Dissertations and theses : Doctoral thesis
Engineering, computing & technology : Computer science
El Kateb, Donia mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
University of Luxembourg, ​Luxembourg, ​​Luxembourg
Le Traon, Yves mailto
Bouvry, Pascal mailto
Baudry, benoit mailto
Bertolino, Antonia mailto
Mouelhi, Tejeddine mailto
Fouquet, François mailto
[en] XACML-policy based systems ; Cloud Computing ; Trade-offs ; Multi-Objective Optimization
[en] Beyond its functional requirements, architectural design, the quality of a software system
is also defined by the degree to which it meets its non-functional requirements. The
complexity of managing these non-functional requirements is exacerbated by the fact that
they are potentially conflicting with one another. For cloud-based software, i.e., software whose
service is delivered through a cloud infrastructure, other constraints related to the features of the
hosting data center, such as cost, security and performance, have to be considered by system and
software designers. For instance, the evaluation of requests to access sensitive resources results in
performance overhead introduced by policy rules evaluation and message exchange between the
different geographically distributed components of the authorization system. Duplicating policy
rule evaluation engines traditionally solves such performance issues, however such a decision has
an impact on security since it introduces additional potential private data leakage points. Taking
into account all the aforementioned features is a key factor to enhance the perceived quality of
service (QoS) of the cloud as a whole. Maximizing users and software developers satisfaction with
cloud-based software is a challenging task since trade-off decisions have to be dynamically taken
between these conflicting quality attributes to adapt to system requirements evolution.
In this thesis, we tackle the challenges of building a decision support method to optimize
software deployment in a cloud environment. Our proposed holistic method operates both at the
level of 1) Platform as a service (PaaS) by handling software components deployment to achieve
an efficient runtime optimization to satisfy cloud providers and customers objectives 2) Guest
applications by making inroads into the design of applications to enable the design of secure
systems that also meet flexibility, performance and cost requirements. To thoroughly investigate
these challenges, we identify three main objectives that we address as follows:
The first objective is to achieve a runtime optimization of cloud-based software deployment
at the Platform as a service (PaaS) layer, by considering both cloud customers and providers
constraints. To fulfill this objective, we leverage the models@run.time paradigm to build an
abstraction layer to model a cloud infrastructure. In a second step, we model the software placement
problem as a multi-objective optimization problem and we use multi-objective evolutionary
algorithms (MOEAs) to identify a set of possible cloud optimal configurations that exhibit best
trade-offs between conflicting objectives. The approach is validated through a case study that
we defined with EBRC1, a cloud provider in Luxembourg, as a representative of a software
component placement problem in heterogeneous distributed cloud nodes.
The second objective is to ameliorate the convergence speed of MOEAs that we have used to
achieve a run-time optimization of cloud-based software. To cope with elasticity requirements
of cloud-based applications, we improve the way the search strategy operates by proposing a
hyper-heuristic that operates on top of MOEAs. Our hyper-heuristic uses the history of mutation
effect on fitness functions to select the most relevant mutation operators. Our evaluation shows that MOEAs in conjunction with our hyper-heuristic has a significant performance improvement
in terms of resolution time over the original MOEAs.
The third objective aims at optimizing cloud-based software trade-offs by exploring applications
design as a complementary step to the optimization at the level of the cloud infrastructure,
tackled in the first and second objectives. We aimed at achieving security trade-offs at the level of
guest applications by revisiting current practices in software methods. We focus on access control
as a main security concern and we opt for guest applications that manage resources regulated by
access control policies specified in XACML2. This focus is mainly motivated by two key factors:
1) Access control is the pillar of computer security as it allows to protect sensitive resources
in a given system from unauthorized accesses 2) XACML is the de facto standard language to
specify access control policies and proposes an access control architectural model that supports
several advanced access requirements such as interoperability and portability. To attain this
objective, we advocate the design of applications based on XACML architectural model to achieve
a trade-off between security and flexibility and we adopt a three-step approach: First, we identify
a lack in the literature in XACML with obligation handling support. Obligations enable to specify
user actions that have to be performed before/during/after the access to resources. We propose an
extension of the XACML reference model and language to use the history of obligations states at
the decision making time. In this step, we extend XACML access control architecture to support
a wider range of usage control scenarios. Second, in order to avoid degrading performance while
using a secure architecture based on XACML, we propose a refactoring technique applied on
access control policies to enhance request evaluation time. Our approach, evaluated on three Java
policy-based systems, enables to substantially reduce request evaluation time. Finally, to achieve
a trade-off between a safe security policy evolution and regression testing costs, we develop a
regression-test-selection approach for selecting test cases that reveal faults caused by policy
To sum up, in all aforementioned objectives, we pursue the goal of analysing and improving
the current landscape in the development of cloud-based software. Our focus on security quality
attributes is driven by its crucial role in widening the adoption of cloud computing. Our approach
brings to light a security-aware design of guest applications that is based on XACML architecture.
We provide useful guidelines, methods with underlying algorithms and tools for developers and
cloud solution designers to enhance tomorrow’s cloud-based software design.
Keywords: XACML-policy based systems, Cloud Computing, Trade-offs, Multi-Objective
SnT - Interdisciplinary Centre for Security, Reliability and Trust
University of Luxembourg - UL
Researchers ; Professionals ; Students ; General public

File(s) associated to this reference

Fulltext file(s):

Open access
Donia El Kateb-PhD-2015.pdfPublisher postprint5.7 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.