Architecturally Significant Requirements Identification, Classification and Change Management for Multi-tenant Cloud-Based Systems

Involvement of numerous stakeholders in cloud-based systems’ design and usage with varying degrees of nonfunctional requirements makes Architecturally Significant Requirements (ASRs) identification and management a challenge undertaking. The aim of the research presented in this chapter is to identify different types of design-time and run-time ASRs of the cloud-based systems, provide an ASRs classification scheme and present a framework to manage the requirements’ variability during life cycle of the cloud-based systems. We have used a multifaceted research approach to address the ASRs identification, classification, and change management challenges. We have explored findings from systematic as well as structured reviews of the literature on quality requirements of the cloud-based systems including but not limited to security, availability, scalability, privacy, and multi-tenancy. We have presented a framework for requirements classification and change management focusing on distributed Platform as a Service (PaaS) and Software as a Service (SaaS) systems as well as complex software ecosystems that are built using PaaS and SaaS, such as Tools as a Service (TaaS). We have demonstrated applicability of the framework on a selected set of the requirements for the cloud-based systems. The results of the research presented in this chapter show that key quality requirements of the cloud-based systems, for example, multi-tenancy and security, have a significant impact on how other quality requirements (such as scalability, reliability, and interoperability) are handled in the overall architecture design of a cloud-based system. It is important to distinguish tenant-specific run-time architecturally significant quality requirements and corresponding cloud-based systems’ components so that run-time status of the tenant-specific architecture quality requirements can be monitored and system configurations can be adjusted accordingly. For the systems that can be used by multiple tenants, the requirements change management framework should consider if the addition or modification (triggered by a specific tenant) of a quality requirement can impact quality requirements of other tenants, and whether or not a trade-off point should be introduced in the architecture (corresponding to the requirements). The trade-off point can also be referred as a variability point, that is, a compromise has to be made among the number of quality requirements and only some of the requirements can be satisfied. System analysts and software architects can use the proposed taxonomy and the management framework for identifying relevant quality requirements for multi-tenant cloud-based systems, for analyzing impact of changes in the requirements on the overall system architecture, and for managing variability of the architecturally significant requirements.

[1]  Meng Liu,et al.  A scalable and automatic mechanism for resource allocation in self-organizing cloud , 2014, Peer-to-Peer Networking and Applications.

[2]  Cong Wang,et al.  Security Challenges for the Public Cloud , 2012, IEEE Internet Computing.

[3]  Seok-Won Lee,et al.  From requirements elicitation to variability analysis using repertory grid: A cognitive approach , 2015, 2015 IEEE 23rd International Requirements Engineering Conference (RE).

[4]  Kyoungho An,et al.  A cloud middleware for assuring performance and high availability of soft real-time applications , 2014, J. Syst. Archit..

[5]  Zahir Tari,et al.  Security and Privacy in Cloud Computing: Vision, Trends, and Challenges , 2015, IEEE Cloud Computing.

[6]  José Luís Oliveira,et al.  XDS-I Outsourcing Proxy: Ensuring Confidentiality While Preserving Interoperability , 2014, IEEE Journal of Biomedical and Health Informatics.

[7]  Rami Bahsoon,et al.  Scalable service-oriented replication with flexible consistency guarantee in the cloud , 2014, Inf. Sci..

[8]  Rajkumar Buyya,et al.  Cloudbus Toolkit for Market-Oriented Cloud Computing , 2009, CloudCom.

[9]  Quan Z. Sheng,et al.  A Reference Architecture for a Cloud-Based Tools as a Service Workspace , 2015, 2015 IEEE International Conference on Services Computing.

[10]  Alexandru Iosup,et al.  SLA-based operations of massively multiplayer online games in clouds , 2014, Multimedia Systems.

[11]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.

[12]  Gabor Kecskemeti,et al.  An interoperable and self-adaptive approach for SLA-based service virtualization in heterogeneous Cloud environments , 2014, Future Gener. Comput. Syst..

[13]  Radu Prodan,et al.  Scientific computing with Google App Engine , 2013, Future Gener. Comput. Syst..

[14]  Yaoxue Zhang,et al.  Transparent computing: Spatio-temporal extension on von Neumann architecture for cloud services , 2013 .

[15]  Philippe Merle,et al.  soCloud: a service-oriented component-based PaaS for managing portability, provisioning, elasticity, and high availability across multiple clouds , 2014, Computing.

[16]  Sebastian Biallas,et al.  Cloud-Based Control: A Multi-tenant, Horizontally Scalable Soft-PLC , 2015, 2015 IEEE 8th International Conference on Cloud Computing.

[17]  Jose M. Alcaraz Calero,et al.  MonPaaS: An Adaptive Monitoring Platformas a Service for Cloud Computing Infrastructures and Services , 2015, IEEE Trans. Serv. Comput..

[18]  Antonio Puliafito,et al.  How to Enhance Cloud Architectures to Enable Cross-Federation , 2010, IEEE CLOUD.

[19]  Sai Peck Lee,et al.  A semantic interoperability framework for software as a service systems in cloud computing environments / Reza Rezaei , 2014 .

[20]  Panagiotis Louridas Up in the Air: Moving Your Applications to the Cloud , 2010, IEEE Software.

[21]  Sharad Singhal,et al.  GEODAC: A Data Assurance Policy Specification and Enforcement Framework for Outsourced Services , 2011, IEEE Transactions on Services Computing.

[22]  Liana L. Fong,et al.  Cloud federation in a layered service model , 2012, J. Comput. Syst. Sci..

[23]  Christian W. Probst,et al.  Tool-based risk assessment of cloud infrastructures as socio-technical systems , 2015, The Cloud Security Ecosystem.

[24]  Frank Leymann,et al.  A Framework for Optimized Distribution of Tenants in Cloud Applications , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[25]  Flávio R. C. Sousa,et al.  Towards Elastic Multi-Tenant Database Replication with Quality of Service , 2012, 2012 IEEE Fifth International Conference on Utility and Cloud Computing.

[26]  Haralambos Mouratidis,et al.  Evaluating cloud deployment scenarios based on security and privacy requirements , 2013, Requirements Engineering.

[27]  W. K. Daniel Challenges on privacy and reliability in cloud computing security , 2014, 2014 International Conference on Information Science, Electronics and Electrical Engineering.

[28]  Michael N. Huhns,et al.  A Scalable Architecture for Automatic Service Composition , 2014, IEEE Transactions on Services Computing.

[29]  Rajkumar Buyya,et al.  SLA-based admission control for a Software-as-a-Service provider in Cloud computing environments , 2012, J. Comput. Syst. Sci..

[30]  Song Chuan,et al.  Intelligent server management framework over extensible messaging and presence protocol , 2013, China Communications.

[31]  Moustafa Ghanem,et al.  Future Generation Computer Systems ( ) – Future Generation Computer Systems Enabling Cost-aware and Adaptive Elasticity of Multi-tier Cloud Applications , 2022 .

[32]  Muhammad Ali Babar,et al.  Architecting cloud‐enabled systems: a systematic survey of challenges and solutions , 2017, Softw. Pract. Exp..

[33]  John Grundy,et al.  TOSSMA: A Tenant-Oriented SaaS Security Management Architecture , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[34]  Muhammad Ali Babar,et al.  A tale of migration to cloud computing for sharing experiences and observations , 2011, SECLOUD '11.

[35]  Ernesto Damiani,et al.  Scalability Patterns for Platform-as-a-Service , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[36]  Stefan Biffl,et al.  Semantic Integration of Software and Systems Engineering Environments , 2012, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[37]  Waheed Iqbal,et al.  Adaptive resource provisioning for read intensive multi-tier applications in the cloud , 2011, Future Gener. Comput. Syst..

[38]  Ian Gorton,et al.  Essential software architecture , 2006 .

[39]  Jinjun Chen,et al.  A QoS-aware composition method supporting cross-platform service invocation in cloud environment , 2012, J. Comput. Syst. Sci..

[40]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[41]  Vicente Hernández García,et al.  SLA-driven dynamic cloud resource management , 2014 .

[42]  Dimosthenis Kyriazis,et al.  A Self-adaptive hierarchical monitoring mechanism for Clouds , 2012, J. Syst. Softw..

[43]  Yongzhao Zhan,et al.  Investigation of IT Security and Compliance Challenges in Security-as-a-Service for Cloud Computing , 2012, 2012 IEEE 15th International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops.

[44]  Biao Song,et al.  A market-oriented dynamic collaborative cloud services platform , 2010, Ann. des Télécommunications.

[45]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[46]  Shehnila Zardari,et al.  Cloud adoption: a goal-oriented requirements engineering approach , 2011, SECLOUD '11.

[47]  Eric Pardede,et al.  A Byzantine Fault Tolerance Model for a Multi-cloud Computing , 2013, 2013 IEEE 16th International Conference on Computational Science and Engineering.

[48]  Dimitrios Katsaros,et al.  Architectural Requirements for Cloud Computing Systems: An Enterprise Cloud Approach , 2011, Journal of Grid Computing.

[49]  Antonio F. Gómez-Skarmeta,et al.  Semantic-aware multi-tenancy authorization system for cloud architectures , 2014, Future Gener. Comput. Syst..

[50]  Wei Huang,et al.  The State of Public Infrastructure-as-a-Service Cloud Security , 2015, ACM Comput. Surv..

[51]  Petros Belimpasakis,et al.  A platform for proving family oriented RESTful services hosted at home , 2009, IEEE Transactions on Consumer Electronics.

[52]  Ricardo Jiménez-Peris,et al.  Elastic SI-Cache: consistent and scalable caching in multi-tier architectures , 2011, The VLDB Journal.

[53]  Stefan,et al.  Requirements Engineering for Cloud Computing , 2010 .

[54]  Muhammad Ali Babar,et al.  Towards Process Support for Migrating Applications to Cloud Computing , 2012, 2012 International Conference on Cloud and Service Computing.

[55]  Lan Chen,et al.  Semantic enhanced cloud environment for surveillance data management using video structural description , 2014, Computing.

[56]  Björn Hagemeier,et al.  SLA-based management of software licenses as web service resources in distributed computing infrastructures , 2012, Future Gener. Comput. Syst..

[57]  Filip De Turck,et al.  Cost-Effective Feature Placement of Customizable Multi-Tenant Applications in the Cloud , 2014, Journal of Network and Systems Management.

[58]  Miguel Soriano,et al.  DocCloud: A document recommender system on cloud computing with plausible deniability , 2014, Inf. Sci..

[59]  Rajkumar Buyya,et al.  Energy-aware resource allocation heuristics for efficient management of data centers for Cloud computing , 2012, Future Gener. Comput. Syst..

[60]  Muhammad Ali Babar,et al.  Migrating Service-Oriented System to Cloud Computing: An Experience Report , 2011, 2011 IEEE 4th International Conference on Cloud Computing.

[61]  Marc Frîncu,et al.  Scheduling highly available applications on cloud environments , 2014, Future Gener. Comput. Syst..

[62]  Jaime Ryan Rethinking the ESB: building a secure bus with an SOA gateway , 2012, Netw. Secur..

[63]  Inderveer Chana,et al.  A resource elasticity framework for QoS-aware execution of cloud applications , 2014, Future Gener. Comput. Syst..

[64]  Schahram Dustdar,et al.  Generic event‐based monitoring and adaptation methodology for heterogeneous distributed systems , 2014, Softw. Pract. Exp..

[65]  Muthu Ramachandran Business Requirements Engineering for Developing Cloud Computing Services , 2013 .

[66]  Yves Lemieux,et al.  Achieving High Availability at the Application Level in the Cloud , 2013, 2013 IEEE Sixth International Conference on Cloud Computing.

[67]  Mário M. Freire,et al.  Security issues in cloud environments: a survey , 2014, International Journal of Information Security.

[68]  Holger Schrödl,et al.  Requirements Engineering for Cloud Computing: A Comparison Framework , 2010, WISE Workshops.

[69]  Pierre Sens,et al.  Towards QoS-Oriented SLA Guarantees for Online Cloud Services , 2013, 2013 13th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing.

[70]  Jose M. Alcaraz Calero,et al.  Towards an architecture for deploying elastic services in the cloud , 2012, Softw. Pract. Exp..

[71]  Maya Daneva,et al.  Cloud computing security requirements: A systematic review , 2012, 2012 Sixth International Conference on Research Challenges in Information Science (RCIS).