service level agreement parameters for ecommerce cloud - IJSK

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493

International Journal of Scientific Knowledge Computing and Information Technology © 2012- 2014 IJSK & K.A.J. All rights reserved www.ijsk.org

SERVICE LEVEL AGREEMENT PARAMETERS FOR ECOMMERCE CLOUD AbdelSalam H. Busalim1 Ab Razak Che Hussin 1 1

Universiti Teknologi Malaysia, Faculty of Computing, Skudai, Jorhor Bahru, Malaysia (www.utm.my) ABSTRACT

Nowadays Services Level Agreement (SLA) became an important aspect between the cloud consumer and cloud provider, the dynamic nature of cloud computing needs to continue monitoring of the services. The restricted choice of appropriate parameters in SLA affects the interacting of end user with cloud services and creates risks of user data. End users are concerned about their data and how it will be stored in cloud and how the data is recovered in the case of failure of disaster. However, none of SLAs consider the end user view while conducting the SLA document. This paper discusses the importance of the parameters which need to be included in SLA when ecommerce companies move to cloud services, In order to verify and validate these parameters in ecommerce cloud, data were collected from105 respondents in faculty of computing in Universiti Teknologi Malaysia. The results indicate that most of the selected parameters are significant from the end users point of view. Keywords: SLA, Cloud Computing, ecommerce cloud especially from the perspective of end users. For ecommerce cloud companies, the end user is an important capital; therefore, satisfaction of the end user is a major goal of e-commerce cloud service providers. Among the risks the end user potentially faces when engaging in cloud-based e-commerce, is the issue of confidentiality of data, how data is stored, and who has access to this data. Another problem concerns privacy. The dynamic cloud environment makes it difficult for cloud providers to observe current data protection regulations and privacy policies [2]. The majority of current cloud contracts are little concerned with consumer privacy and consumers are often poorly informed about privacy issues [3].

1. INTRODUCTION Cloud technology is becoming an increasingly popular trend. As a new concept, cloud computing offer online software and hardware capabilities. It offers a secure online environment for data storage and various e-commerce services that maintain the latest technologies and continuous protections for clients. Many ecommerce companies are turning to cloud computing and services due to the cost-efficiency it offers. According to the Gartner group report, by 2013, 40 % of e-commerce companies will use a complete cloud services (SaaS) solution. It appears that cloud computing is set to change the ways in which businesses operate [1]. Form the business perspective, cloud computing offers a great number of benefits including reduced infrastructure and maintenance costs.

One method of ensuring that the client receives the correct services best suited to its needs is the SLA, which has transformed from being a financial contract into a managerial tool to ensure the expectations of the customer are met [4]. For this mechanism to be effective there is a need for clear definitions of services, and suitable measuring parameters to measure the level of services. In the cloud computing environment, computer resources and infrastructures that are offered are scalable, and the platform, software and infrastructure provided in the form of services can be accessed anytime and anywhere. However, provisioning this paradigm of

Many e-commerce companies and retailers have moved to cloud services due to the many benefits this shift offers in regards to cost effective and easily accessible storage options, and elastic computing and infrastructure. In 2012, the Gomez application performance monitor report clearly showed that among the 50 well known online retailers, 40% use Amazon cloud-based applications. However, there a number of risks associated with this reliance on outside services, 8

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


cloud services requires specific SLAs for every type of services. This can be rather challenging in view of the diverse range of services offered by cloud computing services, the various levels of each service, and the diverse needs of clients. No two clients are identical.

Transparency towards cloud services users must be the golden rule. Users do not know where the data stored and by whom it will be finally processed. It is compulsory for Cloud services providers to inform the users about the way in which data are processed . In the case of e-commerce Companies concern about the end user personal data, these important and private data may contain names, addresses, e-mail addresses and credit card numbers [2]. As known, that virtualization is one of the backbone of cloud computing technology, therefore there are some security risks in sharing machines for instance, losing control over data location, and who has the right to access to user data. [6]

This paper organized as follow. Section 2 highlights the literature review, Section 3 explains the methodology adopted by this paper, Section 4 will cover the results and discussion of the paper, then conclusion of this paper will be in Section 5.

2.

LITERATURE REVIEW

A. Risks and Challenges in E-Commerce Cloud

B. Services Level Agreement (SLA)

In ecommerce cloud sellers ,a large number of users information is stored in the cloud ,and transmission and processing taking place in cloud, therefore, the problems and risks more than traditional e-commerce model [5]. Increasingly, online retailers are relying on cloud services and applications such as storage, computing, comparison engines, product locators and dynamic imaging to run their businesses. With this relying on outside services high risks raised out . As a result, they are losing control of the end user experience.

To achieve high quality and performance goals in services or products, it may need the enterprise to establish and manage service level agreement (SLA) between the enterprise which provides the business service or product and the consumers, companies are responsible for its shareholders, expectations of the level of service to be offered [7]. The main goal of establishing SLA process is to improve the Quality of Experience of the service or product to the enterprise customer and reach the satisfaction level .

The confidentiality of the user’s data is one of the main risks facing ecommerce cloud. In ecommerce cloud, most of the business information is stored in the cloud therefore, e-commerce companies are not able to supervise and monitor user's sensitive information. As virtualization technology been used in cloud computing, ecommerce companies using cloud services are not clear about where the data been stored, and do not even know the physical location of that data.[5]. The European Network and Information Security Agency (ENISA), conducted a survey for the main cloud computing security issues. More than 70 % of the SME (small and medium enterprises) in this study are concerned by the first six criteria and more specifically by confidentiality of data. Privacy are another important issue in Cloud Computing. The dynamic nature and structure of Cloud environment, make it difficult for Cloud providers to follow the current data privacy and protection rules. The main reasons beyond this, the transnational nature of Cloud Computing that has to face the national nature regulation privacy[2].

However Service level Agreement (SLA) is a document describes the level of service expected by a customer from a services provider, based on metrics or policies by which that services are measured, and penalties if any, should the agreedupon levels not be achieved. Usually, SLA is between companies and external suppliers[8].A service level agreement can be an extremely effective communication tool for creating a common understanding between two parties regarding services , expectation , responsibilities and priorities [9]. Cloud technology as new paradigm of computing where available computing resources are delivered as a service. These resources are generally offered under the concept of pay-as-you-use, therefore cloud services become attractive to cost conscious customers. In order for Cloud providers to provide customers with services that meet their demands, both sides need to negotiate the client's requirements and the provider's services capabilities, and then they agree to certain conditions and terms which is the services level agreement [10]. The figure below shows the SLA parties in cloud environment. 9

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


Figure 1: SLA parties in cloud environment . The main purpose of SLAs is to set a guarantees are complying or not, therefore the framework for the providing services and for the author attempted to identify the SLA parameters cooperation among service providers and service for Storage-as-a-Service in cloud delivery model consumers[2]. However the concept of "everything- and also the objectives for measuring these as- services" offered by in cloud manner, this parameters and finally he proposed a monitoring paradigm has made the establishment of SLA more framework for compliance checking.[14] proposed challenging and makes the relation among the cloud a framework to minimize the issues of providers and users getting more complex. trustworthiness among the cloud service provider and cloud consumer, by using a quantitative model of trust. They identified and formalized several C. Services Level Agreement Parameters parameters which has derived from SLA, these The SLA in cloud computing It consists of a parameters to estimate trust. In this framework, the set of measurable attributes called SLA parameters identified set of parameters have categorized into which are established by some objectively two sets. The first set of parameters obtained from measurable conditions, termed as Service Level the SLA description and named as Pre-SAL Objectives (SLOs)[11]. The parameters used to parameters. These parameters are obtained in trust measure and manage performance compliance to estimation before signing the SLA contract, which SLA commitments are the key of successful can to help to build the consumer’s initial trust on agreements and are a critical long term success the cloud provider. However, most of cloud service factor[12]. There are examples include the providers focus only on small set of parameters, parameters of throughput and timing, also the namely Availability, request completion rate and percentage of availability of virtual machines and response time.[15] conducted a study to break other resources, these objectives can be written in down the Cloud SLA into easy and understandable the SLA in the form below: [13]. components and compare the SLAs of the considered public cloud provider. By comparing the  Availability of a service X is 99.5% SLA of Amazon, Rackspace, Microsoft, Terremark vCloud Express and Storm on demand, the study  Response time of a database query Q is highlighted that none of those providers offer nay between 3 to 5 seconds performance guarantee for the services nevertheless, none of the providers automatically  Throughput of a server S at peak load time credit the consumer for SLA violation, consumer is 0.875. should detect the SLA violation. The problems and There are several many studies have been unfulfilled expectations during accomplishing the conducted related to SLA in cloud computing SLA are the result of , poor choice of environment. [11] pointed out that the SLAs parameters[12]. provided by the presented cloud providers are As we mentioned in our previous paper [16] relatively biased towards cloud providers and do that In ecommerce cloud, to alleviate the risks and not provide any formal method of verifying if the challenges facing the end user during using 10

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


ecommerce cloud websites, suitable parameters need to be included in SLA to consider the end user perspective. The table below describes the extracted parameters for E-commerce cloud SLA, which can be used for Managing and monitoring the Quality of services delivered by cloud providers. Parameters

Description

Citations

Availability

The uptime of the services for the user in specific time

[15, 17] [18] [19] [11] [20] [21]

Scalability

Ability to increase and decrease the storage space

[21] [19] [18]

Portability

The services working on different devices or different platforms

[21] [19] [18]

Performance

The duration of time to respond on user's requests

[17] [20] [19] [18] [15] [14]

Security

The security of user data and the safety of the environment in the cloud

[17] [19] [18]

Reliability

Services ability to operate over the time without failure

[21] [19] [18]

Usability

The ability of the service to be attractive ,understandable, learnable, operable

[19] [21] [18]

Backup & Recovery

How the Service store the image of user data and the ability to recover data in disaster.

[17] [18] [15] [14]

Availability zones in which the data are stored

[18]

Data location

3. METHODOLOGY This section basically illustrates the activities for every phase in the research, which should be carried out for this paper. There are four phase in the research methodology which are illustrated in the figure 2 below. From the literature review phase we have found out some potential limitations in the SLA parameters and frameworks provided by cloud services providers, especially in the context of the e-commerce cloud. The current SLAs mentioned only the availability of the service and the performance level of the services, in e-commerce environment most of the companies have moved to cloud service, however the ecommerce end user in cloud computing environment facing risks during

communicating with ecommerce cloud websites and, the SLA between the cloud provider and ecommerce company does not consider these risks, and the user should be aware for this SLA. After identifying the main SLA parameters which is based on the risk and challenging in ecommerce cloud, a questionnaire is constructed to verify the end user perceptions regarding the importance of these parameters. This research is using quantitative method for collecting data. The questionnaire consist of two parts, the first part is the demographic part and part B is questions which related to parameters. Content validity process has been conducted before distributing the 11

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


questionnaire, by asking two experts in faculty of computing in Universiti Teknologi Malaysia (UTM), to make sure that the questionnaire is well organized and the questions is easy to understand. The final modified questionnaire has been distributed online using Survey Monkey tool. The sample size of the respondents after distributing the final questionnaire is 105 students, and the time for collecting the data was around two weeks The

respondents are the postgraduate and undergraduate students of computing faculty in UTM.

Figure2: Research framework

Table 2 shows the structure of part B in the final questionnaire distributed. The structure of this part of the questionnaire represents the parameters which extracted from literature review. The first column shows the parameters of SLA, the second column shows the questions of each parameters based on the objectives related to that parameter, and the last column represent the ID of each questions to make the process of analyzing easy and achievable. The aim this part of the questionnaire is to know the end user point view regarding the proposed parameters and how these parameters can reduce the risks in ecommerce cloud Therefore, to validate the collected data form questionnaire, SPSS statistical analysis software has been used in this research.

12

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


Table 2. Structure of the questionnaire

4. RESULTS AND DISCUSSION A. Demographic Analysis Most of the respondents are male, 80 students out of 105 which represent 76% of the respondents where the rest of the respondent are female with approximately 24% as it can been seen in figure 3.

Figure 3. Information on respondent's gender 13

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


Figure 4 shows the level of education of the respondents, the highest number of the respondents are Masters students which represent 69% of the total respondents , where 18% of them are bachelor degree students and 10% are Phd students.

While the rest are 1.9% are new undergrad students. As mentioned earlier the scope of the respondents was limited in student of faculty of computing, in order to make sure the answers are accurate regarding the parameters which can be used in ecommerce cloud environment.

Figure 4: Education level of the respondents Figure 5 explains the information of respondent about how frequently they buy online. Based on the graph below, the major number of the respondent is buying once a month which represent 33.3%. The second is 28% which buy online once in every year and 22.8% represent the frequency of buying once in sex month, while 11.4% of the respondents buy once in every week. The less number represent 3.8% who are buy every day.

Figure 5: Frequency of buying online 14

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


While 33.3% of the respondents using cloud from less than one year and the rest of the respondents using cloud from 5 to 7 years which represent 14.2%. From the figure above, it can be pointed that majority of the respondents know very well the concept of the cloud computing. Figure 6 illustrates these results.

Another results shows the experience of the respondents about cloud computing applications. The major number of the respondents (54 students) using cloud applications between 2 to 4 years which represent 51.4% from the whole respondents.

Figure 6: Respondents experience in using cloud

B. Descriptive statistics Cronbach's alpha method used to measure the internal consistency, which means how closely the item are related to each other as group . In Cronbach's alpha the reliability should be more than .70 in order to consider the items are. The result of Cronbach's alpha reliability analyze is .961 as shown the table below. Table 3: Reliability Statistics for Questionnaire Cronbach's

Cronbach's

Alpha

Alpha Based on

N of Items

Standardized Items .961

.965

15

31

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


The tables below shows the Descriptive statistics Analysis for the parameters The tables show the Descriptive statistics for each variables in the questionnaire as listed in table 1. In part B of the questionnaire the weight is (1.Strongly Disagree,

2Disagree, 3 Neutral, 4 Agree, and 5Strongly Agree).

Table 5. Descriptive Statistics

Variables

N

Mean

SEC1 SEC2 SEC3 SEC4 SEC5 SEC6 SEC7 PRF1 PRF2 PRF3 PRF4 PRF5 PRF6 USE1 USE2 USE3

88 84 87 86 87 85 87 88 87 85 87 85 88 88 86 88

4.34 4.58 4.54 4.36 4.52 4.49 4.45 4.02 4.30 4.18 4.07 4.25 4.20 4.38 4.33 4.33

Std. Deviation .815 .779 .775 .825 .819 .854 .743 .934 .794 .833 .832 .844 .833 .778 .913 .827

Table 6. Descriptive Statistics

Variables

N

AVL1 AVL2 DLC1 DLC2 BKRC1 BKRC2 BKRC3 BKRC4 RBY1 RBY2 RBY3 SBLY1 SBLY2 PROT1 PROT2

88 87 85 85 85 85 85 84 85 85 85 85 84 85 83

Mean

Std. Deviation

4.43 4.45 3.33 3.61 4.28 4.22 4.27 4.18 4.19 3.51 4.08 4.13 4.31 4.41 4.40

16

.841 .789 1.189 1.114 .781 .905 .892 .946 .764 .840 .848 .753 .744 .678 .748

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


According to Table 5 and 6 most of the items have higher means which means all the items are important and significant from the end user point of view, we considered the items who have higher means as most important for user perspective.

The first output of factor analysis showed in table 7 is a Kaiser-Meyer-Olkin measure of sampling adequacy and Bartlett‟s Test. In KMO and Bartlett's Test the value should be greater than 0.5 in order to consider the sample is adequate and suitable for applying factor analysis. According to the table above the value of KMO test for this study is .732 which greater than 0.5 meaning that ,the questionnaire sample is suitable to conducting factor analysis.

C. Factor Analysis Factor analysis is data reduction technique, which used to structure large number of items in the questionnaire. Factor Analysis also used to minimise the redundancy between items and to group the items based on the inter correlation between these items. Since this study to identify the main important parameters for SLA cloud commerce, factor analysis has been used to remove the inappropriate items which are not suitable or not belong to any parameters.

Table 7 : KMO and Bartlett's Test Analysis Kaiser-Meyer-Olkin Measure of Sampling Adequacy. Approx. Chi-Square Bartlett's Test of Sphericity

.732 2149.043

df

465

Sig.

.000

The last output of the factor analysis is Communalities Analysis. Table 8 and 9 below explain the communalities before and after extraction which highlight shows how much of the variance for the variables accounted for by the extracted factors. For example over 80% of variance in Parameter NO.2 (security2) is accounted while 50% of the variance in parameters No.27 (reliability 3) is accounted. From the factor analysis results we can highlight that all the parameters and their objectives are significant and recognized are important from the end users perspective, which may improve the quality of the SLA between the cloud providers and ecommerce seller by considering the end user perspective during conducting the negotiations process between the two parties. Considering end use perspective toward cloud services in the SLA can increase their trust and also the reputation of the ecommerce seller well be increased.

17

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


Table 8. Communalities Analysis Item

Initial

Extraction

SEC1

1.000

.711

SEC2

1.000

.804

SEC3

1.000

.823

SEC4

1.000

.715

SEC5

1.000

.808

SEC6

1.000

.808

SEC7

1.000

.676

PRF1

1.000

.697

PRF2

1.000

.785

PRF3

1.000

.811

PRF4

1.000

.632

PRF5

1.000

.756

PRF6

1.000

.692

USE1

1.000

.750

USE2

1.000

.809

USE3

1.000

.725

Table 9. Communalities Analysis Item

Initial

Extraction

AVL1

1.000

.694

AVL2

1.000

.704

DLC1

1.000

.782

DLC2

1.000

.770

BKRC1

1.000

.653

BKRC2

1.000

.797

BKRC3

1.000

.820

BKRC4

1.000

.787

RBY1

1.000

.607

RBY2

1.000

.492

RBY3

1.000

.567

SBLY1

1.000

.759

SBLY2

1.000

.719

PROT1

1.000

.782

PROT2

1.000

.671

18

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


Communications and Networks, Y. Yang and M. Ma, Editors. 2012, Springer Netherlands. p. 1487-1493.

5. CONCLUSION Service Level Agreement has significant impact on ecommerce websites which using cloud services, SLA can guarantee the services provided to the ecommerce websites and protecting ecommerce user by applying appropriate parameters. This paper introduced ecommerce cloud SLA parameters which consider the ecommerce cloud end users, these parameters has been selected based on the risks facing the user during interacting with ecommerce cloud, the parameters validated by conducting a survey inside Faculty of computing in UTM. The results indicates that all the parameters are important from end user point of view. However this research included only the student in faculty of computing as respondents . Futures work should cover wider variety of respondents

6.

6. Pearson, S. and A. Charlesworth, Accountability as a Way Forward for Privacy Protection in the Cloud, in Cloud Computing, M. Jaatun, G. Zhao, and C. Rong, Editors. 2009, Springer Berlin Heidelberg. p. 131-144.

7.

7. Group, T.O., SLA Management Handbook. Vol. 4. 2004, UK: The Open Group. 137.

8.

8. Greiner, L. and L.G. Pau. SLA Definitions and Solutions.2009[cited201321-3];Available from:http://www.cio.com/article/128900/S LA_Definitions_and_Solutions?page=1#w hat.

9.

9. Karten, N. Establishing Service Level Agreements. 2008 [cited 2013 213]; Available from: http://www.nkarten.com/sla.html.

REFERENCES 1.

2.

3.

4.

5.

1. Motahari-Nezhad, H., B. Stephenson, and S. Singha, Outsourcing Business to Cloud Computing Services: Opportunities and Challenges. IEEE IT Professional, Special Issue on Cloud Computing, 2009. 11(2). 2. Gangadharan, G.R. and D. Parrilli, Service Level Agreements in Cloud Computing: Perspectives of Private Consumers and Small-to-Medium Enterprises, in Cloud Computing for Enterprise Architectures, Z. Mahmood and R. Hill, Editors. 2011, Springer London. p. 207-225. 3. Bashir, M.N., et al., Privacy in the cloud: going beyond the contractarian paradigm, in Proceedings of the 2011 Workshop on Governance of Technology, Information, and Policies2011, ACM: Orlando, Florida. p. 21-27.

10. 10. Falasi, A.A. and M.A. Serhani, A Frameworl( for SLA-Based Cloud ServicesVerification and Composition, in International Conference on Innovations in Information Technology2011. p. 6. 11. 11. Ghosh, N. and S.K. Ghosh. An approach to identify and monitor SLA parameters for storage-as-a-service cloud delivery model. in Globecom Workshops (GC Wkshps), 2012 IEEE. 2012. IEEE. 12. 12. Paschke, A. and E. SchnappingerGerull, A Categorization Scheme for SLA Metrics. Service Oriented Electronic Commerce, 2006. 80: p. 25-40. 13. 13. DeveloperWorks Editors, I. Review and summary of cloud service level agreements. 2010 [cited 2013 2-4 ]; Available from: http://www.ibm.com/developerworks/clou d/library/cl-rev2sla.html.

4. Bouman, J., J. Trienekens, and M. Van der Zwan. Specification of service level agreements, clarifying concepts on the basis of practical research. in Software Technology and Engineering Practice, 1999. STEP'99. Proceedings. 1999. IEEE.

14. 14. Chakraborty, S. and K. Roy. An SLA-based Framework for Estimating Trustworthiness of a Cloud. in Trust, Security and Privacy in Computing and

5. Hanyan, H., Research of Ecommerce Security Strategies Based on Cloud Computing Platform, in Green 19

Feb. 2014. Vol. 4, No.6

ISSN 2305-1493


Communications (TrustCom), 2012 IEEE 11th International Conference on. 2012.

cloud computing. in Digital Ecosystems and Technologies (DEST), 2010 4th IEEE International Conference on. 2010. IEEE.

15. 15. Baset, S.A., Cloud SLAs: present and future. ACM SIGOPS Operating Systems Review, 2012. 46(2): p. 57-66.

19. 19. Rady, M., Parameters for Service Level Agreements Generation in Cloud Computing, in Advances in Conceptual Modeling2012, Springer. p. 13-22.

16. 16. Busalim, A.H., A.R.C. Hussin, and A. Ibrahim. Service level agreement framework for e-commerce cloud end-user perspective. in Research and Innovation in Information Systems (ICRIIS), 2013 International Conference on. 2013.

20. 20. Chauhan, T., et al. Service level agreement parameter matching in cloud computing. in Information and Communication Technologies (WICT), 2011 World Congress on. 2011. IEEE.

17. 17. Ben Pring, C.A., William Maurer, Alexa Bona, Best Practices for ServiceLevel Agreementsfor Software as a Service, 2010, Gartner Stamford. p. 10. 18. 18. Alhamad, M., T. Dillon, and E. Chang. Conceptual SLA framework for

21. 21. Nie, G., E. Xueni, and D. Chen, Research on Service Level Agreement in Cloud Computing, in Advances in Electric and Electronics2012, Springer. p. 39-43.

20