Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014140
Samuel Marchal, J. François, R. State, T. Engel
Despite the growth of prevention techniques, phishing remains an important threat since the principal countermeasures in use are still based on reactive URL blacklisting. This technique is inefficient due to the short lifetime of phishing Web sites, making recent approaches relying on real-time or proactive phishing URLs detection techniques more appropriate. In this paper we introduce PhishScore, an automated real-time phishing detection system. We observed that phishing URLs usually have few relationships between the part of the URL that must be registered (upper level domain) and the remaining part of the URL (low level domain, path, query). Hence, we define this concept as intra-URL relatedness and evaluate it using features extracted from words that compose a URL based on query data from Google and Yahoo search engines. These features are then used in machine learning based classification to detect phishing URLs from a real dataset.
{"title":"PhishScore: Hacking phishers' minds","authors":"Samuel Marchal, J. François, R. State, T. Engel","doi":"10.1109/CNSM.2014.7014140","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014140","url":null,"abstract":"Despite the growth of prevention techniques, phishing remains an important threat since the principal countermeasures in use are still based on reactive URL blacklisting. This technique is inefficient due to the short lifetime of phishing Web sites, making recent approaches relying on real-time or proactive phishing URLs detection techniques more appropriate. In this paper we introduce PhishScore, an automated real-time phishing detection system. We observed that phishing URLs usually have few relationships between the part of the URL that must be registered (upper level domain) and the remaining part of the URL (low level domain, path, query). Hence, we define this concept as intra-URL relatedness and evaluate it using features extracted from words that compose a URL based on query data from Google and Yahoo search engines. These features are then used in machine learning based classification to detect phishing URLs from a real dataset.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115239341","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014151
Tharindu Patikirikorala, A. Colman, Jun Han
When resources are shared in a virtual machine environment, providing different performance levels to different customer applications is a challenging task. In order to sustain stability, the control solution not only has to take into account the time-based dynamics, but also has to adapt to various operating modes. This paper proposes the 4M-Switch supervisory control system design framework, which takes into account the possible operating modes and dimension changes of the VM environment at design time and then adapts the control solution to achieve required management goals when changes occur at runtime. 4M-Switch utilizes a piece-wise linear modeling approach to present the behavior of the system using multiple models and simple switching logic to change the controller parameters to mitigate the effects of nonlinearities. The experiment results conducted under a range of conditions show that 4M-Switch approach effectively adapts the control solution and provides significantly more stable performance differentiation compared to the existing approaches.
{"title":"4M-Switch: Multi-mode-multi-model supervisory control framework for performance differentiation in virtual machine environments","authors":"Tharindu Patikirikorala, A. Colman, Jun Han","doi":"10.1109/CNSM.2014.7014151","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014151","url":null,"abstract":"When resources are shared in a virtual machine environment, providing different performance levels to different customer applications is a challenging task. In order to sustain stability, the control solution not only has to take into account the time-based dynamics, but also has to adapt to various operating modes. This paper proposes the 4M-Switch supervisory control system design framework, which takes into account the possible operating modes and dimension changes of the VM environment at design time and then adapts the control solution to achieve required management goals when changes occur at runtime. 4M-Switch utilizes a piece-wise linear modeling approach to present the behavior of the system using multiple models and simple switching logic to change the controller parameters to mitigate the effects of nonlinearities. The experiment results conducted under a range of conditions show that 4M-Switch approach effectively adapts the control solution and provides significantly more stable performance differentiation compared to the existing approaches.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131763385","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014204
Rashid Mijumbi, J. Serrat, J. Rubio-Loyola, N. Bouten, F. Turck, Steven Latré
Network virtualization allows for an abstraction between user and physical resources by letting a given physical infrastructure to be shared by multiple service providers. However, network virtualization presents some challenges, such as, efficient resource management, fast provisioning and scalability. By separating a network's control logic from the underlying routers and switches, software defined networking (SDN) promises an unprecedented simplification in network programmability, management and innovation by service providers, and hence, its control model presents itself as a candidate solution to the challenges in network virtualization. In this paper, we use the SDN control plane to efficiently manage resources in virtualized networks by dynamically adjusting the virtual network (VN) to substrate network (SN) mappings based on network status. We extend an SDN controller to monitor the resource utilisation of VNs, as well as the average loading of SN links and switches, and use this information to proactively add or remove flow rules from the switches. Simulations show that, compared with three state-of-art approaches, our proposal improves the VN acceptance ratio by about 40% and reduces VN resource costs by over 10%.
{"title":"Dynamic resource management in SDN-based virtualized networks","authors":"Rashid Mijumbi, J. Serrat, J. Rubio-Loyola, N. Bouten, F. Turck, Steven Latré","doi":"10.1109/CNSM.2014.7014204","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014204","url":null,"abstract":"Network virtualization allows for an abstraction between user and physical resources by letting a given physical infrastructure to be shared by multiple service providers. However, network virtualization presents some challenges, such as, efficient resource management, fast provisioning and scalability. By separating a network's control logic from the underlying routers and switches, software defined networking (SDN) promises an unprecedented simplification in network programmability, management and innovation by service providers, and hence, its control model presents itself as a candidate solution to the challenges in network virtualization. In this paper, we use the SDN control plane to efficiently manage resources in virtualized networks by dynamically adjusting the virtual network (VN) to substrate network (SN) mappings based on network status. We extend an SDN controller to monitor the resource utilisation of VNs, as well as the average loading of SN links and switches, and use this information to proactively add or remove flow rules from the switches. Simulations show that, compared with three state-of-art approaches, our proposal improves the VN acceptance ratio by about 40% and reduces VN resource costs by over 10%.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"133 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126727622","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014163
Noura Limam, Malek Naouach
We consider the problem of optimizing the sensing strategy of a monitoring system in the presence of faulty sensors. We develop ORSg, an efficient data-driven algorithm for computing sampling strategies that nearly maximize the submodular utility of sensing with only a fraction of active and fault-prone sensors. Our approach combines techniques from information theory, game theory and submodular optimization. We empirically evaluate our algorithm with a real-world sensing scenario.
{"title":"Scheduled sampling for robust sensing","authors":"Noura Limam, Malek Naouach","doi":"10.1109/CNSM.2014.7014163","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014163","url":null,"abstract":"We consider the problem of optimizing the sensing strategy of a monitoring system in the presence of faulty sensors. We develop ORSg, an efficient data-driven algorithm for computing sampling strategies that nearly maximize the submodular utility of sensing with only a fraction of active and fault-prone sensors. Our approach combines techniques from information theory, game theory and submodular optimization. We empirically evaluate our algorithm with a real-world sensing scenario.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124030823","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014185
M. Aouadj, E. Lavinal, T. Desprats, M. Sibilla
Software defined networking (SDN) approaches rely on control languages to programmatically express the desired network behavior. Several SDN control languages use network virtualization to abstract the complex and dynamic nature of the physical infrastructure. However, almost all these languages use the same network abstraction model, which we believe is not the most appropriate one for expressing flexible and reusable network control policies. This paper presents work in progress towards a new high-level virtualization-based control language for SDN platforms. The main novelty of this language is to integrate a network abstraction model that explicitly identifies two kinds of virtual units: i) Fabrics to abstract packet transport functions and ii) Edges to abstract richer networking functions. We believe that this approach will allow network administrators to easily express modular and reusable network control policies independently of the underlying infrastructure.
{"title":"Towards a virtualization-based control language for SDN platforms","authors":"M. Aouadj, E. Lavinal, T. Desprats, M. Sibilla","doi":"10.1109/CNSM.2014.7014185","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014185","url":null,"abstract":"Software defined networking (SDN) approaches rely on control languages to programmatically express the desired network behavior. Several SDN control languages use network virtualization to abstract the complex and dynamic nature of the physical infrastructure. However, almost all these languages use the same network abstraction model, which we believe is not the most appropriate one for expressing flexible and reusable network control policies. This paper presents work in progress towards a new high-level virtualization-based control language for SDN platforms. The main novelty of this language is to integrate a network abstraction model that explicitly identifies two kinds of virtual units: i) Fabrics to abstract packet transport functions and ii) Edges to abstract richer networking functions. We believe that this approach will allow network administrators to easily express modular and reusable network control policies independently of the underlying infrastructure.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115442424","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014191
M. Toeroe, Neha Pawar, F. Khendek
Elasticity and availability are two features associated with the cloud. Existing solutions focus on providing both at the level of the virtual infrastructure through virtual machines (VMs), their restart, addition, and removal as needed. These assume a specific application design paradigm, which equates the application and its workload to the VM. High-availability applications are typically composed of redundant components that recover from failures through state-full failover orchestrated by a middleware (MW). For such applications handling elasticity purely through addition and removal of VMs is not sufficient, the application level also needs to be considered. This requires solutions that coordinate the availability and elasticity management at the application level. In this paper we propose a solution in the context of the Service Availability Forum (SAF) defined MW. It manages the application level elasticity through the manipulation of the application configuration used by the MW to ensure service availability. This in turn triggers the MW to change the workload distribution in the system.
{"title":"Managing application level elasticity and availability","authors":"M. Toeroe, Neha Pawar, F. Khendek","doi":"10.1109/CNSM.2014.7014191","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014191","url":null,"abstract":"Elasticity and availability are two features associated with the cloud. Existing solutions focus on providing both at the level of the virtual infrastructure through virtual machines (VMs), their restart, addition, and removal as needed. These assume a specific application design paradigm, which equates the application and its workload to the VM. High-availability applications are typically composed of redundant components that recover from failures through state-full failover orchestrated by a middleware (MW). For such applications handling elasticity purely through addition and removal of VMs is not sufficient, the application level also needs to be considered. This requires solutions that coordinate the availability and elasticity management at the application level. In this paper we propose a solution in the context of the Service Availability Forum (SAF) defined MW. It manages the application level elasticity through the manipulation of the application configuration used by the MW to ensure service availability. This in turn triggers the MW to change the workload distribution in the system.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"574 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122932094","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014179
Mario Golling, Robert Koch, Peter Hillmann, Rick Hofstede, F. Tietze
Specifically designed to exchange configuration information from a management platform to network components, the XML-based NETCONF protocol has become widely used. In combination with NETCONF, YANG is the corresponding protocol that defines the associated data structures, supporting virtually all network configuration protocols. YANG itself is a semantically rich language, which - in order to facilitate familiarization with the relevant subject - is often visualized using UML to involve other experts or developers and to support them by their daily work (writing applications which make use of YANG/NETCONF). To support this process, this paper presents an novel approach to optimize and simplify YANG data models, as current solutions tend to produce very complex UML diagrams. Therefore, we have (i) defined a bidirectional mapping of YANG to UML, (ii) developed a strategy to reduce the numbers of objects, and (iii) created a tool that renders the created UML diagrams, closing the gap between technically improved data models and their human readability.
{"title":"YANG2UML: Bijective transformation and simplification of YANG to UML","authors":"Mario Golling, Robert Koch, Peter Hillmann, Rick Hofstede, F. Tietze","doi":"10.1109/CNSM.2014.7014179","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014179","url":null,"abstract":"Specifically designed to exchange configuration information from a management platform to network components, the XML-based NETCONF protocol has become widely used. In combination with NETCONF, YANG is the corresponding protocol that defines the associated data structures, supporting virtually all network configuration protocols. YANG itself is a semantically rich language, which - in order to facilitate familiarization with the relevant subject - is often visualized using UML to involve other experts or developers and to support them by their daily work (writing applications which make use of YANG/NETCONF). To support this process, this paper presents an novel approach to optimize and simplify YANG data models, as current solutions tend to produce very complex UML diagrams. Therefore, we have (i) defined a bidirectional mapping of YANG to UML, (ii) developed a strategy to reduce the numbers of objects, and (iii) created a tool that renders the created UML diagrams, closing the gap between technically improved data models and their human readability.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129765559","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014150
Yasuhiko Kanemasa, Atsushi Kubota, Hirokazu Iwakura, J. Higuchi, Y. Nomura, Toshinori Arai, Susumu Nakadate, H. Kanou
One of the significant challenges on performance monitoring of an n-tier system is the “response delay propagation”, in which a response delay in a component server is propagated to other component servers due to the invoking relations among request types in different component servers of the system. It leads the operations manager of the system to misdiagnose the location of source delays and results in wasting time to investigate the root cause. We developed a response delay monitoring system that helps the operations managers distinguish the source delays from many other propagated delays. The system is able to build a model of invoking relations among request types in different component servers and use the model to diagnose the response delay propagation and pin-point the location of source response delays. To obtain such invoking relations among request-types from black-box component servers in an n-tier system, we propose a novel invoking relation estimation method which can achieve high accuracy of true invoking relation among request types by eliminating the negative influence of two spurious correlation factors through partial correlation analysis. We implemented the response delay monitoring system and evaluated the effectiveness of our invoking relation estimation method on a real in-company n-tier system which has thousands of request-types in each tier. The result (over 90% in precision) confirms our estimation method can effectively capture invoking relations in an n-tier system.
{"title":"Identifying propagated response delays in performance monitoring of n-tier applications","authors":"Yasuhiko Kanemasa, Atsushi Kubota, Hirokazu Iwakura, J. Higuchi, Y. Nomura, Toshinori Arai, Susumu Nakadate, H. Kanou","doi":"10.1109/CNSM.2014.7014150","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014150","url":null,"abstract":"One of the significant challenges on performance monitoring of an n-tier system is the “response delay propagation”, in which a response delay in a component server is propagated to other component servers due to the invoking relations among request types in different component servers of the system. It leads the operations manager of the system to misdiagnose the location of source delays and results in wasting time to investigate the root cause. We developed a response delay monitoring system that helps the operations managers distinguish the source delays from many other propagated delays. The system is able to build a model of invoking relations among request types in different component servers and use the model to diagnose the response delay propagation and pin-point the location of source response delays. To obtain such invoking relations among request-types from black-box component servers in an n-tier system, we propose a novel invoking relation estimation method which can achieve high accuracy of true invoking relation among request types by eliminating the negative influence of two spurious correlation factors through partial correlation analysis. We implemented the response delay monitoring system and evaluated the effectiveness of our invoking relation estimation method on a real in-company n-tier system which has thousands of request-types in each tier. The result (over 90% in precision) confirms our estimation method can effectively capture invoking relations in an n-tier system.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122278723","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014143
Dapeng Liu, Dan Pei, Youjian Zhao
A tenant hosted by a cloud platform typically runs a lot of applications, each of which not only has its own service capacity but also differs in revenue or business importance. Thus we argue that it is crucial for a cloud platform to provide fine-grained and application-aware performance monitoring for each tenant, rather than current monitors that can only handle overall metrics. In this paper, we propose CloudWatch+, a tool that focuses on detecting the latency of web-based applications. A cloud platform equipping with CloudWatch+ can automatically learn and distinguish web-based applications it is hosting, and detect latency anomalies for each application based on its own status. Our evaluation using the real data from a cloud platform with over 200 tenants demonstrates that the detection results of CloudWatch+ are more detailed than those of Amazon CloudWatch, which misses most alarms while some tenants' specific applications experience bad performance. Meanwhile, CloudWatch+ is also realtime and light-weight.
{"title":"Application-aware latency monitoring for cloud tenants via CloudWatch+","authors":"Dapeng Liu, Dan Pei, Youjian Zhao","doi":"10.1109/CNSM.2014.7014143","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014143","url":null,"abstract":"A tenant hosted by a cloud platform typically runs a lot of applications, each of which not only has its own service capacity but also differs in revenue or business importance. Thus we argue that it is crucial for a cloud platform to provide fine-grained and application-aware performance monitoring for each tenant, rather than current monitors that can only handle overall metrics. In this paper, we propose CloudWatch+, a tool that focuses on detecting the latency of web-based applications. A cloud platform equipping with CloudWatch+ can automatically learn and distinguish web-based applications it is hosting, and detect latency anomalies for each application based on its own status. Our evaluation using the real data from a cloud platform with over 200 tenants demonstrates that the detection results of CloudWatch+ are more detailed than those of Amazon CloudWatch, which misses most alarms while some tenants' specific applications experience bad performance. Meanwhile, CloudWatch+ is also realtime and light-weight.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"140 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133711469","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-01DOI: 10.1109/CNSM.2014.7014171
Pieter-Jan Maenhaut, Hendrik Moens, Veerle Ongenae, F. Turck
The rise of cloud computing and its elastic, on-demand resource provisioning introduces the need for a flexible and scalable multi-tenant architecture. In a multi-tenant application every tenant (client) makes use of shared application instances, but each tenant typically has its own user data. The shared application instance behaves like a private instance by guaranteeing both data separation and performance separation for every tenant. As the number of tenants increases, the amount of data grows. A scalable solution for the storage is needed, allowing tenant data to be divided over multiple database instances, but taking into account performance isolation and custom data assurance policies. In this paper we introduce an abstraction layer for achieving high scalability for the storage of tenant data. This layer uses data allocation algorithms to determine an acceptable allocation of tenant data to different databases. We describe a mathematical model for the allocation of tenant data which can be optimized using existing linear programming techniques, and introduce the BDAA-n and FDAA, two algorithms that will find an optimal allocation of data by iterating over the possible permutations. The proposed solutions are evaluated based on their flexibility, complexity and efficiency. The flexibility of the BDAA and FDAA makes them easy to customize and extend to fit most scenarios, but the algorithms will achieve best results for tenants with a limited number of subtenants. Linear programming is an alternative for tenants with a higher number of subtenants, but the customizability of the algorithm for specific use cases is limited due to the need for linear functions.
{"title":"Scalable user data management in multi-tenant cloud environments","authors":"Pieter-Jan Maenhaut, Hendrik Moens, Veerle Ongenae, F. Turck","doi":"10.1109/CNSM.2014.7014171","DOIUrl":"https://doi.org/10.1109/CNSM.2014.7014171","url":null,"abstract":"The rise of cloud computing and its elastic, on-demand resource provisioning introduces the need for a flexible and scalable multi-tenant architecture. In a multi-tenant application every tenant (client) makes use of shared application instances, but each tenant typically has its own user data. The shared application instance behaves like a private instance by guaranteeing both data separation and performance separation for every tenant. As the number of tenants increases, the amount of data grows. A scalable solution for the storage is needed, allowing tenant data to be divided over multiple database instances, but taking into account performance isolation and custom data assurance policies. In this paper we introduce an abstraction layer for achieving high scalability for the storage of tenant data. This layer uses data allocation algorithms to determine an acceptable allocation of tenant data to different databases. We describe a mathematical model for the allocation of tenant data which can be optimized using existing linear programming techniques, and introduce the BDAA-n and FDAA, two algorithms that will find an optimal allocation of data by iterating over the possible permutations. The proposed solutions are evaluated based on their flexibility, complexity and efficiency. The flexibility of the BDAA and FDAA makes them easy to customize and extend to fit most scenarios, but the algorithms will achieve best results for tenants with a limited number of subtenants. Linear programming is an alternative for tenants with a higher number of subtenants, but the customizability of the algorithm for specific use cases is limited due to the need for linear functions.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124298483","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: