ReSA: Architecture for Resources Sharing Between Clouds

2014 Conference on Information Assurance and Cyber Security (CIACS)

ReSA: Architecture for Resources Sharing Between Clouds 1

Ahmad Waqas, 2Zulkefli Muhammed Yusof, 3Asadullah Shah, 4Mohammad Asif Khan

1,2,3

Department of Computer Science, Kulliyah of Information and Communication Technology International Islamic University Malaysia, Kuala Lumpur, Malaysia 4 Department of Computer Science, Sukkur Institute of Business Administration, Sukkur, Pakistan 1, 4 {ahmad.waqas,asif.khan}@iba-suk.edu.pk, 2, 3{zulmy,asadullah}@iium.edu.my fundamental features that include on-demand self-service, broad network access, resource pooling, rapid elasticity and measured service [3]. The supreme objective is to deliver computational services when demanded with assurance of scalability, availability and reliability.

Abstract— Cloud computing has emerged as paradigm for hosting and delivering services over the Internet. It is evolved as a key computing platform for delivering on-demand resources that include infrastructures, software, applications, and business processes. Mostly, clouds are deployed in a way that they are often isolated from each other. These implementations cause lacking of resources collaboration between different clouds. For example, cloud consumer requests some resource and that is not available at that point in time. Client satisfaction is important for business as denying the client may be expensive in many ways. To fulfill the client request, the cloud may ask the requested resource from some other cloud. In this research paper we aim to propose a trust worthy architecture named ReSA (Resource Sharing Architecture) for sharing on-demand resources between different clouds that may be managed under same or different rules, policies and management.

II.

RESOURCES OFFERED BY CLOUD

Cloud computing is an attractive business for the companies and organizations that own large data centers to rent their resources. During the last decade, cloud computing evolved promptly and captured the current business market. Multibillion dollar organizations such as IBM, Amazon, Google and EBay have hugely capitalized in cloud technology with the hype of cloud computing. Surveys show that enterprises and critical business organizations are moving from public to private cloud. More than 50% of the Fortune500 enterprises are using some form of the cloud computing and its growth ratio is 30% per year [1]. Technology Business Research (TBR) recently claimed that revenue generated by private and professional cloud services is projected to Grow to $66 Billion by 2018. They further estimated that the public cloud market to be $110 billion by 2018 [2].

Cloud offers variety of resources to its consumers that include computational resources, software resources, low-level hardware, and storage resources and last but not least, communication resources. Cloud offers its resources as services that may be Software-as-a-Service (SaaS), Platformas-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) [4] and is called SPI services model. The SaaS model offers the clients with usage of on-demand software that may include the business, education and personal applications. There is no need of managing infrastructure and platform by the cloud client on which the application is running, thus it simplifies the support and maintenance. Google Apps, Microsoft Office 365, and Onlive are few examples of SaaS. In PaaS, the client is offered with a runtime environment for designing, deploying and testing of application. The Cloud Service Providers (CSPs) typically facilitate the cloud customers with a computing platform that usually include system software and programing run-time environment [5]. Windows Azure Compute, Amazon Elastic Beanstalk, EngineYard, Cloud Foundry, Force.com, Mendix, Google App Engine, Heroku and OrangeScape are a few examples of PaaS. The basic level of cloud service model is IaaS, where consumers are provided with the virtualized computer components and resources to build and run their applications without purchasing the actual expensive computing components. Windows Azure, Virtual Machines, Amazon CloudFormation and underlying services such as Amazon EC2, Google Compute Engine and Rackspace Cloud are examples of IaaS. Fig. 1 depicts the services available to cloud consumers.

“Cloud Computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management efforts or service provider interaction”. In accordance with the definition of Cloud computing stated by National Institute of Standards and Technology (NIST), cloud computing provides the five

The cloud services may be deployed in four models that are Pubic, Private, Community and Hybrid. The Public Cloud deployment model enables the availability of resources for public or for the huge number of organizations through the internet only. Anyone can use the public cloud resources and infrastructure provided by the Cloud Service Provider (CSP). Public CSPs are few, for example, Google and Microsoft etc. as it requires capital investment. CSPs may allow the resource

Keywords— cloud computing; cloud architecture; resource management; resource collaboration; federated clouds

I.

INTRODUCTION

23 978-1-4799-5852-8/14/$31.00 ©2014 IEEE

C. Huang et al [9] proposed a sub-optimal resource allocation mechanism in a cloud computing environment. They introduced the use of support vector regressions (SVRs) for assessing the number of resource consumption in line with the Service Level Agreement (SLA) of every process. After predicting recourse utilization, the resources will be then reallocated based on the recent status of all virtual machines. They further presented the formal procedure for dispatching resources with the help of genetic algorithms (GAs) to determine the redistribution of resources.

usage free of cost or may charge the public cloud client on the basis of pay-per-usage policy. The Private Cloud is exclusively managed for a solitary company, business or corporation. Whereas, the Community Cloud model enables the infrastructure and resources to be shared among two or more organizations forming a community that have shared interests including mission, security, compliances. The Private and Community cloud infrastructure and resources either exist within the organization or somewhere out of the premises that may be managed internally by the cloud owners or by the third-party. The hybrid cloud is formed by combining two or more clouds (public, private, community) that linger the distinctive clouds and obligated organized by proprietary or standardized technologies that supports applications and data movability and manageability.

Y.B. Ma [10] proposed a job allocation algorithm for cloud computing environment based on ontology. The aim of proposed algorithm is to accomplish inferences on the basis of semantic meanings. They extracted resource candidates according to user requirements and allocate the job to the most appropriate candidate based on agreed Service Level Agreement (SLA). Andrew J. Younge et al. [11] presented a Green Cloud Framework that facilitates with proficient green improvements within a scalable cloud computing architecture. This is empowered with the usage and integration of power-aware scheduling techniques, variable resource management, live migration, and a minimal virtual machine design. They proposed the power based scheduling for virtual machines to schedule and allocate resources effectively and efficiently.

Fig. 1.

Although, many techniques and methods have been proposed and research is undergoing for efficient resources management, utilization and allocation but this only focuses the resource management and allocation within the single cloud and between cloud client and cloud service provider. Resource sharing between multiple clouds has not been focused yet. To fulfill the demand of client, a cloud can ask or borrow resource from some other clouds if it does not have available resource at that point in time. This has been seen in federated clouds that are under single rules, policies, management and authority but for clouds with different ownership, rules, policies and management has not been focused. In proceeding section, we investigated and proposed cloud architecture ReSA for resource sharing between different clouds.

Resources offered to cloud consumers [6]

III. LITERATURE REVIEW Efficient resources management, evaluation and allocation is one of vital and complex task in cloud computing. Many techniques have been proposed and implemented for managing resources within cloud computing environment.

IV. STATE-OF-THE-ART CLOUD COMPUTING ARCHITECTURE National Institute of Standards and Technology (NIST) presented a Cloud Computing Reference Architecture and Taxonomy [6][12] to provide a framework for accurate communication of the components and offerings of cloud computing. It aims to develop a universal vendor neutral architecture that is reliable to NIST cloud computing definition and to obtain a solution that does not choke innovation by expressing a specified technical solution. There are five components in this model i.e. cloud provider, cloud consumer, cloud broker, cloud carrier and cloud auditor. Cloud providers offer cloud services (SaaS, PaaS, Iaas) having the cloud infrastructure (physical resources) along with service management procedures and ensure security and privacy at every layer of service. Cloud consumer consumes cloud services according to Service Level Agreement (SLA) offered by cloud provider either directly or through a third-party

R. Buyya et al. [7] presented the vision, challenges, and architectural elements of resource management based on Service Level Agreement (SLA). Their proposed architecture provides the support to incorporate policies related to market based provisioning and virtualization technologies. This enables the flexible allocation of resources to applications. J. Espadas et al. [8] proposed a tenant based resource allocation model. This tenant based resource allocation enables the deployment of Software-as-a-Service (SaaS) applications over cloud computing platforms by taking into account their multi-tenancy. This is to provide a cost-effective scalable environment. This is done by consideration of the formal measurements of under and over provisioning of virtualized resources in cloud infrastructures, specifically for SaaS platform.

24

for each entity that includes objects, clients and services. CSM itself is a fault tolerant distributed system for serving clients with requested services.

named as cloud broker. Cloud Auditor performs security, privacy and performance auditing of cloud to ensure the quality of services. Cloud carrier is the medium between cloud provider, cloud broker, cloud consumer and cloud auditor. V. RESA: RESOURCE SHARING ARCHITECTURE – SHARING RESOURCES BETWEEN CLOUDS We propose a Resource Sharing Architecture (ReSA), a trustworthy architecture for clouds to connect and collaborate with other clouds that may be under same rules, policies, ownership and management. Different clouds can connect with each other by agreeing upon the Service Level Agreement (SLA) and signing the mutual contract to share resources with each other when requested. We suppose this agreement between clouds as a manual process at this time. We will extend this agreement process to be dynamic later. Fig. 2 depicts the top-level view of cloud computing implementation. It contains the cloud client who wants to access the cloud services and resources that may be SaaS, IaaS or PaaS. Cloud Services Manager (CSM) is responsible to obtain the authentication and authorization of client as the client is directly connected with CSM only, and CSM is the single point of entry.

Fig. 2.

The Cloud Manager (CM) is a distributed and fault tolerant system that is responsible for connecting and communicating with other (foreign) clouds for resource collaboration. CM will have full read-only access on the log file maintained by the CSM to monitor the entities and services. Table 1 summarizes

CSM will allocate and delegate the requested services to the client after authentication and authorization process according to service level agreement (SLA). A log file for all events (both sucessful and failed) will be maintained by CSM

Fig. 3.

Top-level view of cloud implementation

Architecture for sharing resources between clouds

25

the architectural components Architecture (ReSA). TABLE I.

Component Cloud Client

Cloud Services Cloud Service Manager (CSM)

Cloud Manager (CM)

of

Resource

through a secure channel for communication to avoid any security breach. Fig. 3 depicts that how the CMs of different clouds are connected with each other under predefined rules and policies to form a network.

Sharing

RESA ARCHITECTURAL COMPONENTS

Key Table has to be maintained by all CMs that gives the full view of the CMs network. At present, we assume that the management of these key tables is static as the agreement process between clouds is also supposed to be manual at this time for experiments. Later, we will extend these key tables to be dynamic with the process of dynamic agreement between clouds.

Functions and Purpose • Any entity including users, objects and other federated cloud who want to connect with cloud for services usage. • Utilizes cloud services through secure web connections only. • Services offered by the cloud that includes SaaS, PaaS and IaaS. • An important distributed fault tolerant component and single point of entry for all cloud clients except foreign cloud because foreign clouds are only connected with CM. • Client can only connect to cloud through CSM and can never bypass it as it is the only point of entry. • Responsible to maintain the log files for each and every action of client and services. • Responsible to attend client’s request and validation of client by authentication and authorization process. • Requests CM to borrow requested resource by client from other clouds if it is not available to fulfill the client’s requirement. • Responsible to delegate requested services to client according to SLA. • Coordinate with CM to collaborate with foreign clouds to share services. • Responsible to compute resources and provision of resources to foreign clouds according to SLAs. • An important distributed fault tolerant component and single point of entry for foreign cloud only. • Responsible to coordinate with CSM for log maintenance. • Responsible to maintain Key Table that contains the entries of other connected clouds. • Responsible to monitor and sense the overall performance and cloud services request from its CSM and from other clouds. • Responsible to send borrow message to all clouds listed in Key Table to borrow the required resource. • Responsible to overhear resource request messages from other clouds and inform CSM urgently. • Maintains queue to decide about choices of resource offered by other clouds because it will request for resource to all connected clouds and will get responses from them. • Responsible to delegating other cloud’s requests for sharing services to CSM.

The key table contains the information of the CMs of other clouds. Fig. 4 gives an example of key tables maintained for above scenario (Fig.3). Key table maintained by the CM of cloud A will have the necessary information of cloud B, C and D (Fig. 4, Table II) as these are the connected clouds under agreed rules and policies. Similarly, CMs of cloud B, C and D also maintained the key tables with information shown in table III, IV and V respectively. TABLE II.

CloudID Cd_B Cd_C Cd_D

IP 10.10.10.1 192.168.0.1 172.152.0.1 TABLE III.

CloudID Cd_A Cd_C Cd_D

KEY TABLE OF CM AT CLOUD A

MAC 74-E5-0B-51-4E-58 74-E5-0B-51-4E-59 74-E5-0B-51-4E-60 KEY TABLE OF CM AT CLOUD B

IP 11.1.1.1 192.168.0.1 172.152.0.1

MAC 74-E5-0B-51-4E-61 74-E5-0B-51-4E-59 74-E5-0B-51-4E-60

TABLE IV.

CloudID Cd_A Cd_B Cd_D

CloudID Cd_A Cd_B Cd_C

SLA 1 1 2

KEY TABLE OF CM AT CLOUD C

IP 11.1.1.1 10.10.10.1 172.152.0.1 TABLE V.

SLA 3 1 2

MAC 74-E5-0B-51-4E-61 74-E5-0B-51-4E-58 74-E5-0B-51-4E-60

SLA 1 2 2

KEY TABLE OF CM AT CLOUD D

IP 11.1.1.1 10.10.10.1 192.168.0.1

Fig. 4.

MAC 74-E5-0B-51-4E-61 74-E5-0B-51-4E-58 74-E5-0B-51-4E-59

SLA 1 2 1

Key Tables

CM will have full read-only access on the log file maintained by the CSM to monitor the entities and services. For Example, some resource X is requested by consumer of cloud A, the CSM will evaluate the resources and if that is available it will delegate the requested resource to the consumer based on Service Level Agreement (SLA). If the resource is not available, it can request the resource to the connected clouds to fulfill the consumer’s request. As the foreign clouds are only connected through CM, the CSM will place a request message to CM of its cloud A to ask and borrow that resource from foreign connected clouds.

The CM is connected with CSM of its cloud and the CMs of other clouds only. CMs are supposed to be connected

26

Fig. 5.

Resource Sharing Processes between Clouds

cloud to other clouds and delivery of that resource back to the client.

The CM of cloud A will broadcast a resource request message to all connected clouds for example clouds B, C and D. The information of connected clouds is already maintained in the key table. On receiving end, the CM of clouds B, C and D will forward the request message to their CSM. The CSM will evaluate its resources upon receiving request and will intimate its CM if resource is available. The CM of clouds B, C and D will then reply to the cloud A if the resource is available. It is possible that none of the cloud has the resource available or all of them have resource available. A queue will be maintained at CM of cloud A to receive the responses from other clouds. Suppose cloud D responses first that the resource is available than cloud B and cloud C does not responded because of resource unavailability. It will be decided to receive services from cloud D by the CM of cloud A as it is at front of queue.

VI. CONCLUSIONS AND FUTURE WORK In this paper we have proposed ReSA, a trust worthy cloud computing architecture, for resources sharing and collaboration between different clouds. This architecture is good to share resources between clouds that may be under different management, ownership and policies. The aim of cloud computing is to facilitate with on-demand resources. The problem may arise that cloud does not have available resource at that point in time when it is requested by cloud client. In such case, cloud can ask or borrow the requested resource to its connected clouds rather than refusing the client. This will be helpful to align the cloud computing objective to facilitate with on-demand resource availability.

CM of cloud A will then send a message including its ID, IP, MAC and secret code to cloud D about the confirmation for availing resource. The CM of cloud D will forward the information to its CSM who will then get the authentication and authorization of cloud A based on SLA and will allocate the resource to cloud A that will be allocated to the cloud consumer. The consumer of cloud A will be using resources from cloud D in a transparent manner. Fig. 5 depicts the processes of resource request from client to cloud, from one

In future, we aim to implement this resource sharing architecture (ReSA) and to develop algorithms for computing resources, SLA management between clouds, risk analysis and resolution of the contention process that inevitably pops up when a cloud is asked for resources by several other clouds. We will also extend this architecture for sharing attack related information between clouds to protect themselves without involvement of any third party. This will facilitate to improve the cloud computing security and auditing measures and will lead towards a self-securing architecture for clouds.

27

[7]

R. Buyya, S. K. Garg, and R. N. Calheiros, “SLA-Oriented Resource Provisioning for Cloud Computing : Challenges , Architecture , and Solutions” in 2011 International Conference on Cloud and Service Computing, 2011, pp. 1–10. [8] J. Espadas, A. Molina, G. Jiménez, M. Molina, R. Ramírez, and D. Concha, “A tenant-based resource allocation model for scaling Software-as-a-Service applications over cloud computing infrastructures”, in Futur. Gener. Comput. Syst., vol. 29, no. 1, pp. 273– 286, Jan. 2013. [9] C.-J. Huang, C.-T. Guan, H.-M. Chen, Y.-W. Wang, S.-C. Chang, C.-Y. Li, and C.-H. Weng, “An adaptive resource management scheme in cloud computing”, Eng. Appl. Artif. Intell., vol. 26, no. 1, pp. 382–389, Jan. 2013. [10] Y. B. Ma, S. H. Jang, and J. S. Lee, “Ontology-Based Resource Management for Cloud,” in ACIIDS 2011 : The Third Asian Conference on Intelligent Information and Database Systems, 2011, pp. 343–352. [11] A. J. Younge, G. von Laszewski, L. Wang, S. Lopez-Alarcon, and W. Carithers, “Efficient resource management for Cloud computing environments,” in International Conference on Green Computing, 2010, pp. 357–364. [12] A. Waqas, Zulkefli.Muhammed.Yusof, Asadullah Shah, “A securitybased survey and classification of Cloud Architectures, State of Art and Future Directions,” presented at 2nd International Conference on Advanced Computer Science Applications and Technologies – ACSAT2013, 2013, pp. 284-289.

REFERENCES [1] [2]

[3]

[4]

[5]

[6]

Ing. J. Hermans “From Hype to Future, KPMG’s 2010 Cloud Computing Survey,” Amsterlveen, The Netherlands, 2010. Hampton, “Cloud Managed Private and Professional Services Revenue Projected to Grow to $66 Billion by 2018,” Technology Businesss Research Report, 2013. [Online]. Available: http://www.prweb.com/releases/2013/10/prweb11251691.htm#! [Accessed: 02-Nov-2013]. P. Mell and T. Grance, “The NIST Definition of Cloud Computing (Draft) Recommendations of the National Institute of Standards and Technology,” Special Publication 800-145 (Draft), Comput. Secur. Div. Inf. Technol. Lab. Natl. Inst. Stand. Technol. Gaithersburg, MD 208998930, Jan 2011. A. Waqas, Zulkefli.Muhammed.Yusof, Asadullah Shah, “Fault Tolerant Cloud Auditing” in 4th International Conference on ICT for Mulsim World (ICT4M2013), 2013, pp. 1 - 5. B. Prasad, R. Admela, D. Katsaros, and Y. Goeleven, “Architectural Requirements for Cloud Computing Systems : An Enterprise Cloud Approach,” in JGrid Comput. Springer, vol. 9, pp. 3–26, Dec 2010. F. Liu, J. Tong, J. Mao, R. Bohn, J. Messina, L. Badger, and D. Leaf, “NIST Cloud Computing Reference Architecture Recommendations of the National Institute of Standards and Technology”, Special Publication 500-292, Recommendations of the National Institute of Standards and Technology, Sep 2011.

28