Mohd Fadzil Hassan

Renegotiation in Service Level Agreement Management for a Cloud-Based System

Managing Service Level Agreement (SLA) within a cloud-based system is important to maintain service continuity and improve trust due to cloud flexibility and scalability. We conduct a general review on cloud-based systems to understand how service continuity and trust are addressed in cloud SLA management. The review shows that SLA renegotiation is necessary to improve trust and maintain service continuity; however, research on SLA renegotiation is limited. Of the two key approaches in renegotiation, namely bargaining-based negotiation and offer generation--based negotiation, the latter approach is the most promising due to its ability to generate optimized multiple-offer SLA parameters within one round during renegotiation.

Framework for Alternate Execution of Workflows Under Threat

The main objective of the research is to propose an execution framework for workflow systems under threat. When the threat (intrusion) is detected, the workflow system needs to be stopped immediately to avoid any possible loss of enterprise data. The system becomes active again, once it is completely recovered from the threat. This proposed framework overcomes the problem of discontinuity of services as a result of threat detection by enabling the execution of the workflow on an alternate path, keeping the security and integrity of the asset information intact. Hence the system remains available all the time in a secured fashion making it possible for the end user to access the services and data even in the vulnerable state. To achieve the specified goals, the special authentication mechanism has been adopted to authorize the users after threat is detected. Then the data is hibernated that is transferred to the designed dimensions and the connectivity and access to the hibernated data is provided by the chameleon agent. These three core components enable the workflow to execute in a secured and robust manner during system’s unsafe state.

Moving towards two dimensional passwords

The main objective of the research is to specify two dimensional passwords that can possess much more strength as compared to linear passwords. These passwords are strong enough to provide effective and secure authentication under certain alarming situations. The alarming situations are the situations where the possibility to breach the system security exists. The specification of the two dimensional nxn passwords has been provided based on NIST standards. The strength of nxn password has been calculated that has proven to be much more as compared to the linear passwords. It is proposed that these passwords should be used under alarming situations such as the protection requirement for some critical resource, special authentication when the system is in unsafe state or protection of sensitive data. Therefore it has been recommended to move from linear passwords to the passwords defined in two dimensional space, whenever some alarming situation arises.

Model driven security frameworks for addressing security problems of Service Oriented Architecture

Service Oriented Architecture (SOA) based on Web Services technology gained popularity because business work flows can easily be executed as an orchestration of Web Services. These Web Services are independently developed and may be internal or external. With increase in connectivity among the Web Services, security risks rise exponentially. Moreover the security requirements are not defined at organizational level rather they left until the technical level. Many security problems related to SOA applications are highlighted by different authors which if not properly managed might have serious consequences. Various Model Driven Security Frameworks are presented by different research groups to overcome the security problems of SOA based applications. In this paper we have highlighted the security problems for SOA based applications and few Model Driven Security Frameworks are presented to develop secure software applications; their working style and security goals are also discussed in the course of paper.

Client's Perspective: Realization as a New Generation Process for Software Project Development and Management

IT industry despite the wide use of most modern tools and technologies has been unable to achieve targeted success. Awry situations in projects have become routine matter. Besides technical other factors influencing software development activities also need to be considered. Software development and consultancy organizations must realize the importance of such technical and non-technical factors like client’s perspective, organizational environment, company policies and social infrastructure. Identification and managing such issues are more cumbersome than routine practical tasks. This paper focuses on one of the most important and critical cum technical factor client’s perspective. Elements comprising client’s perspective are identified and the spider web model is proposed to practice it. Real projects based evaluation is made. The results elaborate the client based practices. Client based practices would be an advent of new generation of processes to overcome IT industry dilemma.

Development of private cloud storage for medical image research data

Medical imaging research deals with large, heterogeneous and fragmented amounts of medical images. Such challenges lead to the need for secure, federated and functional medical image storage within this research community. With limited IT professional and research fund, the community is better provided with an outsourcing arrangement. Cloud computing promises lower cost, high scalability and availability which can be a natural solution such problems in long-term medical image archive. This paper presents a private cloud storage design and prototype development within an organization to solve such issues. Leveraging on the ability of cloud computing is shown meet to the system requirements. The prototype is implemented on OwnCloud cloud storage framework. The complete functionality of OwnCloud made it an ideal platform to develop and deploy this kind of cloud-based system. OwnCloud can keep images in different file formats and share such images to other researchers in simple way.

Monitoring web services' quality of service: a literature review

Monitoring Quality of Service (QoS) compliance is an important procedure in web service environment. It determines whether users’ expectations are met, and becomes the vital factor for them to decide whether to continue paying for the service or not. The monitoring is performed by checking the actual services performance against the QoS stated in Service Level Agreement (SLA). In relation to that, the need for monitoring vague QoS specifications in SLA has become more apparent nowadays. This paper reviews the published literature on web services QoS monitoring. A total of 60 selected articles were systematically analyzed. There were 23 of the articles selected through restrictive search criteria while the other 37 were selected based on unrestrictive search criteria. The review shows that little evidence exists on monitoring vague QoS specifications of web services. Providing ability for monitoring QoS that is specified vaguely in SLA could give new insights and implications to web services field. This paper concludes with some recommended future works to construct the theory and perform the empirical research.

Rule-based pattern extractor and named entity recognition: A hybrid approach

Name Entity Recognition (NER) is one of the important tasks in Information Extraction (IE) research that has been flourishing for more than fifteen years ago. NER enables an IE system to recognize and classify information units in an unstructured text. This paper presents a Rule-based pattern extractor and a Semi-Supervised NER approach to automatically generate extraction pattern from a limited corpus and label the pre-defined entities in a collection of accident documents. Link Grammar parser and Stanford Part-of-Speech tagger are used in the pattern extractor to identify named entity and construct extraction pattern. The extraction pattern then feed to Semi-Supervised NER to categorize the entities into some predefined categories. Performance is evaluated using Exact Match evaluation and tested on two different entities-DATE and LOCATION. Using only two features, the system shows promising result.

Limitations and measures in outsourcing projects to geographically distributed offshore teams

Latest global social, economic and technological changes have given birth to a new generation of software engineering practice. Traditional approaches of software development have become less popular. Software development by centrally located in-house teams has slowly been replaced by geographically distributed offshore teams. As such project outsourcing to geographically distributed offshore teams has become a popular and profitable practice. Although it has a number of positive aspects, disadvantages of outsourcing to distributed offshore teams far out-weighted its advantages. This paper identifies those limitations associated with this trend and recommends respective measures to improve the process to overcome them. Real projects outsourced to distributed offshore teams have been exercised and analyzed to identify the limitations and deriving respective measures. The paper suggests that the success of project management activities is dependent on reducing the risk factors and the capability of the project managers to manage the issues involved.

Agent based monitoring framework for SOA applications quality

Service Oriented Architecture (SOA) and web service technology plays a great role in enabling the integration of different systems from different enterprises and platforms. Usually, the service provided to consumers in such systems requires a specific level of quality to be ensured by the providers. So, the consumer and provider enter into a mutual Service Level Agreement (SLA) which is a contract defining the obligations, rights, and penalties between the provider of a web service and a client with respect to the services quality. Monitoring is required at they service provider and service consumer sides in order to ensure the satisfaction of SLA. This research aims to provide an automated monitoring framework for non-functional attributes of SOA to ensure the trustworthiness of SLA for SOA applications using agent technology. A quality model has been developed as a basis for this monitoring framework. The quality model will identify the related quality attributes and their metrics from different multi-stakeholders perspective.