Keynote Lectures

Clouds for Real-Time Applications Scheduling Issues
Eleni Karatza, Aristotle University of Thessaloniki, Greece, Greece

Putting the "Account'' into Cloud Accountability
Martin Gilje Gilje Jaatun, Software Engineering, Safety and Security, SINTEF Digital, Trondheim, Norway, Norway

Building Trust in the Cloud, Ensuring we Don't Need to Trust our Provider so Completely!
David Wallom, University of Oxford, United Kingdom, United Kingdom

Clouds for Real-Time Applications Scheduling Issues

Eleni Karatza
Aristotle University of Thessaloniki, Greece

Brief Bio
Helen Karatza is a Professor Emeritus in the Department of Informatics at the Aristotle University of Thessaloniki, Greece, where she teaches courses in the postgraduate and undergraduate level, and supervises doctoral and postdoctoral research. Dr. Karatza's research interests include Computer Systems Modeling and Simulation, Performance Evaluation, Grid and Cloud Computing, Energy Efficiency in Large Scale Distributed Systems, Resource Allocation and Scheduling and Real-time Distributed Systems. Dr. Karatza has authored or co-authored over 215 technical papers and book chapters including five papers that earned best paper awards at international conferences. She is senior member of IEEE, ACM and SCS, and she served as an elected member of the Board of Directors at Large of the Society for Modeling and Simulation International. She served as Chair and Keynote Speaker in International Conferences. Dr. Karatza is the Editor-in-Chief of the Elsevier Journal “Simulation Modeling Practice and Theory” and Senior Associate Editor of the “Journal of Systems and Software” of Elsevier. She was Editor-in-Chief of “Simulation Transactions of The Society for Modeling and Simulation International” and Associate Editor of “ACM Transactions on Modeling and Computer Simulation”. She served as Guest Editor of Special Issues in International Journals. More info about her activities/publications can be found in http://agent.csd.auth.gr/~karatza/

Abstract
For several years now there has been significant research in cloud computing. However, there still exist many open challenges due to the heterogeneity of cloud resources and the characteristics of the applications processed on such infrastructures. One of the most important aspects in cloud computing is the effective scheduling of real-time complex parallel jobs, allowing for guarantees that the deadlines will be met. Recently workloads are getting computationally demanding and complex. This is a result of the increase of big data. Clouds are suitable computing infrastructures to run data-intensive applications. These applications need to exploit data locality. Consequently, data-aware scheduling policies should be employed, in order to effectively exploit data locality, while at the same time take into account the other attributes of the workload and the characteristics of cloud resources. Fault tolerance is an important issue in cloud computing. Particularly real-time clouds need to cope with failures during the execution of an application. Imprecise computations combined with checkpointing can provide fault-tolerance in cloud computing. Parallel jobs running in the cloud might be bag-of-tasks jobs (consisting of independent tasks), gangs (finegrained parallel jobs), DAGs or workflows (jobs consisting of tasks with precedence constrains). Based on jobs attributes, different scheduling policies are required in order to guarantee timeliness and to minimize the execution time of each complex application and thus the cost charged to the user. Energy efficiency in cloud systems is a very important issue as it reduces energy consumption and consequently operational costs. It is obvious though that energy conservation should be considered along with QoS guarantees. Complex parallel real-time applications have deadlines and may have several restrictions. Furthermore, recently there is a great interest on the reduction of the carbon footprint of the computational resources, therefore energy efficient scheduling strategies are required. Techniques have been proposed with the goal to provide energy efficiency and timeliness, by trading off result precision, but at the same time maintaining the average result precision of applications at a satisfactory level. Furthermore, due to the growth of IoT, a new paradigm has appeared: fog computing. The fog extends the cloud to the network edge. Significant research exists already in the fog computing area. There are approaches where the main processing of IoT applications is performed in the fog layer, as well as others which attempt to schedule computationally demanding tasks with low communication requirements in the cloud and communication intensive tasks with low computational demands in the fog. In conclusion, the cloud computing paradigm promises timeliness, scalability, reliability and cost-effective real-time applications processing. It provides opportunities for scientists, organizations and enterprises. Simulation modeling is a cost-effective means to examine the costs and risks involved with processing complex real-time applications in the cloud.

Putting the "Account'' into Cloud Accountability

Martin Gilje Gilje Jaatun
Software Engineering, Safety and Security, SINTEF Digital, Trondheim, Norway
http://infosec.sintef.no

Brief Bio
Martin Gilje Jaatun is a Senior Scientist at SINTEF Digital in Trondheim, Norway. He graduated from the Norwegian Institute of Technology (NTH) in 1992, and received the Dr.Philos degree in critical information infrastructure security from the University of Stavanger in 2015. He is an adjunct professor at the University of Stavanger, and was Editor-in-Chief of the International Journal of Secure Software Engineering (IJSSE). Previous positions include scientist at the Norwegian Defence Research Establishment (FFI), and Senior Lecturer in information security at the Bodø Graduate School of Business. His research interests include software security, security in cloud computing, and security of critical information infrastructures. He is vice chairman of the Cloud Computing Association (cloudcom.org), vice chair of the IEEE Technical Committee on Cloud Computing (TCCLD), an IEEE Cybersecurity Ambassador, and a Senior Member of the IEEE. Most of my published papers are available here: http://jaatun.no/papers

Abstract
Security concerns are often cited as the most prominent reason for not using cloud computing, but customers of cloud users, especially end-users, frequently do not understand the need to control access to personal information. On the other hand, some users might understand the risk, and yet have inadequate means to address it. In order to make the Cloud a viable alternative for all, accountability of the service providers is key, and with the advent of the EU General Data Protection Regulation (GDPR), ignoring accountability is something providers in the EU market will do at their peril. To be able to hold cloud service providers accountable for how they manage personal, sensitive and confidential information, there is a need for mechanisms that can mitigate risk, identify emerging risks, monitor policy violations, manage any incidents, and provide redress. We believe that being able to offer accountability as part of the service provision will represent a competitive edge for service providers catering to discerning cloud customers, also outside the GDPR sphere of influence. This paper will outline the fundamentals of accountability, and provide more details on what the actual "account'' is all about.

Building Trust in the Cloud, Ensuring we Don't Need to Trust our Provider so Completely!

David Wallom
University of Oxford, United Kingdom

Brief Bio
Prof David Wallom is Associate Professor and Associate Director – Innovation of the Oxford e-Research Centre, where he leads two seperate research groups Energy and Environmental ICT and Advanced e-infrastructure & Cloud Computing. He has led over 50 research projects in areas such as Cloud utilisation, Smart Energy Grids, Research data management, Green IT, ICT security and institutional repositories. He is a member of the GCHQ recognized Academic Centre of Excellence in Cyber Security and the UK Space Agency Ground segment Advisory Group. He is the academic Board Member of the HEFCE Institute for Environmental Analytics, Chair of the Scientific Advisory Board for the Norweigan Information for Action e-Science Centre and a member of the SAB for the NEGI Tools for Investigating Climate Change at High Northern Latitudes (eSTICC) & Ensemble-based Methods for Environmental Monitoring and Prediction (EmblA) centres. He is also Co-Editor in Chief of the Elsevier journal SoftwareX.

Abstract
With the increasing move to a model of IT provision being done through the cloud it is important that we fully understand not only the benefits of this migration but also the potential pitfalls or drawbacks. AS such a key blocker that is often talked about is that of security, both in terms of actual physical security of infrastructure as being able to defend against other external actors trying to gain access but also how any cloud system is also able to protect its consumers from internal threats, i.e. the malicious insider. Through developments building on a small trial project and then a further larger project in partnership with a commercial public cloud provider we have integrated IaaS cloud computing with Trusted computing technologies to enable attestation of state for the virtual machine, hypervisor and data storage systems which allow us to build a chain of trust for running cloud instances that can be used to counter insider threat problems with current cloud technologies. This integration is unique and allows cloud consumers to build trust in the provider through actual measurements of cloud state and can be used to create applications and data storage tools which require instantiation on particular trusted platforms.