Available via license: CC BY 3.0
Content may be subject to copyright.
A preview of the PDF is not available
Taxonomy of Cloud Lock-in Challenges
... The union of these principles into a single service composition puzzle-based model provides the services with agnosticism property. This property enables organizations, at a high level, to design, implement and manage services on heterogeneous infrastructures without suffering from side effects of vendor lock-in [25]. This property enables organizations, at a high level, to design, implement and manage services on heterogeneous infrastructures without suffering from side effects of vendor lock-in [25]. ...
... This property enables organizations, at a high level, to design, implement and manage services on heterogeneous infrastructures without suffering from side effects of vendor lock-in [25]. This property enables organizations, at a high level, to design, implement and manage services on heterogeneous infrastructures without suffering from side effects of vendor lock-in [25]. Agnosticism is a complex property requiring the meeting of non-functional requirements (N F R) such as portability, re-usability/usability, efficiency, security, and reliability to name a few. ...
... Portability, heterogeneity, reusability/usability, and efficiency are examples of properties that should be considered when creating agnostic solutions. Portability is required for deploying services on multiple infrastructures [26] [25]. Heterogeneity management is required for building services by using multiple apps developed with different programming languages and frameworks [5], [27]. ...
This paper presents the design, development, and evaluation of PuzzleMesh, an agnostic service mesh composition model to process large volumes of data in edge-fog-cloud environments. This model is based on a puzzle metaphor where pieces, puzzles, and metapuzzles represent self-contained autonomous and reusable software artifacts encapsulated into containers and published as microservices. A piece represents the integration of apps with I/O interfaces (loops/sockets), parallel processing, and management software. A puzzle represents a processing structure (e.g., workflows) built coupling pieces through loops and sockets. Puzzles integrate structures with a microservice architecture, implicit continuous dataflows, and transparent data exchange management software. A metapuzzle represents a recursive assemble of puzzles. A mesh represents a pool of pieces, puzzles, and metapuzzles available for designers to choose artifacts to build services. A prototype developed using PuzzleMesh model was evaluated through case studies about the automatic construction of processing services for the acquisition, pre-processing, manufacturing, preserving, and visualizing of satellite imagery. A qualitative comparison revealed that PuzzleMesh provides a flexible way to build reusable and portable services and to improve the usability of the services. The case study also revealed that PuzzleMesh yielded better performance results than other state-of-the-art tools.
... This may eventually limit the choice of providers to a very small set of established vendors. Data lock-in is another factor, as only very few resources and operations are standardized in the cloud, especially for more specialized service offerings [264]. Another aspect are security considerations such as data confidentiality [167,282,347]. ...
... Fundamentally, portability is about retaining the value of previous investments for developing an application [314]. Thereby, the vendor lock-in problem can concern the business, technical, and the legal perspective [264]. With portability, an application can be transferred to different environments without substantial new investments in terms of labor and costs. ...
... According to the NIST [152], there are two main interfaces that are exposed to the customer that must be investigated when looking at portability and interoperability problems (see Figure 4.2). These are the Self-Service Management API, i.e., the management interface, through which the cloud user manages their use of the cloud and the functional interface provided by what is resident in the cloud [152,264]. This interface encompasses the primary function of the cloud service. ...
In recent years, the cloud hype has led to a multitude of different offerings across the entire cloud market, from Infrastructure as a Service (IaaS) to Platform as a Service (PaaS) to Software as a Service (SaaS). Despite the high popularity, there are still several problems and deficiencies. Especially for PaaS, the heterogeneous provider landscape is an obstacle for the assessment and feasibility of application portability.
Thus, the thesis deals with the analysis and improvement of application portability in PaaS environments. In the course of this, obstacles over the typical life cycle of an application - from the selection of a suitable cloud provider, through the deployment of the application, to the operation of the application - are considered. To that end, the thesis presents a decision support system for the selection of cloud platforms based on an improved delimitation and conceptualization of PaaS. With this system, users can identify offerings that enable application portability. For validation, a case study with a real-world application is conducted that is migrated to different cloud platforms. In this context, an assessment framework for measuring migration efforts is developed, which allows making the differences between compatible providers quantifiable. Despite semantically identical use cases, the application management interface of the providers is identified as a central effort factor of the migration. To reduce the effort in this area, the thesis presents a unified interface for application deployment and management.
In summary, the work provides evidence of application portability problems in PaaS environments and presents a framework for early detection and avoidance. In addition, the results of the work contribute to a reduction of lock-in effects by proposing a suitable standard for management interfaces.
... [3] examined cloud computing migration from a business perspective. [4] created a model for classifying lock-in risk factors. Literature shows that vendor lock-in may introduce risks to a system in the following areas: ...
Vendor lock-in is a well-known phenomenon in the software industry. Strongly relying on vendor-specic implementation may cause nancial and technological hardships to manufacturers and can establish monopoly situation of a vendor. With the spread of cloud-based development tools, vendor lock-in is present not only during operation, but also during development. This article provides an overview of risk types introduced to projects by vendor lock-in situation. Key factors of vendor lock-in are also identied, especially with regard to modern cloud-based CI/CD services. Later, a test software architecture is demonstrated how to minimize CI lock-in, followed by a detailed comparison of two build automation systems that can be used in practice for this purpose. The applicability of build automation systems is demonstrated on the implementation and test results.
... The lack of flexibility of contracts and objective service measurement also increases the lock-in effect. 1 This means that in the presence of uncertainty about the moving costs, users are reluctant to move to another cloud provider even if their current provider does not supply its service(s) at the promised (quality) level. Furthermore, the reluctance in migrating is reinforced by the extra effort, including the adoption of different cloud-specific technologies, data migration, and the additional management overhead needed to stop old contracts and start new ones. ...
The current cloud market is dominated by a few providers, which offer cloud services in a take‐it‐or‐leave‐it manner. However, the dynamism and uncertainty of cloud environments may require the change over time of both application requirements and service capabilities. The current service‐level agreement (SLA) management solutions cannot easily guarantee a trustworthy, distributed SLA adaptation due to the centralized authority of the cloud provider who could also misbehave to pursue individual goals. To address the above issues, we propose a novel SLA management framework, which facilitates the specification and enforcement of dynamic SLAs that enable one to describe how, and under which conditions, the offered service level can change over time. The proposed framework relies on a two‐level blockchain architecture. At the first level, the smart SLA is transformed into a smart contract that dynamically guides service provisioning. At the second level, a permissioned blockchain is built through a federation of monitoring entities to generate objective measurements for the smart SLA/contract assessment. The scalability of this permissioned blockchain is also thoroughly evaluated. The proposed framework enables creating open distributed clouds, which offer manageable and dynamic services, and facilitates cost reduction for cloud consumers, while it increases flexibility in resource management and trust in the offered cloud services.
... This makes it difficult for a company to shift its resources from one cloud to another, causing a situation where a company may become dependent on a single provider. Although some businesses have already shifted towards cloud technology, the vendor problem poses a considerable barrier to others due to a lack of trust in a single CSP [20]. For instance, if a business were to hire a CSP, and that provider were to go bankrupt, then the business could potentially lose all the data on that cloud, making it a considerable risk. ...
The purpose of this paper is to provide a brief overview of cloud computing technologies, particularly with respect to multi-cloud networks. First, the basics of cloud computing concepts are discussed. Next we outline some challenges facing cloud computing, and discuss how multi-cloud systems including multi-clouds, hybrid clouds, federated clouds, and cross-clouds may be used to deal with some of these issues. Finally, multi-cloud systems may also be used in conjunction with new developing technologies such as Big Data and Machine Learning, leading to exciting innovations. These are reviewed in brief. Our goal is to provide a modern look at the state of the art in multi-cloud computing and review open issues in the field. The goal is that this paper will help the reader to understand challenges facing cloud computing, how multi-cloud computing addresses some of these issues, and inspire community excitement at the future integration of multi-cloud platforms with other novel technologies.
The chapter of this book explores the role of cloud computing in business management and emphasizes synergies with artificial intelligence technologies. It covers the basics of cloud computing, practical applications, scalability and security challenges. Benefits such as cost efficiency and improved decision-making are discussed, as well as data privacy and legal concerns. It also includes future trends and recommendations for optimizing artificial intelligence workloads using cloud infrastructure. This section provides information for business managers to effectively apply cloud computing in different sectors.
ICT has been lauded as being revolutionised by cloud computing, which relieves businesses of having to make significant capital investments in ICT while allowing them to connect to incredibly potent computing capabilities over the network. Organisations adopt cloud computing as a way to solve business problems, not technical problems. As such, organisations across Europe are eagerly embracing cloud computing in their operating environments. Understanding cloud lock-in parameters is essential for supporting inter-cloud cooperation and seamless information and data exchange. Achieving vendor-neutral cloud services is a fundamental requirement and a necessary strategy to be fulfilled in order to enable portability. This chapter highlights technical advancements that contribute to the interoperable migration of services in the heterogeneous cloud environment. A set of guidelines and good practices were also collected and discussed, thus providing strategies on how lock-in can be mitigated. Moreover, this chapter provides some recommendations for moving forward with cloud computing adoption. To make sure the migration and integration between on-premise and cloud happen with minimal disruption to business and results in maximum sustainable cost benefit, the chapter’s contribution is also designed to provide new knowledge and greater depth to support organisations around the world to make informed decisions.
Nowadays, cloud computing is one of the prominent tools for offering on-demand services via the Internet. It’s possible that cloud datacentres won’t always be able to provide the services that are needed during peak use times for diverse applications in e-governance. So, planning tasks through various clouds in a decentralized way for e-governance has drawn a lot of interest in recent years. This study proposes ZDSCN work scheduling methods to enhance performance. By using conventional normalizing methods, including the decimal scaling and z-score employed in data mining. The best VMs are then allocated based on similarity while taking cost into account.
KeywordsSmart citiesCloud computingSmart governanceSustainabilityE-Governance
Cloud computing has become a dominating trend in the IT industry and academia. In recent years, many Cloud providers have emerged in the market, each one has proper standards and service interface. Migration of legacy systems and their data to a Cloud platform or moving applications from one Cloud provider to another are complicated and high cost processes. In major legacy on-premise applications, they bring technical and business challenges. The choice of the best migration strategy is a hard task for Small and Medium-Sized Enterprises (SMEs) looking at best price and zero risk. Although guidelines offered by Cloud providers to support their users in migration tasks, the user implication is often mandatory to perform a conclusive migration. In this paper, we provide an overview of contemporary approaches for the model based migration of applications into Cloud computing. We highlight the Pros and Cons of each one and we present a summary comparison of these approaches. As well, we propose a new Cloud migration approach that renders the migration process more straightforward than with existent approaches and guarantees the services and data portability.KeywordsModel based migrationCloud computingMDAMulti-agent systemsSurvey
This chapter explores how organizations can seek to secure a public cloud environment for use in big data operations. It begins by describing the challenges that cloud customers face when moving to the cloud, and proposes that these challenges can be summarized as a loss of control and visibility into the systems and controls around data. The chapter identifies thirteen areas where visibility and control can be lost, before progressing to highlight ten solutions to help regain these losses. It is proposed that planning is the most significant step a customer can take in ensuring a secure cloud for big data. Good planning will enable customers to know their data and pursue a risk-based approach to cloud security. The chapter provides insight into future research directions, highlighting research areas which hold the potential to further empower cloud customers in the medium to long term.
Cloud computing offers an innovative business model to enterprise for IT services consumption and delivery. Software as a Service (SaaS) is one of the cloud offerings that attract organisations as a potential solution in reducing their IT cost. However, the vast diversity among the available cloud SaaS services makes it difficult for customers to decide whose vendor services to use or even to determine a valid basis for their selections. Moreover, this variety of cloud SaaS services has led to proprietary architectures and technologies being used by cloud vendors, increasing the risk of vendor lock-in for customers. Therefore, when enterprises interact with SaaS providers within the purview of the current cloud marketplace, they often encounter significant lock-in challenges to migrating and interconnecting cloud. Hence, the complexity and variety of cloud SaaS service offerings makes it imperative for businesses to use a clear and well understood decision process to procure, migrate and/or discontinue cloud services. To date, the expertise and technological solutions to simplify such transition and facilitate good decision making to avoid lock-in risks in the cloud are limited. Besides, little investigation has been carried out to provide a comprehensive decision framework to support enterprises on how to avoid lock-in risks when selecting and implementing cloud-based SaaS solutions within existing environments. Such decision framework is important to reduce complexity and variations in implementation patterns on the cloud provider side, while at the same time minimising potential switching cost for enterprises by resolving integration issues with existing IT infrastructures. This paper proposes a holistic 6-step decision framework that enables an enterprise to assess its current IT landscape for potential SaaS replacement, and provides effective strategies to mitigate vendor lock-in risks in cloud (SaaS) migration. The framework follows research findings and addresses the core requirements for choosing vendor-neutral interoperable and portable cloud services without the fear of vendor lock-in, and architectural decisions for secure SaaS migration. Therefore, the results of this research can help IT managers have a safe and effective migration to cloud computing SaaS environment.
Security and privacy are the most critical issues that need to be addressed in designing a computing environment that is reliable and trustworthy. Like all other computing paradigms, Cloud Computing is no different. Since data and storage are outsourced to third party service providers, users lose direct control of data management and have to depend solely on the providers who may not always be dependable. This distinctive feature of Cloud Computing makes it susceptible to several security threats and vulnerabilities. Although some of the security issues such as network and virtualization security, authentication, access control, confidentiality, and integrity are not new to computing, the effect of such issues is exacerbated in cloud environment because of the unique features (e.g., multi-tenancy, data and resource sharing, virtualization, etc.) it possesses. In this paper, we classify and characterize the various security and privacy challenges associated with Cloud Computing.
Enterprise’s adoption of cloud-based solutions is often hindered by problems associated with the integration of the cloud environment with on-premise systems. Currently, each cloud provider creates its proprietary application programming interfaces (APIs), which will complicate integration efforts for companies as they struggle to understand and manage these unique application interfaces in an interoperable way. This paper aims to address this challenge by providing recommendations to enterprises. The presented work is based on a quantitative study of 114 companies, which discuss current issues and future trends of integration and interoperability requirements for enterprise cloud application adoption and migration. The outcome of the discussion provides a guideline applicable to support decision makers, software architects and developers when considering to design and develop interoperable applications in order to avoid lock-in and integrate seamlessly into other cloud and on-premise systems.
Vendor lock-in is a major barrier to the adoption of cloud computing, due to the lack of standardization. Current solutions and efforts tackling the vendor lock-in problem are predominantly technology-oriented. Limited studies exist to analyse and highlight the complexity of vendor lock-in problem in the cloud environment. Consequently, most customers are unaware of proprietary standards which inhibit interoperability and portability of applications when taking services from vendors. This paper provides a critical analysis of the vendor lock-in problem, from a business perspective. A survey based on qualitative and quantitative approaches conducted in this study has identified the main risk factors that give rise to lock-in situations. The analysis of our survey of 114 participants shows that, as computing resources migrate from on-premise to the cloud, the vendor lock-in problem is exacerbated. Furthermore, the findings exemplify the importance of interoperability, portability and standards in cloud computing. A number of strategies are proposed on how to avoid and mitigate lock-in risks when migrating to cloud computing. The strategies relate to contracts, selection of vendors that support standardised formats and protocols regarding standard data structures and APIs, developing awareness of commonalities and dependencies among cloud-based solutions. We strongly believe that the implementation of these strategies has a great potential to reduce the risks of vendor lock-in.
The widespread adoption of cloud computing services has a wide range of sourcing issues that companies must take into consideration when they standardize and automate their IT service delivery. In this respect, our paper identifies risks and opportunities of cloud computing which affect organisations' cloud adoption decisions. The research method used is based on a quantitative on-line survey questionnaire of 114 UK business respondents including IT professionals, managers, and decision-makers. The study results show that despite the business benefits for moving IT service consumption and delivery from on-premise to the cloud environment, the following risks are exacerbated: security, data privacy and contract lock-in. The outcome of the survey suggests that related concerns can be strategically mitigated. This can be done by negotiating cloud contracts to be more closely aligned to address business specific security and lock-in risks in cloud-based sourcing. Based on the outcome, the paper provides guidance to support the decision-making process on investment into cloud computing implementation to meet the organisations' business objectives with related concerns.
Some parts of this chapter are a summary and update on some of the topics covered in a previous work by the same authors [639]. Much of the focus of cloud computing in recent years has been on the various offerings of commercial cloud providers. For example, Amazon’s EC2 cloud [641] and Microsoft’s Azure [109] cloud have received a great deal of attention. However, for a wide variety of reasons, open-source software has its own place in cloud computing as well. Open-source frameworks have a unique function in that they allow an organization to construct a “private” cloud environment. Such a system usually falls into what is commonly described as “infrastructureas- a-service” [743], in which a user requests some number of virtual machines (a.k.a. VM), which are hosted somewhere on the cloud’s own resources. The key difference is that open-source cloud middleware allows any individual or organization to build their own cloud to host their own VM, without relying on an external, commercial cloud provider. There are numerous reasons why some individual or organization may to want to have their own cloud. To name a few: • Private clouds allow organizations to process potentially sensitive information “in-house.”.
Cloud computing has certainly gained attention and skyrocketed in the technical and economic world because of the appealing features. With decades of development there are lots of on-premises applications and systems in use. Consequently, the demand of migrating on-premises applications and systems to the cloud computing is gigantic. Thus, the cloud migration is not systematically reviewed with a proper taxonomy due to the variety of cloud computing architecture and the complexity of applications and systems. This paper surveys the cloud computing architectures and cloud migration decision frameworks by both the industry and the academia. Then, it proposes cloud migration taxonomy for a clear understanding of related approaches. Finally, it addresses the future challenges and direction as well.
Cloud computing has gained tremendous popularity in recent years. By outsourcing computation and storage requirements to public providers and paying for the services used, customers can relish upon the advantages of this new paradigm. Cloud computing provides with a comparably lower-cost, scalable, a location-independent platform for managing clients' data. Compared to a traditional model of computing, which uses dedicated in-house infrastructure, cloud computing provides unprecedented benefits regarding cost and reliability. Cloud storage is a new cost-effective paradigm that aims at providing high availability, reliability, massive scalability and data sharing. However, outsourcing data to a cloud service provider introduces new challenges from the perspectives of data correctness and security. Over the years, many data integrity schemes have been proposed for protecting outsourced data. This paper aims to enhance the understanding of security issues associated with cloud storage and highlights the importance of data integrity schemes for outsourced data. In this paper, we have presented a taxonomy of existing data integrity schemes use for cloud storage. A comparative analysis of existing schemes is also provided along with a detailed discussion on possible security attacks and their mitigations. Additionally, we have discussed design challenges such as computational efficiency, storage efficiency, communication efficiency, and reduced I/O in these schemes. Furthermore; we have highlighted future trends and open issues, for future research in cloud storage security.
Cloud computing is a new computational paradigm that offers an innovative business model for organizations to adopt IT without upfront investment. Despite the potential gains achieved from the cloud computing, the model security is still questionable which impacts the cloud model adoption. The security problem becomes more complicated under the cloud model as new dimensions have entered into the problem scope related to the model architecture, multi-tenancy, elasticity, and layers dependency stack. In this paper we introduce a detailed analysis of the cloud security problem. We investigated the problem from the cloud architecture perspective, the cloud offered characteristics perspective, the cloud stakeholders' perspective, and the cloud service delivery models perspective. Based on this analysis we derive a detailed specification of the cloud security problem and key features that should be covered by any proposed security solution.