This chapter considers a set of computer resources used by a service provider to host enterprise applications for customer services subject to a service level agreement (SLA). The SLA defines three QoS metrics, namely, trustworthiness, percentile response time and availability. We first give an overview of current approaches, solutions and challenges in the security-aware resource optimization problem. Then, we present a framework for solving the problem. We further propose an approach for resource optimization in such an environment that minimizes the total cost of computer resources used by a service provider for such an application while satisfying all these three QoS metrics in a security-aware resource optimization problem that typically arises in distributed service computing. We formulate the security-aware resource optimization problem as an optimization problem under the SLA constraints, and solve it using an efficient numerical procedure. Finally, we conclude our discussion and provide the research directions for future study.
Introduction To Security-Aware Resource Optimization
With the number of e-Business applications dramatically increasing, service level agreement (SLA) will play an important part in distributed service computing. An SLA is a combination of several qualities of services (QoS), such as security, performance, availability, and reliability, agreed between a customer and a service provider. The service provider may be a telecommunications carrier, an Internet service provider, or any company that provides outsourcing services. The services provided may include dedicated leased lines, shared packet-oriented services, Web hosting services, off-site application management, and off-site network management. With the ubiquity of mobile devices such as smartphones and PDAs, mobile devices will generate a large percentage of Web service requests.
An SLA defines all aspects of the service being provided. It generally consists of security, performance and availability. Security can be categorized as identity security and behavior security. Identity security includes the authentication and authorization between a customer and a service provider, data confidentiality and data integrity. Behavior security describes the trustworthiness among multiple resource sites, and the trustworthiness of these resource sites by customers, including the trustworthiness of computing results provided by these sites. In the chapter, we are only concerned with trustworthiness. Performance includes the two following aspects.
Response time is the time for a service request to be satisfied. That is, this is the time it takes for a service request to be executed on the service provider’s multiple resource sites. The definition is consistent with the term in queueing theory. That is, it is the total time that a service request spends in a queueing system. We must point out that the definition of response time here is usually known as the turnaround time in a computer system. However, we will not be confused by the definition of response time since a discussion of response time in the chapter is restricted in a queueing system. More precisely, we will propose a queueing network method to calculate the response time in the chapter.
Throughput is the service rate that a service provider can offer. It is defined as the number of service requests whose processing is completed in a single unit of time.
Finally, service availability is the percentage of time that a service provider can offer services.
In this chapter, we shall discuss security-aware resource optimization in service computing application under SLA guarantees. We first give an overview of existing research taken on this subject, and briefly discuss the challenges of solving the security-aware resource optimization problem. Then, we propose an approach for solving the problem. Specifically, we define and solve a security-aware resource optimization problem that occurs in Web service applications, subject to the constraints of trustworthiness, percentile response time and availability.
Key Terms in this Chapter
Throughput: It is the service rate that a service provider can offer. It is defined as the number of service requests whose processing is completed in a single unit of time.
Distributed Service Computing: It is a method of computer service processing in which different parts of a service program run simultaneously on two or more computers that are communicating with each other over a network.
Trust: It is defined as a firm belief in the competence of a resource site that acts as expected. “Trust” is used to deal with the notion of the trustworthiness.
Service Level Agreement (SLA): It is a service contract where the level of service is formally defined through a negotiation between customers and their service provider, or between service providers.
Service Composition: It integrates services chosen from a number of universal service sites regarding of their location, platform and execution speed.
Availability: It is the percentage of time that a service provider can offer services.
Quality of Service (QoS): It refers to the capability of a service provider to provide a better service to its customers. The elements of QoS often include security, performance, and availability that are defined in SLA in service computing.
Web Service: It a software system designed to support an interoperable interaction between computers over a computer network.
Response Time: It is the time for a service request to be satisfied. That is, this is the time it takes for a service request to be executed on the service provider’s multiple resource sites. Note that the definition is usually known as the turnaround time in a computer system. However, we have proposed a queueing network method to calculate the response time in the chapter. Thus, the definition of response time is given in the chapter from a queueing theory point of view. That is, it is the total time that a job spends in the queueing system.