Nejib Ben Hadj-Alouane

A platform as-a-service for hybrid cloud/fog environments

Fog computing brings cloud close to end-users and data sources by enabling computation and storage at the edges of the network. An application can have some of its components running in a “distant” cloud and interacting with the other components running in the fog, closer to end-users and data sources such as wireless sensors. Low latency is the main benefit. Applications spanning cloud and fog, such as Internet of Things (IoT) applications, are still provisioned manually nowadays. This paper proposes an architecture for a Platform as-a-Service (PaaS) to automate applications provisioning in a hybrid cloud/fog environment. Cloud Foundry is used as the basis for its implementation. As a use case, the proposed PaaS was employed to provision a simple component-based IoT application that detects fire and dispatches robots to fight the fire. A prototype is built and measurements are made.

Event-B Based Approach for Verifying Cloud Resource Allocation in Business Process

Cloud environments are being increasingly used for deploying and executing business processes to provide a high level of performance with low operating cost. Nevertheless, due to the lack of explicit and formal description of the resource perspective in existing business processes, cloud resources cannot be efficiently and optimally managed. The aim of the present paper is to offer a formal definition of the resource perspective in business processes as a step towards ensuring correct and optimal Cloud resource allocation in business process modeling. Concretely, we propose a formalism based on the Event-B for specifying Cloud resource allocation policies in business process models. This formal specification is used to formally validate the consistency of Cloud resource allocation for process modeling at design time, and to analyze and check its correctness according to users needs and resource properties. In order to show its feasibility, our approach has been tested using a real use case study from an industrial partner.

Traffic-aware virtual machine placement in geographically distributed Clouds

In this work, we focus on the problem of virtual machines (VMs) placement in geographically distributed data centers, where tenants may require a set of networking VMs. The aim of the present work is to plan and optimize the placement of tenants VMs in a distributed Cloud environment while considering location and system performance constraints. Thus, we propose ILP formulations which have as objective the minimization of traffic generated by networking VMs and circulating on the backbone network. The different experiments conducted on the proposed formulations show the effectiveness of our model for large-scale Cloud systems in terms of running time and computational resources.

A Demo of IoT Healthcare Application Provisioning in Hybrid Cloud/Fog Environment

Fog computing brings cloud closer to end-users and data sources by enabling computation at the edge of the network. Low latency is the main benefit. IoT applications are often latency-sensitive. Such applications may be provisioned as component-based in a hybrid cloud/fog environment with components spanning cloud and fog. This will enable placing some of its components in the fog domain closer to the IoT devices, and consequently reduce the latency. However, provisioning applications in hybrid cloud/fog environment is still manual today. Existing PaaS do not support interacting with fog nodes, at the edge, for applications components provisioning. This demo shows the key features of the hybrid Platform as-a-Service (PaaS) we have designed for IoT applications provisioning in cloud and fog environments. Three goals are assigned to the demo: (1) How applications can be designed and developed in such environments, (2) how the hybrid PaaS deploys the applications components across cloud and fog nodes, and (3) how it executes and manages them using appropriate orchestration techniques.

Opacity Preserving Abstraction for Web Services and Their Composition Using SOGs

Automatic composition of Web services requires that the providers publish an abstract version of their Web services to a registry. They offer this abstraction instead of the complete Web service to ensure the privacy of their internal know-how and trade secrets. Many studies have offered methods to do this, but none of them is able to formally prove their ability to keep the secret information hidden. In this article we turn to the verification of opacity, a formal security property that allows not only to preserve the secret but also to formally prove that it remains hidden. In particular, we investigate if the composition of two opaque Web services is also opaque. Our work consists in verifying the opacity of the composition of two Web services through the verification of the opacity of their individual abstractions represented by Symbolic Observation Graphs.

Checking Opacity of Vulnerable Critical Systems On-The-Fly

Opacity is a security property capturing a systems ability to keep a subset of its behavior hidden from passive, but knowledgeable, observers. In this paper we use the formal definitions of opacity in three of its forms simple opacity, -step weak opacity and -step strong opacity, basing on finite Labeled Transition Systems as a model. Then we present efficient algorithms for verifying opacity in all these forms within the context of a hybrid, on-the-fly approach. This approach is based on the construction of a Symbolic Observation Graph SOG that allows not only the abstraction of the systems behavior but also the preservation of the structure necessary for conducting opacity checking. Our preliminary experimental results are promising and demonstrate effectiveness facing the state-explosion problem which represents the main drawback of existing model checking techniques.

A demo of a PaaS for IoT applications provisioning in hybrid cloud/fog environment

This demo will show the key features of a Platform as-a-Service (PaaS) we have proposed in a research paper accepted for presentation at IEEE LANMAN 2016 conference. The proposed PaaS enables IoT applications provisioning in hybrid cloud/fog environments. Two goals are assigned to the demo. On the one hand, we will highlight how IoT applications can be provisioned in such environments. On the other hand, we will show concretely the advantages these hybrid environments have over traditional cloud environments. The provisioning in these hybrid environments enables latency reduction and processing performance enhancement. Indeed, in order to reduce latency, the applications can have some of its components running in a distant cloud and interacting with the other components running in the fog, closer to IoT devices.

On the Verification of Opacity in Web Services and their Composition

Web service (WS) providers need to restrain access to private information when cooperating with business partners. This need is translated in practice by an abstraction phase where inner data is withheld from public view. However, just like hiding encryption keys is not enough to prove the secrecy of information in a communication protocol, this procedure cannot prove the goal of secrecy is attained. Security related literature has turned in the past couple of decades to a new, formal, security property, i.e., opacity, to both hide and prove the privacy of secrets. Following our previous work on the use of the Symbolic Observation Graph (SOG), on one hand, to abstract and compose Web services, and to verify the opacity of systems on the other, we show in this paper how the verification of three different types of opacity in SOG-abstracted WSs is translated to the opacity of their composites. We hence establish that the SOG is a suitable abstraction that allows to check these opacity variants locally to each component of a composite WS, and preserves opacity by composition (i.e., each WS component is opaque iff the composite WS is).

Genetic-Based Approach for ATS and SLA-aware Web Services Composition

Composite applications leveraging several functionalities offered by Web services are today the underpinnings of enterprise computing. There are two kinds of requirements of web service composition: QoS requirements and transactional requirements. The QoS requirements are recorded in service-level agreements SLAs contract. The transactional requirements are expressed by designers as a set of accepted termination states ATS. n nIn this paper, we propose a novel selection and composition approach called ATS and SLA-aware Web services composition WSC. Our approach aims at finding composite service compliant with ATS and better satisfying the SLA contract. As the ATS and SLA-aware WSC is NP-hard problem, an efficient algorithm is required. This work adopts genetic algorithm to deal with combinatorial problem.

A Formal Approach for Verifying QoS Variability in Web Services Composition Using EVENT-B

The main issues for the fulfillment service level agreements (SLA) are concerned with problem of variability of QoS properties (vQoS). Indeed, the QoS properties may evolve frequently either because of internal changes or because of workload fluctuations. To solve the vQoS problem, we first introduced three variability operators: replicate, delete and replace. These operators will be used to reconfigure CWS when the SLA contract is violated. The first two operators are used to add and remove Web service instances, while the last one is used to substitute some faulty Web services. Then, we proposed an incremental approach for modeling and verifying the composites services (CWSs) reconfiguration using Event-B. We start by abstractly specifying the main requirements and then we refine them through several steps to model CWSs. The consistency of each model and the relationship between an abstract model and its refinements are obtained by formal proofs. Finally, we used ProB model-checker to trace possible design errors. We have exploited the LTL for dynamic reconfigurations to characterize the correct behavior of CWSs reconfiguration.