Conference Paper

SaaS Integration for Software Cloud

Authors:
  • Essenlix
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

Software as a Service (SaaS) has been adopted in a fast pace for applications and services on software clouds. However, the success of SaaS in software cloud cannot obscure the integration challenges faced by developers and enterprise infrastructure IT. Among those challenges, firewall/NAT traversal and security issues often pose a serious bottleneck as enterprises may not be entirely comfortable running mission critical applications outside the corporate firewall. On the other hand, SaaS applications in the cloud need to access enterprise on-premise applications for data exchange and on-premises services. The current approaches through opening special pin-holes on firewall or using dedicated VPNs have encountered a number of limitations and drawbacks. This paper presents a Proxy-based firewall/NAT traversal solution for SaaS integration (PASS). It allows SaaS applications to integrate with on-premise applications without firewall reconfiguration, while maintaining the security of on-premise applications. In addition, this approach is platform and application independent, making the SaaS integration seamless. Moreover, PASS is consistent with the enterprise web browsing infrastructure, and it requires little or no change to enterprise firewall/NAT configurations. In this paper we present the architecture of PASS and address SaaS integration challenges in software cloud, such as security/firewall, performance, and scalability. Experimental study based on our implemented system shows that the proposed approach of PASS is promising to resolve firewall/NAT traversal for SaaS integration with on-premise services.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... Beberapa studi [4]- [6] mengatakan bahwa pengguna diuntungkan dengan kecepatan dari implementasi SaaS, keandalan, serta fleksibilitas dan optimasi kapasitas infrastruktur. Hal ini memberikan pengguna keuntungan strategis untuk dapat memberikan nilai lebih baik konsumen dibandingkan para pesaing lain. ...
... Dengan model ini pengguna hanya membayar bila mereka menggunakan perangkat lunak dan dalam banyak kasus, SaaS mungkin terbukti lebih murah daripada memiliki dan memelihara sistem dan teknologi secara in-house, sehingga memungkinkan pengguna menghemat uang untuk dukungan dan biaya upgrade, infrastruktur, personil, dan implementasi [3], [13]. Selain penghematan biaya kepemilikan saat membeli sebuah perangkat lunak, pengguna juga diuntungkan dengan kecepatan dari implementasi SaaS, keandalan, serta fleksibilitas dan optimasi kapasitas infrastruktur [4]- [6]. ...
... Dengan meningkatnya kompleksitas proses bisnis, maka aplikasi atau layanan SaaS tunggal dalam perangkat lunak cloud tidak dapat memenuhi semua persyaratan bisnis dengan sendirinya. Untuk memenuhi kebutuhan bisnis sambil memanfaatkan layanan berbasis SaaS, aplikasi bisnis harus berintegrasi dengan aplikasi on-premise dan atau SaaS lain [4]. Integrasi memungkinkan manipulasi dan pertukaran data antar aplikasi yang dapat dilakukan di atas sebuah interface dengan membatasi dua entitas independen, dalam hal ini aplikasi, sehingga dapat berinteraksi atau berkomunikasi satu sama lain. ...
Article
SaaS application users get strategic benefits, among them the speed of implementation, reliability, and flexibility also optimization of infrastructure capacity. The company does integration with the aim to increase productivity, data accuracy, speed and flexibility [1]. This also drives XYZ.com, an online store in Jakarta, to integrate its web commerce application with SaaS accounting application. System integration design is carried out by analysis and observation of current business processes using the business objectives model. It is concluded that with system integration, XYZ.com wants to achieve 3 business objectives, i.e. (1) increasing the number of orders recorded in the accounting application, (2) improving stock accuracy, and (3) reducing the number of order cancellations due to unavailability of goods. System integration is designed to enable information retrieval such as products, contacts, transactions, and journals from accounting application through available API. Further research needs to be carried to realize the list of requirements that have been described in the feature tree to the stage of software development and implementation so that the objectives set by the business can be measured and improved.
... Platform as a Service (PaaS) [3], services that provides an integrated platform for users to develop, test and build their applications. Software as a Service (SaaS) [4], Service provided as an app hosted on the cloud to be consumed by users and doesn't require maintenance from their perspective. With cloud becoming more conventional, cloud storage became cheaper and affordable for companies to store more data and offload their archives and backups into the cloud. ...
... However, the organization has a complete ownership over its workload and data [5], [6]. Hybrid cloud: Concept that enables an organization to use both the private and public cloud benefits, used usually to respond to compliance, regulatory as well as latency requirements [3], [4], [7], [8]. The public cloud infrastructure is owned by the CP. ...
Article
Full-text available
With recent advancement in technology, cloud storage became cheaper enabling organizations around the world to store more data on the cloud (texts, images, videos, databases etc.), whereas it's for a backup, archiving or just storing data streams. New digital laws and regulation (e.g., General Data Protection Regulation) require these organizations to change their way of processing or handling data, which results usually in a change of cloud providers or adoption of hybrid architecture or multi-cloud one. With the amount of data stored increasing year after year, it becomes difficult for these organizations to change cloud platforms or cloud provider and migrate their data without thinking about the technical complexity, the time, and the huge cost it may incur. This article discusses the data migration and interoperability issues between cloud platforms; the proposed approach provides a simple cost-effective migration that would help organizations save time and money in this process based on a hybrid ontology approach for the brokerage of data transfers.
... To improve the data security model, the author introduces [37] a hybrid model having three layers: 1 st layer OTP authentication, 2 nd for encryption, integrity & consumer protection and 3 rd to speedy data recovery. In an article [38], the author discusses the finegrained access control to secure the data in the cloud. In an article [39] author discusses the SSL/TLS, IPsec to have the secure communication in a cloud network. ...
... In an article [40] author discusses the ubiquity and integration of services (UBIS) architecture to fulfil the needs of cloud consumers and to improve the cloud security. The author mentions the secure on-premise implementation in the article [38]. To identity the real attacker of DDoS, the author designed cloud trace back (CTB) [41]. ...
Article
Full-text available
The "cloud" has turned into a fixture, for almost everything: reinforcement and recuperation (e.g. Dropbox), correspondence (Skype, WhatsApp), profitability (Microsoft Office 365, Google Docs), adaptable use (Netflix), business process (Salesforce), long range informal communication (Facebook, LinkedIn, Twitter), and the sky is the limit from there. Consistently there are more organizations putting away information and running workloads in the cloud. With that development, in any case, additionally comes a bigger focus on your back. Digital Attackers have a tendency to pursue the most minimal hanging natural product from the biggest pool of conceivable targets-making web applications and information an essential core interest. According the Thale's report published in 2018, 67% of the data has been compromised. This paper abridges various associate investigated articles on security dangers in distributed computing and the preventive techniques. The aim of this analysis is to comprehend the cloud parts, security issues, and dangers, alongside developing arrangements that may possibly alleviate the vulnerabilities in the cloud by using RSA cryptosystem.
... This transition enables companies to gain a competitive advantage in the market economically. The cloud SaaS model offers faster deployment with minimal effort [1]. Enterprises do not have to bear the heavy up-front costs for IT hardware and software owing to the per-user service-renting model. ...
... The employees may connect to corporate services both remotely, via a Wi-Fi hotspot or via the Smartphone's cellular data connection (3G/4G/5G services), and directly via the enterprise's wireless network. The same device access methods also apply when employees access public SaaS clouds [1]. ...
Conference Paper
Full-text available
In contemporary times IT plays a major role in enterprises’ business processes. Companies pursue the adoption of new technological trends in order to improve their business in terms of both performance and efficiency so that they can keep up with the fierce market competition. However, the emergence of cloud computing technology and the opportunity for employees to work using their personal smart phones through the adoption of Bring your own Device (BYOD) policies introduce additional risk for the enterprise. In this paper we propose an enterprise information security architecture for accessing SaaS cloud services by Smartphone BYOD. This architecture is based on the SABSA security architecture framework, which consists of the hardware, software and service-oriented security components that can reduce the aforementioned risks to acceptable levels.
... Moreover, data integration and interoperability are challenging and include many concerns. These encompass difficulty in large data transmission, from both security and bandwidth perspectives; data integrity and support of transaction across the cloud; expensive data change detection; controlling data quality; and determining the original source of data [57]. ...
Article
Full-text available
Cloud computing is one of the most significant trends in the information technology evolution, as it has created new opportunities that were never possible before. It is utilized and adopted by individuals and businesses on all scales, from a cloud-storage service such as Google Drive for normal users, to large scale integrated servers for online social media platforms such as Facebook. In cloud computing, services are offered mainly on three levels: infrastructure, platform, and software. In this article, an extensive and detailed literature review about cloud computing and its applications is presented, including history and evolution. Moreover, to measure the adoption of cloud applications in industry and academia, we conducted a user-study survey that included professionals and academics from various levels. The user-study methodology, details, and results are also presented and discussed.
... However, the proper ranking of SaaS products is not possible, as each feature plays a vital role in the SaaS. Authors Qian Tao etc. proposed a technique for all cloud services based on non-functional QoS attributes like reputation, reliability, security, time, price and availability 8,9,10 . They exploited the results by Partitioning around Medians (PAM) rule for all kinds of cloud services. ...
... GIS cloud allows anyone with a browser to instantly use GIS. This innovative cloud computing technology gives subscribers full access to GIS tools such as data creation, analysis, editing and visualization [9]. ...
Conference Paper
Full-text available
Web Based Geographic Information Systems (GIS) application is used to provide information about the location of the historical buildings in the city of Semarang which can be accessed by online users. Utilization of Cloud Computing Technology as a place to store digital documents with consideration that storage can be done directly through the Internet and can be accessed by all parties that need data about the cultural heritage of Semarang and avoid excess procurement of storage media that can save a great physical computer for storage and maintenance documents that do not depend on local storage. Semarang city heritage building WebGIS is a location determination applications, with the help of cloud computing offers easy and efficient visualization, analysis and exploration of geographic information. The main purpose of GIS Cloud platform is to simplify the exchange of geographic information between the user and offer an easy way to analyze the information regardless of its location.
... There are several approaches to implement hybrid cloud, the fastest one is by adopting SaaS solution [14]. The common SaaS solution is cloud storage, cloud email, and line of business services. ...
Conference Paper
The essential function of the learning management system (LMS) is to manage and the learning object. Therefore, storage capacity becomes critical component when the content and the user is growing. Some of the existing LMS experience problems to store many files because of limited storage capacity and also the inability of the LMS has scalability on the storage. This paper makes an effort to improve the LMS capability on storage capacity by integrating the LMS storage with the cloud storage. Specifically, this paper proposes low cost consumer cloud storage to be used for storage extension on the LMS. This paper discusses about the comparison between several consumer cloud storage and its integration strategy. As a result, this paper can be a consideration when choosing a cloud storage for LMS or e-learning.
... In particular it does not address the need of combining IaaS with the execution environment (SaaS). This is addressed in the work of Liu et al. [16]. ...
Article
Full-text available
The evolving software development practices in modern software development companies often bring in more empowerment to software development teams. The empowered teams change the way in which software products and projects are measured and how the measures are communicated. In this paper we address the problem of dissemination of measurement information by designing a measurement infrastructure in a cloud environment. The described cloud system (MetricsCloud) utilizes file-sharing as the underlying mechanism to disseminate the measurement information at the company. Based on the types of measurement systems identified in this paper MetricsCloud realizes a set of synchronization strategies to fulfill the needs specific for these types. The results from migrating traditional, web-based, folder-sharing distribution of measurement systems to the cloud show that this type of measurement dissemination is flexible, reliable, and easy to use.
... As one of the service model in cloud computing, software as a service (SaaS) [11]- [13] should be the one which most end users of software can benefit from. SaaS reshapes the paradigm through which software deliver functions to users; unlike traditional software that need to pre-acquired and installed on particular host(s), SaaS deliver user functions that were wrapped in Web-based interfaces through the Internet, or more specifically, the Web service techniques [14]. ...
... The restful style [2] Web service emerged as an lightweight alternative for realizing the concept of software as a service (SaaS) [3], [4], which is one of the major service delivery models in cloud computing [5] environment. In a SaaS model, functionalities of software are delivered to users through the Internet and HTTP; users do not need to handle executable files and configuration data, instead, these files are hosted in the cloud. ...
... The Restful Web applications [7] emerged as an lightweight alternative for realizing the concept of software as a service (SaaS) [8,9], which is one of the major service delivery models in cloud computing [10] environment, the other two service models are infrastructure as a service (IaaS) and platform as a service (PaaS). In a SaaS model, functionalities are delivered to users through the Internet; users do not need executable files and data, instead, they are hosted in the cloud. ...
Article
Online education and training play critical roles in the age of Internet. For easy sharing and reusing pedagogical resources that are high-priced to develop, there are standards for encoding instructional contents and regulating their presentational formats. However, because access interfaces and message packing schemes of most e-learning resources are still proprietary, the offered contents are available to privileged users only and thus are difficult to utilize and circulate. SOAP-based Web services to some extent solve the openness issue by enforcing contents and their packing schemes conform to pre-defined formats. To enrich online pedagogical resources and facilitate sharing them among educators and learners, it is of great importance to build them in not only open, but also efficient and easy-accessible way. This article proposes an approach for provisioning pedagogical resources in the cloud based upon the representational state transfer architectural (REST) style. The anticipation is that the constructed services enable instructors and students to easily use a variety of devices to access pedagogical resources under diverse learning circumstances, which is realization of the so-called ubiquitous learning.
... Increasingly integration is necessary between internal and external business systems for each organization. To meet the business needs, sometimes it is necessary to integrate SaaS applications with on-premise applications locally installed [35]. The integration and customization are critical components in the strategies of successful SaaS architectures, a centralized IT infrastructure based on services [9]. ...
Article
Full-text available
Nowadays the technological progress allows us to have highly flexible solutions, easily accessible with lower levels of investment, which leads to many companies adopting SaaS (Software-as-a-Service) to support their business processes. Associated with this movement and considering the advantages of SaaS, it is important to understand whether work is being developed that is underutilized because companies are not taking advantage of it, and in this case it is necessary to understand the reasons thereof. This knowledge is important even for people who do not use or do not develop/provide SaaS, since sooner or later it will be unavoidable due to current trends. In the near future, nearly all decision-makers of IT strategies will be forced to consider adopting SaaS as an IT solution for the convenience benefits associated with technology or market competition. At that time they will have to know how to evaluate impacts and decide. Often, decision-makers of business strategies consider only the attractive incentives of using SaaS ignoring the impacts associated with new technologies. The need for tools and processes to assess these impacts before adopting a SaaS solution is crucial to ensure the sustainability of the information system, reduce uncertainty and facilitate decision making. This article presents a framework for evaluating impacts of SaaS called SIE (SaaS Impact Evaluation) which in addition to guidance for the present research, aims to provide guidelines for the collection, data analysis, impact assessment and decision making about including SaaS on the organizations strategic plans.
... Integrity challenges in the cloud could arise when SaaS applications in the cloud need to access enterprise on-premises applications for data exchange and on-premises services. Such challenges can be overcome by implementing a Proxy-based firewall/NAT traversal solution which allows SaaS applications to integrate with on-premise applications without firewall reconfiguration, while maintaining the security of onpremise applications [32]. Besides ensuring integrity in the process of data transmission, a mechanism for the CSU or the CSP to check whether the record is modified in the cloud storage is also needed. ...
Conference Paper
Full-text available
Many publications have dealt with various types of security requirements in cloud computing but not all types have been explored in sufficient depth. It is also hard to understand which types of requirements have been under-researched and which are most investigated. This paper's goal is to provide a comprehensive and structured overview of cloud computing security requirements and solutions. We carried out a systematic review and identified security requirements from previous publications that we classified in nine sub-areas: Access Control, Attack/Harm Detection, Non-repudiation, Integrity, Security Auditing, Physical Protection, Privacy, Recovery, and Prosecution. We found that (i) the least researched sub-areas are non-repudiation, physical protection, recovery and prosecution, and that (ii) access control, integrity and auditability are the most researched sub-areas.
... Cloud computing is a large-scale distributed computing paradigm that is driven by economies of scale, in which a pool of abstracted, virtualized, dynamically-scalable, managed computing power, storage, platforms, and services are delivered on demand to external customers over the Internet [1]. The cloud computing paradigm is usually linked to SaaS or Software as a Service model [2]. This service model works by providing applications for end users on service-based manner. ...
Article
Cloud computing is frequently being utilized to eliminate the need to local information resources. In this paper, we address the problem of intrusion detection in cloud environments and the possibility of allowing intrusion detection to be provided to clients as a service. The paper describes the Cloud Intrusion Detection Service (CIDS), which is intended to function as an intrusion detection web service to be provided for cloud clients in a service-based manner. CIDS utilizes the "Snort" open source intrusion detection system. The operating logic and user access webpages were developed using J2EE. We implemented a proof-of-concept prototype to evaluate the performance. CIDS was proved to be very friendly to resource allocation. Additionally, CIDS gave better attack detection rates and attack detection times than other solutions. These improvements can be beneficial to both cloud providers and cloud subscribers alike.
... Cloud providers and customers must share the responsibility for security and privacy in cloud computing environments, but sharing levels will differ for different delivery models, which in turn affect cloud extensibility. l In SaaS, providers typically enable services with a large number of integrated features [5], resulting in less extensibility for customers. Providers are more responsible for the security and privacy of application services, more so in public than private clouds where the client organization might have stringent security requirements and provide the needed enforcement services. ...
Article
Full-text available
Cloud computing is a developing archetype with marvelous momentum, but its exceptional aspects worsening the security and privacy challenges. This article provides an overview of the security and privacy challenges pertinent to public cloud computing and points out considerations organizations should take when outsourcing data, applications, and infrastructure to a public cloud environment. We have also proposed a security mechanism “security as a service” for cloud computing. It also explores the roadblocks and solutions to providing a trustworthy cloud computing environment.
... SOC is founded on the idea of discovery and composition whereby an executable business process can discover at runtime the most suitable services and orchestrate them in order to satisfy a particular domain or business requirement [32]. This flexibility can lead to new economic opportunities as software functionality is increasingly commoditised as Software as a Service (SaaS) in the Cloud [30]. Developing SOA-based systems, which are typically heterogeneous, large, and complex, is a challenging and time-consuming exercise [9]. ...
Article
Full-text available
Service-Oriented Computing is becoming a paradigm of choice for implementing enterprise-level distributed applications, with a number of methodologies having been proposed to provide systematic guidance for the development of service-oriented solutions. However, presently, there is a lack of well-defined and pragmatic Service-Oriented (SO)-specific methodology evaluation approaches, making it difficult to evaluate and compare exiting methodologies in an informed manner. To this end, this paper proposes an analytical framework for evaluating and comparing SO development methodologies using a set of qualitative features and quantitative ratio-scale metrics. A case-study was conducted to demonstrate the practical application of the framework.
... The server side evaluation of the telemedicine system typically involves two basic components: a data repository, where the data collected by the remote patients are stored, and a software interface, that allows the operators to access the data and to perform the requested evaluation. About the data repository, the recent evolutions in the field of cloudbased data management [12,13] suggest the adoption of the SaaS (Software as a Service) paradigm, instead of the more traditional PaaS (Platform as a Service) one. The former ensures higher reliability, because data are not physically located in a machine but are spread across a cloud of nodes, cooperating towards the provision of a specific service. ...
Article
Full-text available
Moving from the experience gained in home telemonitoring of elderly patients with Congestive Heart Failure, that confirmed a reduction of the rehospitalization rate and an improved monitoring of drugs assumption by the patients, this paper extends the evaluation of technological approaches for remote health monitoring of older adults. Focus of the evaluation is on telemedicine effectiveness and usability, either from a patient's or a medical operator's perspective. The evaluation has been performed by testing three remote health platforms designed according to different technological approaches, in a realistic scenario involving older adults and medical operators (doctors and nurses). The aim of the testing activity was not to benchmark a specific solution with respect to the others, but to evaluate the main positive and negative issues related to the system and service design philosophy each solution was built upon. Though preliminary, the results discussed in the paper can be used as a set of guidelines in the selection of proper technological equipments for services targeted to elderly users, from a usability perspective. These results need to be complemented with more focused discussions of the ethical, medical, and legal aspects of the use of technology in remote healthcare.
... To respond to the issue, the REST-styled service presented by Roy Fielding in his dissertation [6] looks promising. The restful Web applications [7] emerged as an lightweight alternative for realizing the concept of software as a service (SaaS) [8, 9], which is one of the major service models in cloud computing [10] environment. In a restful Web application, everything that could be accessed or operated are treated as resources, and resources must be identifiable via an uniform naming scheme, or practically, the uniform resource identifier (URI). ...
Conference Paper
Full-text available
Online question bank systems play a critical role in evaluating learners' achievement. For easy sharing and reusing, there is a standard for encoding question banks' pedagogical contents and presentational format. However, access interfaces to most online question banks are proprietary, such that the offered contents are available to limited users only and difficult to utilize and circulate. SOAP-based Web service to some extent solves the openness issue by conforming to existing standards. To enrich contents of question banks and facilitate sharing them among educators, it is of great importance to build easy-accessible as well as open question banks. This article proposes a method for designing a question bank in cloud according to the representational state transfer architectural style. Accordingly, the question bank can allows instructors and students using various devices to access online assessment resources under various learning circumstances.
Chapter
The rapid rise of cloud computing technology marks the next wave of enterprise information technology, catering up a market demand of a digitized economy to deliver traditional utilities such as electricity, gas, water, to name a few. The tremendous benefits of cloud computing technologies are being leveraged by companies of all sizes, leading lots of novel concepts and implementations, such as Software as a Service, Platform as a Service, Storage as a Service, and Infrastructure as a Service. In this chapter we give a survey on leveraging cloud-based resources for automated biometric identification, i.e., Biometrics as a Service (BAAS). In particular we present a comprehensive state-of-the-art cloud-based biometrics technologies for identification and authentication and then investigate on new systems, frameworks, and technologies developed by the community from the perspective of BAAS.
Conference Paper
Data has a strategic role in planning, evaluating, making decisions, and formulating policy. Various data supplying that appropriate with the potential of each region was conducted by the Statistics Indonesia (BPS) in each of those region. Service engineering efort needs to be done to improve the quality of data services in every regional BPS. In order to implement the services easily in every regional BPS then the service was delivered in the form of Software as a Service (SaaS). Service engineering and SaaS development, each has its own method. So, this study is to combine service engineering method with SaaS development method.
Article
Purpose Fierce competition drives software vendors to rely on Software-as-a-Service (SaaS) strategies and to continuously match new releases with customers’ needs and competitors’ moves. Such recurrent release practices pose specific challenges for software vendors which shape how they service customers. To address these challenges, this paper aims to apply service science to innovate strategies for SaaS release management. Design/methodology/approach Based on action research methodology, the authors collaborated closely with Software Inc., an alias for a large multinational software provider, to apply service-dominant logic systematically, to analyze and improve its SaaS release management process and to support ongoing value co-creation with its customers. Findings The authors provide a detailed account of how Software Inc. improved its SaaS release management practices; they extend current understanding of service innovation dynamics in SaaS environments and offer a model of value co-creation in SaaS release management grounded in the findings from Software Inc. Research limitations/implications The research draws on a single case study with particular characteristics. Still, it allows for analytical generalizations with both theoretical and practical implications for how SaaS managers can improve recurrent release practices based on foundational service-dominant logic principles. Practical implications The authors suggest that SaaS managers concentrate on knowledge-sharing with customers, ensure continuous communication among teams supporting the service, re-organize release management to enhance the value co-creation process, use technology to improve customer service experiences and use service mapping to improve release management and service quality. Originality/value The authors bridge service-dominant logic principles and SaaS knowledge by demonstrating how service-dominant logic can be used to improve SaaS release practices and by offering conceptual and practical knowledge about value co-creation between customers and suppliers in SaaS contexts.
Article
Full-text available
Cloud computing represents the most recent enterprise trend in information technology and refers to the virtualization of computing resources that are available on demand. Cloud computing saves cost and time for businesses. Moreover, this computing process reflects a radical technological revolution in how companies develop, deploy, and manage enterprise applications over the Internet. Virtualized cloud computing mainly offers cloud-computing delivery models such as software as a service, platform as a service, and infrastructure as a service. Security and privacy are presently considered critical factors in the adaptation of any cloud-service delivery model. Cloud computing leverages several technologies; in the process, this model can inherit potential security threats. Thus far, security issues in cloud computing have rarely been addressed at the service delivery level. Key security concerns include Web application security, network security, data security, integration, vulnerabilities in the virtualized environment, and physical security. The aim of this research is to comprehensively present the security threats with respect to their cloud service deliver models. This study also determines how service delivery models differ from existing enterprise applications, classify these models, and investigate the inherent security challenges. This study primarily focuses on the security concerns of each layer of the cloud-service delivery model, as well as on existing solutions and approaches. In addition, countermeasures to potential security threats are also presented for each cloud model. Copyright
Article
Durch die konsequente Anwendung eines durchdachten Geschäftsprozess-mangements kann ein Unternehmen erreichen, sich seiner Abläufe zunächst bewusst zu werden und diese dann stetig zu verbessern. Doch nur wenn diese Geschäftsprozesse auch automatisiert werden, die Prozessdefinitionen also direkt auf entsprechenden Engines zur Ausführung gebracht werden, erreicht man echte Agilität mit einem effizienten Zusammenspiel von Business und IT. Diese Prozessautomatisierungen bestehen aus Orchestrierungen von Services, welche in einer „service-orientierten Architektur“ (SOA) die verschiedensten IT-Systeme kapseln, die wiederum die gesamten Daten des Unternehmens enthalten. Das effiziente Zusammenspiel von Geschäftsprozessmanagement und SOA hängt stark davon ab, wie gut von beiden Seiten auf die andere zugegangen wird. Auf der Seite der Prozesse ist es notwendig, dass die entsprechenden Modellierungstools und Ausführungsengines es erlauben, möglichst einfach, schnell und fehlerunanfällig Services einzubinden. Auf der Seite der Services müssen diese gut strukturiert und dokumentiert sein, damit sie gefunden und korrekt eingebunden werden können. In dieser Arbeit wird analysiert, wie sich die Situation heute an beiden Seiten darstellt. Ein besonderes Augenmerk wird dabei auf das Thema „Cloud-Computing“ gelegt, da gut beschriebene Services in diesem Bereich von existenzieller Wichtigkeit für die Anbieter sind. Weiterhin wird gezeigt, wie das Zusammenspiel mit Hilfe der Ideen aus dem Konzept „Extreme Model Driven Design“ (XMDD) besonders effizient und elegant realisiert werden kann. Einen besonderen Schwerpunkt bildet die Generierung von Prozessaktivitäten für große Servicesammlungen zum Beispiel von ERP-Systemen.
Article
Cloud computing is the delivery of computing services over the Internet. Cloud services allow individuals and businesses to use software and hardware that are managed by third parties at remote locations. The different types of Cloud Computing services are Platform as a Service (PaaS), Software as a Service (SaaS), and Infrastructure as a Service (IaaS) and cloud virtualization which will help the researchers to more concentrate on this area. Examples of cloud services include online file storage, social networking sites, webmail, and online business applications. The cloud computing model allows access to information and computer resources from anywhere that a network connection is available.
Article
In this paper, the background of the SaaS private cloud-based Construction Quality Supervision Collaboration System (CQSCS) is introduced; the current status and shortcomings of construction quality supervision are described, and methods are proposed to incorporate the novel software architecture and application models of the SaaS private cloud to strengthen construction quality supervision and management. The design and construction of the overall framework of the CQSCS were completed in the study; system functions and structure were designed and developed, such as the quality supervision unit, quality inspection unit and quality acceptance unit, whose targets are to serve construction quality supervision agencies, quality inspection agencies and units involved in on-site construction. Additionally, the new system is compared against the old system. Finally, based on the CQSCS used in Wuhan, the function system and applications of the construction quality supervision and management system are discussed, and the prospect of the wide-spread application of the designed system is speculated.
Conference Paper
Cloud Computing (CC) is a large-scale distributed computing paradigm that is driven by economies of scale, in which a pool of abstracted, virtualized, dynamically-scalable, managed computing power, storage, platforms, and services are delivered on demand to external customers over the Internet. On the other hand, one of the key enablers for building Cloud environments is Virtualization. It offers a great level of efficiency and scalability that makes the complex processing of the Cloud possible. However, with these advantages come certain limitations, especially in relation to security. Virtualization vulnerabilities and more specifically isolation, creates new targets for intrusion due to the complexity of access and difficulty in monitoring all interconnection points between systems, applications, and data sets. Hence, without strict controls put in place within the Cloud, guests could violate and bypass security policies, intercept unauthorized client data, and initiate or become the target of security attacks. This article discusses the security and the visibility issues of inter-VM traffic, by proposing a solution for it within the Cloud context. The proposed approach provides Virtual Machines (VMs) authentication, communication integrity, and enforces trusted transactions, through security mechanisms, structures, policies, and various intrusion detection techniques.
Conference Paper
Along with the rapid evolution of cloud computing, outsourcing service has also changed significantly. One of the main concerns for cloud computing is security. In particular, it becomes more important to handle client data securely in such a consulting service. In this paper, we present the design and implementation of Software as a Service (SaaS) application framework using Information Gateway that enables cloud service while maintaining data confidentiality. By setting up Information Gateway in the client environment, the executing location is dynamically controlled according to whether the data contains confidential information or not, and only secured data is routed to the SaaS application in the cloud. Therefore, if the data policy is registered by the client administrator beforehand, the user is able to use the cloud service appropriately without being aware of it. Moreover, we also describe that existing applications can be easily ported into the SaaS application because our framework allows application developers to define complicated routing logic briefly.
Article
Full-text available
The aim of this study was to identify key success factor for SME customers of cloud based Business Intelligence products. A deep interview was made with four producers and a questionnaire was carried out among 36 SMEs. The findings suggest that the most important CSFs were the level of software functionalities, the ubiquitous access to data, responsive answers to customer support requests, handling large amounts of data and implementation cost. Each of these factors addresses a specific area that customers pay close attention to during the adoption process of a cloud BI solution. Offering ubiquitous access to date and respsonsive answers to customer requests are particularly emphasized for SMEs. We also found that industry tailored software is preferred, monthly or quarterly billings, and contact by email or phone for service. The paper shows recommendations, implications of research and suggests further research on the topic.
Conference Paper
Traditional network level firewalls, based on port and IP addresses, are inadequate for dealing with the development of applications and protocols that do not follow the conventions of port services established by IANA (Internet Assigned Numbers Authority). Therefore firewalls capable of accurately classifying and filtering connections based on application information are needed. This paper studies one such firewall using Netfilter/Iptables with the L7-filter packet classifier to perform application layer filtering. This packet classifier uses regular expressions to match applications with a protocol definition database. We analyze a video streaming protocol, the Adobe Real Time Messaging Protocol (RTMP), to produce a protocol definition. Analysis of the performance of the protocol definition and L7-filter usage in general in a simulated network environment shows that this implementation functions well and does not disrupt network performance.
Conference Paper
Cloud Computing (CC) has generated interest from both industry and academia over these years. As an extension of Grid Computing and Distributed Computing, CC aims to provide users with flexible services in a transparent manner. The distributed implementation of CC creates a suitable environment for easy targets, vulnerable and prone to sophisticated attacks. Commonly virtualization is the most utilized technology to implement a Cloud environment with a massive multi-tenancy usage, opening a door to a whole other level of security issues. This creates new targets for intrusion due to the complexity of access and difficulty in monitoring all interconnection points between systems, applications, and data sets. This raises many questions about the appropriate infrastructure, processes, and strategy for enacting detection and response to intrusion in a Cloud environment. This article discusses the security and the visibility issues of an inter-VM traffic and solutions for it within a Cloud environment context, by proposing an approach relying on distributed intrusion detection technique and packet inspection.
Conference Paper
This last few years experienced a new paradigm called Cloud Computing (CC), coming as an extension of Grid Computing and Distributed Computing. This raises many questions about the appropriate infrastructure, processes, and strategy for enacting detection and response to intrusion in a Cloud environment. This article discusses the security and the visibility issues of inter-VM traffic and solutions for it within a Cloud environment context, by proposing an approach relying on distributed intrusion detection technique and packet inspection.
Conference Paper
Cloud computing has been established in recent years as an important area of research. This reality has been consolidated because, currently, tasks such as obtainment, manipulation, sharing and exploitation of large amounts of data are common and require many computational resources, so cloud computing can contribute because it can provide this resources indefinitely, including processing, memory, storage and others, all them for immediate use. Cloud computing has many challenges, among them, the specification of work platforms in a cloud environment. In this context, the use of models can help insofar as they may contain several types of information that can be handled with the intention of automating the process of creation of an environment. A template can contain information about the user, hardware and software that can be used by computer systems to automatically build the necessary infrastructure for the operation of a virtual machine on a cloud computing environment. In addition, models can be easily exported to other formats used by cloud services providers. The use of concepts of Service Level Agreements - SLA to control the utilization of computational resources of a provider is common in computing environments and can be used to ensure the quality of services that being offered. The objective of this work is to combine these paradigms, cloud, models and SLA, in order to use the resources of a computational cloud to provide automatically a platform as a service - PaaS. This project will be developed in a web environment, using a model-driven approach to create the platforms and the management of resources and quality will be made by SLA.
Conference Paper
Virtualization is one of the key elements of Infrastructure as a Service (IaaS), Cloud Computing (CC) offerings and private Clouds, and it is increasingly used in portions of the back-end of Platform as a Service (PaaS) and SaaS (Software as a Service) providers as well. This creates new targets for intrusion due to the complexity of access and difficulty in monitoring all interconnection points between systems, applications, and data sets. This raises many questions about the appropriate infrastructure, processes, and strategy for enacting detection and response to intrusion in a Cloud environment. This article discusses the security and the visibility issues of inter-VM traffic and solutions for it within a Cloud environment context, by proposing an approach relying on distributed intrusion detection technique and packet inspection.
Conference Paper
Cloud Computing (CC) has generated interest from both industry and academia over these years. As an extension of Grid Computing and Distributed Computing, CC aims to provide users with flexible services in a transparent manner. The distributed implementation of CC creates a suitable environment for easy targets, vulnerable and prone to sophisticated attacks. Commonly virtualization is the most utilized technology to implement a Cloud environment with a massive multi-tenancy usage, opening a door to a whole other level of security issues. This creates new targets for intrusion due to the complexity of access and difficulty in monitoring all interconnection points between systems, applications, and data sets. This raises many questions about the appropriate infrastructure, processes, and strategy for enacting detection and response to intrusion in a Cloud environment. This article discusses the security and the visibility issues of inter-VM traffic and solutions for it within a Cloud environment context, by proposing an approach relying on distributed intrusion detection technique and packet inspection.
Conference Paper
Full-text available
This paper discusses knowledge sharing through communities of practice (CoPs) in a retail bank in South Africa. This was achieved through understanding the current state of knowledge sharing within CoPs. The CoPs within this retail bank are informal in nature, and therefore not necessarily given the attention that they deserve. Time used for CoPs is not maximised effectively, which reduces the chances of their effectiveness and improvement of productivity. Lack of effective system infrastructure to support knowledge sharing is also a challenge for the CoPs.
Article
Full-text available
Cloud computing is a revolutionary concept that has brought a paradigm shift in the IT world. This has made it possible to manage and run businesses without even setting up an IT infrastructure. It offers multi-fold benefits to the users moving to a cloud, while posing unknown security and privacy issues. User authentication is one such growing concern and is greatly needed in order to ensure privacy and security in a cloud computing environment. This paper discusses the security at different levels viz. network, application and virtualization, in a cloud computing environment. A security framework based on one-time pass key mechanism has been proposed. The uniqueness of the proposed security protocol lies in the fact, that it provides security to both the service providers as well the users in a highly conflicting cloud environment.
Article
After the concept of Cloud computing--the Revolutionary development and progress in IT industry-- was born in Google, the IT software and services vendors, universities, enterprises, etc, join in the process of research and application of cloud computing. This paper firstly aims to the current cloud computing research and application and analyzes the characteristic of cloud computing. The powerful cloud computing ability helps the enterprises adopt IT ERP software and reduce cost and investment in hardware-software. Then mainly focuses on the software as a services (SaaS), platform as a services (PaaS) and infrastructure as a services (IaaS) that cloud computing-based on. Software on-demand changes the pure SaaS model to PaaS/IaaS. Pay-Per-use and on-demand is the megatrends in the future software model, especial ERP software model.
Conference Paper
New trends in software development have proposed different interaction mechanisms for software applications. For instance, the Software as a Service (SaaS) model has defined a new delivery and access method, and installation and update processes in the user's computer are not required, software is hosted in a server and can be used over Internet instead. Middleware platforms are required in SaaS frameworks in order to support software services. Currently, web applications are taking full advantages of SaaS benefits, because they can be delivered over Internet and developed according to a service model. However, web applications are still under a maturity process and a low degree of efficiency and reusability are achieved. This paper proposes a web service-based framework according to component software engineering (CBSE), with the aim of developing efficient and reusable web applications. Moreover, web services are the middleware technology that provides full accessibility for this type of components.
Thesis
Full-text available
Abstract Software as a service (SaaS), which means executing software over the internet, is recently getting more attention in scientific articles and the SaaS market is growing. This implies that there are some factors contributing to SaaS usage but we saw that there are different views on what is contributing to SaaS usage. Therefore the research question is; "What are the factors contributing to SaaS usage?" The studies purpose is to identify the factors contributing to SaaS usage, seen from customers‟ perspective. To achieve the purpose a literature study was conducted to find the factors contributing to SaaS usage according to contemporary research. These factors were then discussed through interviews with six informants who work in a company that uses SaaS or that has decided not to use SaaS. In the literature study we found 11 factors which may contribute to SaaS usage and through our research we identified that 10 of these does contribute to SaaS usage. Some of these factors had several aspects of them contributing to SaaS usage. We also found one new factor that partly contributes to SaaS usage.
Article
Full-text available
Cloud computing platforms such as Amazon EC2 provide cus-tomers with flexible, on demand resources at low cost. How-ever, while existing offerings are useful for providing basic computation and storage resources, they fail to provide the se-curity and network controls that many customers would like. In this work we argue that cloud computing has a great potential to change how enterprises run and manage their IT systems, but that to achieve this, more comprehensive control over network resources and security need to be provided for users. Towards this goal, we propose CloudNet, a cloud platform architecture which utilizes virtual private networks to securely and seam-lessly link cloud and enterprise sites.
Conference Paper
Full-text available
A shared distributed infrastructure is formed by fed- erating computation resources from multiple domains. Such shared infrastructures are increasing in popularity and are providing massive amounts of aggregated com- putation resources to large numbers of users. Mean- while, virtualization technologies, at machine and net- work levels, are maturing and enabling mutually iso- lated virtual computation environments for executing ar- bitrary parallel/distributed applications on top of such a shared physical infrastructure. In this paper, we go one step further by supporting autonomic adaptation of vir- tual computation environments as active, integrated en- tities. More specifically, driven by both dynamic avail- ability of infrastructure resources and dynamic applica- tion resource demand, a virtual computation environ- ment is able to automatically relocate itself across the infrastructure and scale its share of infrastructural re- sources. Such autonomic adaptation is transparent to both users of virtual environments and administrators of infrastructures, maintaining the look and feel of a sta- ble, dedicated environment for the user. As our proof- of-concept, we present the design, implementation, and evaluation of a system called VIOLIN, which is com- posed of a virtual network of virtual machines capable of live migration across a multi-domain physical infras- tructure.
Article
Full-text available
Virtual machines can greatly simplify wide-area distributed computing by lowering the level of abstraction to the benefit of both resource providers and users. Networking, however, can be a challenge because remote sites are loath to provide connectivity to any machine attached to the site network by outsiders. In response, we have developed a simple and efficient layer two virtual network tool that in effect connects the virtual machine to the home network of the user, making the connectivity problem identical to that faced by the user when connecting any new machine to his own network. We describe this tool and evaluate its performance in LAN and WAN environments. Next, we describe our plans to enhance it to become an adaptive virtual network that will dynamically modify its topology and routing rules in response to the offered traffic load of the virtual machines it supports and to the load of the underlying network. We formalize the adaptation problem induced by this scheme and take initial steps to solving it. The virtual network will also be able to use underlying resource reservation mechanisms on behalf of virtual machines. Both adaptation and reservation will work with existing, unmodified applications and operating systems.
Conference Paper
In this paper, we present the approach and architecture of TARGET: two-way Web service router gateway, for two-way Web service interaction crossing enterprise domain and firewall. It provides a full support for asynchronous outbound operation and event notification in communication services. TARGET addresses an acute issue for Internet applications that today's enterprise NATs and firewalls only allow outbound HTTP request from the inside to the outside and block any request from the outside to the inside, which is a serious problem for two-way Web services. TARGET is a generic solution to allow two-way Web service interaction to traverse legitimately through NATs and strictly configured firewalls; and it is based on two-way SOAP message tunneling, service local registry, and service routing to bridge two-way Web service interaction. A research TARGET system has been implemented and applied to real time communication services, e.g. conferencing. Extensive experiments on TARGET are performed, and its performance with various sizes of SOAP messages is studied. The applicability and feasibility of TARGET for two-way Web service interaction is verified
Software as a Service (SaaS): An Enterprise Perspective
  • Gianpaolo Carraro
  • Fred Chong
Software as a Service Integration via Mule
  • Joseph Ottinger