Gleb Radchenko

Microservices validation: Mjolnirr platform case study

Microservice architecture is a cloud application design pattern that implies that the application is divided into a number of small independent services, each of which is responsible for implementing of a certain feature. The need for continuous integration of developed and/or modified microservices in the existing system requires a comprehensive validation of individual microservices and their co-operation as an ensemble with other microservices. In this paper, we would provide an analysis of existing methods of cloud applications testing and identify features that are specific to the microservice architecture. Based on this analysis, we will try to propose a validation methodology of the microservice systems.

Towards Mitigating Uncertainty of Data Security Breaches and Collusion in Cloud Computing

Cloud computing has become a part of peoples lives. However, there are many unresolved problems with security of this technology. According to the assessment of international experts in the field of security, there are risks in the appearance of cloud collusion in uncertain conditions. To mitigate this type of uncertainty, and minimize data redundancy of encryption together with harms caused by cloud collusion, modified threshold Asmuth-Bloom and weighted Mignotte secret sharing schemes are used. We show that if the villains do know the secret parts, and/or do not know the secret key, they cannot recuperate the secret. If the attackers do not know the required number of secret parts but know the secret key, the probability that they obtain the secret depends the size of the machine word in bits that is less than 1/2 ((l-1)). We demonstrate that the proposed scheme ensures security under several types of attacks. We propose four approaches to select weights for secret sharing schemes to optimize the system behavior based on data access speed: pessimistic, balanced, and optimistic, and on speed per price ratio. We use the approximate method to improve the detection, localization and error correction accuracy under cloud parameters uncertainty.

Mjolnirr: Private PaaS as distributed computing evolution

Cloud computing became very popular during the last few decades. It provides convenient access to remote computing resources for individual users and organizations. However, there are still security issues arise if the private data is transmitted to the public cloud for processing. This issue can be resolved with private cloud systems. In this paper, we propose the design and implementation of a Mjolnirr private cloud platform for development of the private PaaS cloud systems. It provides infrastructure for cloud applications development, including software developer kit and message brokering system. Proposed cloud platform can be deployed on resources of a distributed computing system, including idling resources of personal computers. For a developer, a Mjolnirr application is represented as a collection of independent components communicating by a message exchange communication protocol.

Component-based development of cloud applications: a case study of the Mjolnirr platform

The use of a component-oriented approach to the development of distributed applications can significantly extend the scalability of the software systems. In this article we describe the Mjolnirr platform, providing deployment of private cloud PaaS systems, based on the component-oriented approach. Any library or Java application can be implemented on the basis of the Mjolnirr platform as a service. From a developer perspective, an application on the basis of the Mjolnirr platform is a set of independent components, which communicate through a message passing interface. We will discuss an architecture and basic aspects of the implementation of the Mjolnirr platform, consider a problem of workflows scheduling, approaches to simulation of cloud platforms by means of the private cloud PaaS-systems simulation system. Also, we will discuss the results of tests of the platform.

Identification of Saimaa Ringed Seal Individuals Using Transfer Learning

The conservation efforts of the endangered Saimaa ringed seal depend on the ability to reliably estimate the population size and to track individuals. Wildlife photo-identification has been successfully utilized in monitoring for various species. Traditionally, the collected images have been analyzed by biologists. However, due to the rapid increase in the amount of image data, there is a demand for automated methods. Ringed seals have pelage patterns that are unique to each seal enabling the individual identification. In this work, two methods of Saimaa ringed seal identification based on transfer learning are proposed. The first method involves retraining of an existing convolutional neural network (CNN). The second method uses the CNN trained for image classification to extract features which are then used to train a Support Vector Machine (SVM) classifier. Both approaches show over 90% identification accuracy on challenging image data, the SVM based method being slightly better.

AC-RRNS: Anti-collusion secured data sharing scheme for cloud storage

Abstract Cloud security issues are important factors for data storage and processing. Apart from the existing security and reliability problems of traditional distributed computing, there are new security and reliability problems. They include attacks on a virtual machine, attacks on the synchronization keys, and so on. According to the assessment of international experts in the field of cloud security, there are risks of cloud collusion under uncertain conditions. To mitigate this type of uncertainty and reduce harms it can cause, we propose AC-RRNS algorithm based on modified threshold Asmuth–Bloom and Mignotte secret sharing schemes. We prove that the algorithm satisfies the formal definition of computational security. If the adversary coalition knows the secret shares, but does not know the secret key, the probability to obtain the secret is less than 1 / ( 2 l ⋅ ( k − 1 ) ( 2 l − k − 1 ) ) . The probability is less than 1 / 2 ( l − 1 ) with unknown secret shares and known secret key, and 1 / 2 l ⋅ k with unknown secret key. Its complexity is equal to brute-force method. We demonstrate that the proposed scheme ensures security under several types of attacks. We propose approaches for selection of parameters for AC-RRNS secret sharing scheme to optimize the system behavior and data redundancy of encryption.

Bi-objective Heterogeneous Consolidation in Cloud Computing

In this paper, we address the problem of power-aware Virtual Machines (VMs) consolidation considering resource contention. Deployment of VMs can greatly influence host performance, especially, if they compete for resources on insufficient hardware. Performance can be drastically reduced and energy consumption increased. We focus on a bi-objective experimental evaluation of scheduling strategies for CPU and memory intensive jobs regarding the quality of service (QoS) and energy consumption objectives. We analyze energy consumption of the IBM System x3650 M4 server, with optimized performance for business-critical applications and cloud deployments built on IBM X-Architecture. We create power profiles for different types of applications and their combinations using SysBench benchmark. We evaluate algorithms with workload traces from Parallel Workloads and Grid Workload Archives and compare their non-dominated Pareto optimal solutions using set coverage and hyper volume metrics. Based on the presented case study, we show that our algorithms can provide the best energy and QoS trade-offs.

Experimental Analysis of Secret Sharing Schemes for Cloud Storage Based on RNS

In this paper, we address the application of Redundant Residue Number System (RRNS) to improve the security of public data storage, reduce storage space, and process encrypted data. We provide a comprehensive experimental analysis of Asmuth-Bloom [14] and Mignotte [15] schemes that use RRNS and Secret Sharing Scheme (SSS) to design reliable and secure storage systems. These schemes are studied in real multi-cloud environment to find compromise between performance, redundancy, and data security. We analyze and compare the speeds of encoding/decoding and upload/download of these algorithms for different RRNS settings with 11 well-known cloud storage providers. We also provide a mathematical analysis of the expected system behavior.

RAML-Based Mock Service Generator for Microservice Applications Testing

The automation capabilities and flexibility of computing resource scaling in cloud environments require novel approaches to application design. The microservice architectural style, which has been actively developing in recent years, is an approach to design a single application as a suite of small services. Continuous integration approach demands transition from manual testing methods to fully automated methods. The mocking is one of the methods to simplify development and testing of microservice applications. The mock service can be considered as an extension of mock object concept. It simulates the behavior of a web service based on a description of its interface. However, developers need to spend additional efforts on development and support of these mock services. We propose a method that would make it easier to generate mocks for REST services by using RAML specifications of services. Using this approach, we propose an implementation, which provides mock services generation and deployment as Docker containers.

Developing a Parking Monitoring System based on the analysis of images from an outdoor surveillance camera

In this paper, we describe a solution for monitoring of parking availability based on computer vision. It allows us to detect and track cars in a parking lot, while collected historical data helps us to predict availability status of parking during the day based on data mining techniques. Parking Monitoring System tracks availability based on an analysis of images from an outdoor surveillance camera and analyzes in real time the state of the parking complex. The system is developed to determine the number and location of available parking places and to inform the drivers. We provide an algorithm for image capture and analysis to recognize a car in a parking lot and to define parking spaces as either reserved or free.