Journal of Computing and Security
Volume:2 Issue: 4, Autumn 2015

Nowadays increasing use of web as a means to accomplish daily tasks by calling web services, makes web services more and more significant. Users make a query on the Internet to find the required web service based on their needs. Cloud computing, due to its design and abundance of resources has become an ideal choice for web service providers to publish their services backed by cloud servers. The cloud can eliminate problems like web service availability and security. On the other side, obtaining the most relevant web service depends on user's request accuracy and the mechanism used to match the request. Due to recent shutting down of public UDDI registries, most of web service matchmaking mechanisms are based on web service description files (WSDL) which are published on the owner's websites. Semantic web services use OWL-S and WSMO instead of WSDL to describe services in a way that software agents are able to find appropriate services automatically. However, the high cost and effort needed to formally define web services makes this method impractical. In this paper we have proposed an ontology which formally models the user's query for web services in the service cloud by considering both functional and syntactical dimensions. The stepwise matchmaking method of web services based on the user's query is also presented. To show the precision of the proposed method, a set of experiments on a cluster of 3738 real web service WSDL documents has been performed.

Due to the elastic nature of the cloud environments, migration of the legacy software systems to the cloud has become a very attractive solution for service providers. To provide Software-as-a-Service (SaaS), an application provider has to migrate his software to the cloud infrastructure. The most challenging issue in the migration process is minimizing the cloud infrastructure (VM’s) costs while preserving the quality requirements of the service consumers. In this paper a self-adaptive method for migrated applications to the cloud is proposed in which an intelligent auto-scaling component continuously monitors the incoming application workloads and performs vertical or horizontal scaling. Since reacting to the transient workload changes always results in useless sequences of “acquire-release” actions of cloud resources and imposes unwanted overhead costs on the service provider, the auto-scaling component recognizes the transient workloads using a Learning Automata and only reacts to the stable ones. The OpenStack platform is used for evaluating the applicability of proposed method in real cloud environments. The experimental results demonstrate the ability of the proposed method in recognizing the transient workloads and consequently reducing the overall costs of the service provider.

Service-based applications (SBA) offer flexible functionalities in wide range of environments. Therefore, they should be able to dynamically adapt to different quality concerns such as security, performance, etc. For example, we may provide secure services for the specific partners, or change SBA configuration based on context information. In this paper, we present context models and fuzzy logic controllers to reconfigure SBA at runtime. To separate the control aspects of SBA from its functionalities and maintain the states of SBA, we used Reflective-state pattern. Whenever context information changes, the violated SBA instances enter the adaptation process and the control unit takes care of analyzing and selecting possible variants in the corresponding points. We used Jmeter load simulator and Zabbix monitoring system to measure the performance improvement in our framework. Additionally we characterized our work in comparison with related studies, according to S-CUBE adaptation taxonomy.

Virtualization is a technique to make the cloud computations secure. This technique can reduce the costs and increase the reliability of systems by means of sharing the physical resources between several VMs (Virtual Machines). However, virtualized environments are vulnerable to some security issues such as lack of performance isolation. These days, using the virtualization as a technique is growing slowly in large organizations. Despite these advantages, virtualizations have created several security challenges. So, the main concern of virtualization service providers and their customers is how to detect and encounter these security challenges. In this research, the resource freeing attack is selected among all available virtualization attacks because of its simplicity and its drastic effects. Resource freeing attack causes an unfair resource distribution among VMs. We use Cloudsim as a powerful cloud simulation toolkit to implement resource freeing attack. After simulating the attack, the CPU’s efficiency, response time diagrams, and the obtained bandwidth are measured. The simulation results show the significant changes in VM behavior after occurring the attack in the virtualized environment. These changes help cloud providers to detect resource freeing attack in the cloud.