, and analyzed our framework and have found that it outperforms other existing cloud-based frameworks.     

A distributed architecture for policy-customisable multi-tenant processes-as-a-service

Service-based business processes are often developed and deployed by single organisations. In distributed, shared resource environments like the cloud on the other hand, consumers share resources owned by cloud providers. This requires multi-tenancy capability for service processes that provide customised behaviour on shared process implementations to meet the varying needs of different process consumers as tenants of the process resource. In this paper, we define a distributed multi-tenant architecture for Business Process Execution Language (BPEL) processes provided as a service. A single-version BPEL process is deployed by a provider and offered for all process consumers, combined with a customisation and management functionality to create a unique experience for different consumers (process tenants). We provide two core components: a policy model for consumers to express customisation/business requirements of service processes and a coordination framework for policy enforcement between consumers and providers to achieve on-the-fly customisation of service processes.