Strong Accountability for Service Compliance in the Cloud

##plugins.themes.academic_pro.article.main##

Jinhui Yao
Shiping Chen
Chen Wang
David Levy
John Zic

Abstract

In recent years, computing resource provisioning through the adoption of the cloud computing has emerged as a promising paradigm to let companies and enterprises outsource their computational needs. Along with the widely adopted Service Oriented Architecture (SOA), organisations can wrap various kinds of technological product they are offering as a service, to collaborate with services provided by others to form new value-added business products. Facing the ever-escalating global competition in current economy, such collaboration is crucial for their survival. However, it is challenging to achieve trustworthiness in such a dynamic cross-domain environment, as each participant may deceit for individual benefits. As a solution, we propose a novel design to enforce strong accountability to enhance the trustworthiness in the cloud environment. With this accountability, the root of a violation can always be identified and associated with the responsible (or guilty) entity or entities, and this association is supported by non-disputable evidence. We elaborate the approach to incorporate our design into existing business processes defined using standard descriptive languages for business logic and service level agreements. Then we deploy the system into a computing cloud to evaluate its effectiveness.

##plugins.themes.academic_pro.article.details##

How to Cite
Jinhui Yao, Shiping Chen, Chen Wang, David Levy, & John Zic. (2011). Strong Accountability for Service Compliance in the Cloud. International Journal of Next-Generation Computing, 2(2), 180–199. https://doi.org/10.47164/ijngc.v2i2.97

References

  1. Aalst, W. M. P. v. d., Dumas, M., Ouyang, C., Rozinat, A., and Verbeek, E. 2008. Conformance checking of service behavior. ACM Trans. Internet Technology 8, 3, 1-30.
  2. Andrews, T., Curbera, F., Dholakia, H., et al. 2003. Business process execution language for web services (BPEL4WS) specications.
  3. Beeri, C., Eyal, A., Pilberg, A., and Milo, T. 2007. Monitoring business processes with queries. In International Conference on Very Large Database. Castro, M. and Liskov, B. 2002. Practical byzantine fault tolerance and proactive recovery. ACM Trans. Computer Systems 20, 4, 398-461.
  4. Daniel, F., Casati, F., D'Andrea, V., Mulo, E., Zdun, U., Dustdar, S., Strauch, S., Schumm, D., Leymann, F., Sebahi, S., Marchi, F., and Hacid, M. 2009. Business compliance governance in service oriented architectures. In International Conference on Advanced Informa&on Networking and Applications. 113-120.
  5. Druschel, P., Haeberlen, A., and Kouznetsov, P. 2007. Peerreview:practical accountability for distributed systems. In ACM SIGOPS symposium on Operating systems principles. 175-188.
  6. Ghezzi, C., Baresi, L., and Guinea, S. 2004. Smart monitors for composed services. In International Conference on Service Oriented Computing. 193-202.
  7. Haeberlen, A., Kouznetsov, P., and Druschel, P. 2006. The case for byzantine fault detection. In Conference on Hot Topics in System Dependability. 5-10.
  8. Haeberlen, A., Kouznetsov, P., and Druschel, P. 2007. Peerreview: Practical accountability for distributed systems. Technical report, Max Planck Institute for Software Systems. March.
  9. Huang, M., Peterson, L., and Bavier, A. 2006. Planetow:maintaining accountability for network services. In ACM SIGOPS Operating Systems Review. 89-94.
  10. Kim, Y. and Kher, V. 2007. Building trust in storage outsourcing:secure accounting of utility storage. In IEEE International Symposium on Reliable Distributed Systems. 55-64.
  11. Lamport, L. 1983. The weak byzantine generals problem. Journal of ACM 30, 3, 668-676.
  12. Lin, K.-J. and Chang, S. 2009. A service accountability framework for qos service management and engineering. Information Systems and E-Business Management 7, 429-446. 10.1007/s10257-009-0109-5.
  13. Lin, K.-J., Panahi, M., Zhang, Y., Zhang, J., and Chang, S.-H. 2009. Building accountability middleware to support dependable soa. IEEE Trans. Internet Computing 13, 2 (mar.), 16-25.
  14. Lou, J.-G., Fu, Q., Yang, S., Li, J., and Wu, B. 2010. Mining program workow from interleaved traces. In ACM SIGKDD international conference on Knowledge discovery and data mining. ACM, New York, NY, USA, 613-622.
  15. Mahbub, K. and Spanoudakis, G. 2004. A framework for requirents monitoring of service based systems. In International Conference on Service Oriented Computing. 84-93.
  16. Miseldine, P., Flegel, U., and Schaad, A. 2008. Supporting evidence-based compliance evaluation for partial business process outsourcing scenarios. In Requirements Engineering and Law. 31-34.
  17. Moser, O., Rosenberg, F., and Dustdar, S. 2008. Non-intrusive monitoring and service adaptation for wsbpel. In WWW '08: Proceeding of the 17th international conference on World Wide Web. ACM, New York, NY, USA, 815-824.
  18. Mulgan, R. 2000. Accountability: An ever-expanding concept? In Public Administration. 555-573.
  19. Papazoglou, M., Traverso, P., Dustdar, S., and Leymann, F. 2007. Service-oriented computing: State of the art and research challenges. In Trans. IEEE Computer 40, 11 (nov.), 38-45.
  20. Ruffo, G. and Crispo, B. 2001. Reasoning about accountability within delegation. In International Conference on Information and Communications Security. 251-260.
  21. Schumm, D., Leymann, F., Ma, Z., Scheibler, T., and Strauch, S. 2010. Integrating compliance into business processes. In Multikonferenz Wirtschaftsinformatik.
  22. Sommers, J., Barford, P., Duffield, N., and Ron, A. 2007. Accurate and ecient sla compliance monitoring. SIGCOMM Computer Communication Review 37, 4, 109-120.
  23. Sommers, J., Barford, P., Duffield, N., and Ron, A. 2010. Multiobjective monitoring for sla compliance. IEEE/ACM Trans. on Networking 18, 2 (apr.), 652-665.
  24. Spring, N., Peterson, L., Bavier, A., and Pai, V. 2006. Using planetlab for network research: myths, realities, and best practices. SIGOPS Operating System Review 40, 1, 17-24.
  25. Wang, C., Chen, S., and Zic, J. 2009. A contract-based accountability service model. In IEEE International Conference on Web Services. 639-646.