Advances in Service-Oriented and Cloud Computing

Business processes modeling and management solutions provide powerful abstraction mechanisms for the control flow of complex, task-driven applications, and as such allow for better alignment with business-related concerns. Despite the existence and wide adoption of standardized business process management languages such as WS-BPEL and BPMN 2.0, workflow engines in current Platform-as-a-Service (PaaS) offerings are in practice more restricted, in part for reasons such as vendor lock-in, but also due to restrictions of multi-tenant environments. In this paper, we explore the main security-related problems caused by offering BPMN2-compliant workflow engines in a multi-tenant PaaS environment, particularly focusing on threats caused by misbehaving tenants and the lack of proper tenant isolation. In addition, we propose a service-level tenant isolation framework that allows PaaS offerings to support workflow engines which comply with the BPMN 2.0 standard, and we discuss the technical feasibility of implementing this framework using Java technologies such as OSGi and the Resource Consumption Management API (JSR-284).

[1]  Michael H. Kalantar,et al.  An architecture for virtual solution composition and deployment in infrastructure clouds , 2009, VTDC '09.

[2]  Jordi Torres,et al.  Characterizing Cloud Federation for Enhancing Providers' Profit , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[3]  Dana Petcu,et al.  Portable Cloud applications - From theory to practice , 2013, Future Gener. Comput. Syst..

[4]  Claus Pahl,et al.  Benchmark Requirements for Microservices Architecture Research , 2017, 2017 IEEE/ACM 1st International Workshop on Establishing the Community-Wide Infrastructure for Architecture-Based Software Engineering (ECASE).

[5]  Antonio Brogi,et al.  Cloud Container Technologies: A State-of-the-Art Review , 2019, IEEE Transactions on Cloud Computing.

[6]  Ramin Yahyapour,et al.  Cloud computing networking: challenges and opportunities for innovations , 2013, IEEE Communications Magazine.

[7]  R. S. Wigton,et al.  Forces and Patterns in the Scientific Cloud: Recent History and Beyond , 2016, CloudCom 2016.

[8]  K. Butler,et al.  Analysis Patterns for Cloud-Centric Atmospheric and Ocean Research , 2016, CloudCom 2016.

[9]  Claus Pahl,et al.  Cloud Migration Research: A Systematic Review , 2013, IEEE Transactions on Cloud Computing.

[10]  Benoit Hudzia,et al.  Future Generation Computer Systems Optimis: a Holistic Approach to Cloud Service Provisioning , 2022 .

[11]  Rajiv Ranjan,et al.  Osmotic Computing: A New Paradigm for Edge/Cloud Integration , 2016, IEEE Cloud Computing.

[12]  Wilhelm Hasselbring,et al.  Ontology-based modelling of architectural styles , 2009, Inf. Softw. Technol..

[13]  Colin Ware,et al.  GeoZui3D: data fusion for interpreting oceanographic data , 2001, MTS/IEEE Oceans 2001. An Ocean Odyssey. Conference Proceedings (IEEE Cat. No.01CH37295).

[14]  Antonio Puliafito,et al.  The Need of a Hybrid Storage Approach for IoT in PaaS Cloud Federation , 2014, 2014 28th International Conference on Advanced Information Networking and Applications Workshops.

[15]  Antonio Puliafito,et al.  DRACO PaaS: A Distributed Resilient Adaptable Cloud Oriented Platform , 2013, 2013 IEEE International Symposium on Parallel & Distributed Processing, Workshops and Phd Forum.

[16]  F. F. Pérèz,et al.  GLOBAL OCEAN DATA ANALYSIS PROJECT, VERSION 2 (GLODAPv2) , 2015 .

[17]  Mike P. Papazoglou,et al.  Blueprinting the Cloud , 2011, IEEE Internet Computing.

[18]  Massimo Villari,et al.  Data On-Boarding in Federated Storage Clouds , 2013, 2013 IEEE Sixth International Conference on Cloud Computing.

[19]  Antonio Puliafito,et al.  How to Enhance Cloud Architectures to Enable Cross-Federation , 2010, IEEE CLOUD.

[20]  Scott C. Doney,et al.  Ocean acidification : a critical emerging problem for the ocean sciences , 2009 .

[21]  Claus Pahl,et al.  Structural Process Pattern Matching Based on Graph Morphism Detection , 2017, Int. J. Softw. Eng. Knowl. Eng..

[22]  Frank Leymann,et al.  Defining Composite Configurable SaaS Application Packages Using SCA, Variability Descriptors and Multi-tenancy Patterns , 2008, 2008 Third International Conference on Internet and Web Applications and Services.

[23]  Claus Pahl,et al.  Layered Ontological Modelling for Web Service-Oriented Model-Driven Architecture , 2005, ECMDA-FA.

[24]  C. Sabine,et al.  Consistency of cruise data of the CARINA database in the Atlantic sector of the Southern Ocean , 2009 .

[25]  Ray Walshe,et al.  A Comparison of On-Premise to Cloud Migration Approaches , 2013, ESOCC.

[26]  Claus Pahl,et al.  Pattern‐based multi‐cloud architecture migration , 2017, Softw. Pract. Exp..

[27]  Walter H. F. Smith,et al.  Gridding with continuous curvature splines in tension , 1990 .

[28]  Claus Pahl,et al.  Migration to PaaS clouds - Migration process and architectural concerns , 2013, 2013 IEEE 7th International Symposium on the Maintenance and Evolution of Service-Oriented and Cloud-Based Systems.

[29]  Colin Ware,et al.  An evaluation of methods for linking 3D views , 2003, I3D '03.