IC2E 2015 Accepted Papers with Abstracts

Abstract: In the expanding "Internet of Things" (IoT), "Machine-to-Machine" (M2M) applications exist with large homogeneous populations of devices that utilize general-purpose communications infrastructures, and in particular, cellular wireless networks. Understanding the behavior of these applications at large scale can be challenging since they often operate within an environment with various layers of abstraction and where system activity at one layer may lead to unanticipated consequences at other layers. This paper investigates several commercial M2M applications at the cellular wireless "signaling layer," and looks specifically at how the linguistic characteristics, in the form of n-grams, of device interactions with cellular carrier network elements help provide insights into the systems' behavior.

Abstract: DevOps is an emerging paradigm to actively foster the collaboration between system developers and operations in order to enable efficient end-to-end automation of software deployment and management processes. DevOps is typically combined with Cloud computing, which enables rapid, on-demand provisioning of underlying resources such as virtual servers, storage, or database instances using APIs in a self-service manner. Today, an ever-growing amount of DevOps tools, reusable artifacts such as scripts, and Cloud services are available to implement DevOps automation. Thus, informed decision making on the appropriate approach(es) for the needs of an application is hard. In this work we present a collaborative and holistic approach to capture DevOps knowledge in a knowledgebase. Beside the ability to capture expert knowledge and utilize crowdsourcing approaches, we implemented a crawling framework to automatically discover and capture DevOps knowledge. Moreover, we show how this knowledge is utilized to deploy and operate Cloud applications.

Abstract: Security is considered an ongoing challenge in Cloud Computing. However, the concerns regarding uptake of public cloud services are more nuanced, including issues of management and compliance. Currently, cloud consumers have few mechanisms for control over how their information is managed within the cloud provider's infrastructure.

Information Flow Control (IFC) is a mechanism in which labels are coupled to data to govern its flow throughout a system. Our project CloudSafetyNet has already investigated IFC enforcement at the kernel level (FlowK), to protect data flows within a virtual machine.

This paper makes the case for, and demonstrates an IFC-enforcing, messaging middleware.
We show how this enables more than machine/tenant compartmentalisation, by giving the much finer-grained data controls---that cloud users require---within and across containers, VMs, systems and services. Further, it enables the separation of (data) management policy from application/service-logic, enabling policy to target particular cloud mechanisms, and giving the potential for consistent enforcement across the infrastructure of different administrative domains. We demonstrate the feasibility of the approach through an implemented scenario, and highlight the steps towards full end-to-end information flow management, using integration with our own kernel enforcement mechanism as a proof of concept.

Abstract: Operational security assurance of a networked system requires providing constant and up-to-date evidence of its operational state. In a cloud-based environment we deploy our services as virtual guests running on external hosts. As this environment is not under our full control, we have to find ways to provide assurance that the security information provided from this environment is accurate, and our software is running in the expected environment. In this paper, we present an architecture for providing increased confidence in measurements of such cloud-based deployments. The architecture is based on a set of deployed measurement probes and trusted platform modules (TPM) across both the host infrastructure and guest virtual machines. The TPM are used to verify the integrity of the probes and measurements they provide. This allows us to ensure that the system is running in the expected environment, the monitoring probes have not been tampered with, and the integrity of measurement data provided is maintained. Overall this gives us a basis for increased confidence in the security of running parts of our system in an external cloud-based environment.

Abstract: RESTful APIs are widely adopted in designing components that are combined to form web information systems. The use of REST is growing with the inclusion of smart devices and the Internet of Things, within the scope of web information systems, along with large-scale distributed NoSQL data stores and other web-based and cloud-hosted services. There is an important subclass of web information systems and distributed applications which would benefit from stronger transactional support, as typically found in traditional enterprise systems. In this paper, we propose REST+T (REST with Transactions), a transactional RESTful data access protocol and API that extends HTTP to provide multi-item transactional access to data and state information across heterogeneous systems. We describe a case study called Tora, where we provide access through REST+T to an existing key-value store (WiredTiger) that was intended for embedded operation.

Abstract: Big Data applications receive an ever-increasing amount of attention, thus becoming a dominant class of applications that are deployed over virtualized environments. Cloud environments entail a large amount of complexity relative to I/O performance. The use of Big Data increases the complexity of I/O management as well as its characterization and prediction: As I/O operations become growingly dominant in such applications, the intricacies of virtualization, different storage backends and deployment setups significantly hinder our ability to analyze and correctly predict I/O performance.

To that end, this work proposes an end-to-end modeling technique to predict performance of I/O--intensive Big Data applications running over cloud infrastructures. We develop a model tuned over application and infrastructure dimensions: Primitive I/O operations, data access patterns, storage backends and deployment parameters. The trained model can be used to predict both I/O but also general task performance.
Our evaluation results show that for jobs which are dominated by I/O operations, such as I/O-bound MapReduce jobs, our model is capable of predicting execution time with an accuracy close to 90\% that decreases as application processing becomes more complex. However, even when accurate predictions based only on I/O characteristics cannot be feasible, our model places, with high accuracy, the lower bounds that the employed storage architecture imposes on the application execution time.

Abstract: As the cloud services journey through their lifecycle towards commodities, a challenging change to the revenue management is the demand for more granular pricing models such as pay-as-you-go and usage-based, rather than the extant coarse grain model that uses metrics such as usage hours for virtual machines (VMs). Hence, cloud service providers have to carefully choose the metering and rating tools and scale their infrastructure to effectively process the collected metering data.
In this paper, we focus on the metering and rating aspects of the revenue management and their adaptability to business and operational changes. We design a framework for IT cloud service providers to scale their revenue systems in a cost-aware manner. The main idea is to dynamically use existing or newly provisioned SaaS VMs, instead of dedicated setups, for deploying the revenue management systems. At on-boarding of new customers, our framework performs off-line analysis to recommend appropriate revenue tools and their scalable distribution by predicting the need for resources based on historical usage. At runtime, the framework employs an innovative load balancing approach to fine tune the resource distribution based on the real computation usage and customers workload demand. This allows the revenue management to adapt to the ever evolving business context. We evaluated our framework on a testbed of 20 physical machines that were used to deploy 12 VMs within OpenStack environment. Our analysis shows that service management related tasks can be offloaded to the existing VMs with at most 15% overhead in CPU utilization, 10% overhead for memory usage, and negligible overhead for I/O and network usage. By dynamically scaling the setup, we were able to reduce the metering data processing time by many folds without incurring any additional cost.

Abstract: Data curation activities in collaborative databases, e.g., as in scientific databases, mandate that collaborators interact extensively until they converge and agree on the content of each data value in their database. Typically, data that is updated by a member of the collaboration is made visible to all collaborators for comments but at the same time is pending the approval or rejection of the data custodian, e.g., the principal scientist or principal investigator (PI). In current database technologies, approval and authorization of updates is based solely on the identity of the user, e.g., via the SQL GRANT and REVOKE commands. However, in collaborative environments, the updated data is open for collaborators for discussion and further editing and is finally approved or rejected by the PI based on the contents of the data and not on the identity of an updater. In this paper, we introduce a cloud-based collaborative database system that promotes and enables collaboration and data curation scenarios. We realize content-based update approval and the tracking of the history of updates inside HBase, a distributed and scalable open-source cluster-based database that is suitable for very large tables. The design and implementation as well as a detailed performance study of several proposed approaches for update approval models are presented and contrasted in the paper.

Abstract: We are developing a new public cloud, the {\em Massachusetts Open
Cloud} based on the model of an Open Cloud eXchange (OCX). We
discuss in this paper the vision of an OCX and how we intend to
realize it using OpenStack in the MOC. A limited form of an OCX can
be achieved today by layering new services on top of the OpenStack
open source cloud platform. We
have performed an analysis of OpenStack to determine its changes
needed in order to implement functionality needed to fully implement
the OCX model. We describe these proposed changes, which although
significant and requiring broad community involvement will provide
functionality of value to both existing single-provider clouds as well
as future multi-provider ones.

Abstract: In this work we address the problem of predicting the performance of a complex application deployed over virtualized resources. Cloud computing has enabled numerous companies to develop and deploy their applications over cloud infrastructures for a wealth of reasons including (but not limited to) decrease costs, avoid administrative effort, rapidly allocate new resources, etc. Virtualization however, adds an extra layer in the software stack, hardening the prediction of the relation between the resources and the application performance, which is a key factor for every industry. To address this challenge we propose PANIC, a system which obtains knowledge for the application by actually deploying it over a cloud infrastructure and then, approximating the performance of the application for the all possible deployment configurations. The user of PANIC defines a set of resources along with their respective values in which her application can be deployed to and then the system samples the deployment space formed by all the combinations of the resources, deploys the application in some representative points and utilizes a wealth of approximation techniques to
predict the behavior of the application in the remainder space. The experimental evaluation has indicated that a small portion of the possible deployment configurations is enough to create profiles with high accuracy for three real world applications.

Abstract: Big data tools have evolved rapidly in recent years. MapReduce is very successful but not optimized for many important analytics; especially those involving iteration. In this regard, Iterative MapReduce frameworks improve performance of MapReduce job chains through caching. Further Pregel, Giraph and GraphLab abstract data as a graph and process it in iterations. However, all these tools are designed with fixed data abstraction and have limitations in communication support. In this paper, we introduce a collective communication layer which provides optimized communication operations on several important data abstractions such as arrays, key-values and graphs, and define a Map-Collective model which serves the diverse communication demands in different parallel applications. In addition, we design our enhancements as plug-ins to Hadoop so they can be used with the rich Apache Big Data Stack. Then for example, Hadoop can do in-memory communication between Map tasks without writing intermediate data to HDFS. With improved expressiveness and excellent performance on collective communication, we can simultaneously support various applications from HPC to Cloud systems together with a high performance Apache Big Data Stack.