An API-first methodology for designing a microservice-based Backend as a Service platform

Over the last several years, cloud computing has imposed as a major paradigm in software development by providing computer resources over the Internet. Among various cloud service models, Backend as a Service (BaaS) stands out as a model that targets the specific needs of web and mobile developers. By providing the backend for applications, it facilitates and expedites the software development process. In order to prevent major problems with the use of third-party BaaS providers, this paper advocates building your own BaaS platform, as well as several works ahead of it. However, the development of a BaaS platform carries various challenges regarding architecture and design. This paper strives to define the core service offerings of a BaaS platform and propose a method for providing an architectural design of a BaaS platform based on a microservice architecture. Microservice architecture is the preferred architectural style for cloud solutions since it promotes loose coupling, ease of scaling and integration with third-party services, which are fundamental stipulations of BaaS platforms. The methodology adopted in designing a microservice-based BaaS platform was formed in accordance with an Application Programming Interface (API)-first approach, which strives to design a suitable, representative API of the platform. To the best of authors’ knowledge, this paper proposes the lowest-level design of a BaaS platform so far, describing the entity relations, integration patterns, and communication styles. Ultimately, the proposed design was implemented and tested for its functional requirements. In that regard, specific test cases that mirror the actual workflow of the BaaS platform were constructed.

Download Full-text

EVALUATION OF CAPTURING ARCHITECTURALLY SIGNIFICANT REQUIREMENTS

Asian Journal of Pharmaceutical and Clinical Research ◽

10.22159/ajpcr.2017.v10s1.19589 ◽

2017 ◽

Vol 10 (13) ◽

pp. 122

Author(s):

B Sathis Kumar

Keyword(s):

Software Development ◽

Architectural Design ◽

Quality Attributes ◽

Clear Understanding ◽

Design Decision ◽

Functional Requirements ◽

Requirement Elicitation ◽

Development Organization ◽

Prime Design ◽

Reliability Performance

Every software development organization strives for customer satisfaction. It is universally accepted that the success of software development lies in the clear understanding of the client requirements. During requirement elicitation and analysis stage, the system analyst identifies the functional and non-functional requirements from the customer. Security, usability, reliability, performance, scalability and supportability are the significant quality attributes of a software system. These quality attributes are also referred as non-functional requirements. Only a few functional and quality attributes requirement help to identify and shape the software architecture. A software system’s architecture is the set of prime design decisions made about the system. If the requirement influences the architectural design decision then, it is referred as Architecturally Significant Requirement (ASR). Identifying and specifying all the possible ASR are important tasks in the requirement elicitation and analysis stage.In this research, general problems that are faced while capturing and specifying ASR in requirement elicitation and analysis is studied. Among the different requirement elicitation techniques, use case diagram has been identified and enhanced to solve the problem of capturing and specifying ASR during the requirement elicitation and analysis phase

Download Full-text

Federated Cloud Storage Management Through Provable Data Possession using Dynamic Audit Protocol

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1122.0782s319 ◽

2019 ◽

Vol 8 (2S3) ◽

pp. 662-665

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Service Providers ◽

Cloud Service ◽

Application Programming Interface ◽

Third Party ◽

Web Browser ◽

Free Data ◽

Cloud Service Providers ◽

Storage Area

Cloud computing is a technology for sharing the resources for on demand request and for processing the data. It facilitates cloud storage for adopting cloud users with the help of cloud service providers. It enhances need of enterprises by adhering large volume of data to store and owned privately through third party auditors via data centres. The proposed system analyse cloud storage and provide free data storage for computing the data and maintain variety of cloud storage in one place. This scenario promotes storage of files in one system, so the user doesn’t require various accounts like GoogleDrive, Microsoft Onedrive and Dropbox. This application enhances multiple cloud storage for accessing all files in one particular storage area. The proposed system eradicates visiting of multiple sites for downloading the apps and reduces installing of multiple apps for downloading all the files. The work mainly focuses on the SaaS that permits users to upload data and share the resources from the cloud to post in the Web browser. Our work designed for creating single level of Application programming interface which is for all the cloud service providers. This adopts external applications that leverage the service of platform which is easier to build scalable, and automated cloud based applications. The final API promotes multiple cloud storage in one place and leads to provision Federated Cloud

Download Full-text

Classification and Evaluation Criteria for the Selection of Cloud Service Providers with QoS based on SLA

International Journal of Emerging Research in Management and Technology ◽

10.23956/ijermt.v6i7.183 ◽

2018 ◽

Vol 6 (7) ◽

pp. 51

Author(s):

Sarvjit Singh Bhatia ◽

Anurag Rai ◽

Harsimran Kaur

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Evaluation Criteria ◽

Cloud Service ◽

Point Of View ◽

Cloud Services ◽

Third Party ◽

Functional Requirements ◽

It Industry

Cloud computing is revolutionizing the IT industry by enabling them to offer access to the infrastructure and application services on a third party basis. Due to the vast diversity in the available Cloud services, from the customer’s point of view, it has become difficult to decide whose services they should use and what are the criteria for the selection? There are two types of QoS requirements which a user can have: functional and non-functional. Some of them cannot be measured easily given the nature of the Cloud. Attributes like security and user experience are not easy to quantify. Moreover, deciding which service matches best with all functional and non functional requirements is a decision problem. The Fundamental issue to handle such a problem is Quality of Service (QoS) parameters. Many SLA languages and frameworks have been developed as solutions; however, there is no overall classification and the criteria for these extensive works. Therefore, the aim of this research is to present a comprehensive study that how SLAs are created, managed by fulfilling the QoS in cloud computing environment.

Download Full-text

A Group Collaboratable Proof of Retrievability Scheme for Cloud Data Storage

INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY ◽

10.24297/ijct.v13i7.2501 ◽

2014 ◽

Vol 13 (7) ◽

pp. 4625-4632

Author(s):

Jyh-Shyan Lin ◽

Kuo-Hsiung Liao ◽

Chao-Hsing Hsu

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Cloud Service ◽

Third Party ◽

Group Collaboration ◽

Cloud Data ◽

Cloud Data Storage ◽

Important Trend ◽

Data Update ◽

Proof Of Retrievability

Cloud computing and cloud data storage have become important applications on the Internet. An important trend in cloud computing and cloud data storage is group collaboration since it is a great inducement for an entity to use a cloud service, especially for an international enterprise. In this paper we propose a cloud data storage scheme with some protocols to support group collaboration. A group of users can operate on a set of data collaboratively with dynamic data update supported. Every member of the group can access, update and verify the data independently. The verification can also be authorized to a third-party auditor for convenience.

Download Full-text

Sistem Pengawasan Aktifitas Penggunaan Smartphone Android

Jurnal ULTIMA InfoSys ◽

10.31937/si.v9i1.839 ◽

2018 ◽

Vol 9 (1) ◽

pp. 24-31

Author(s):

Rudianto Rudianto ◽

Eko Budi Setiawan

Keyword(s):

Application Programming Interface ◽

Third Party ◽

Image Content ◽

Image File ◽

Application Programming ◽

Index Terms ◽

Programming Interface

Availability the Application Programming Interface (API) for third-party applications on Android devices provides an opportunity to monitor Android devices with each other. This is used to create an application that can facilitate parents in child supervision through Android devices owned. In this study, some features added to the classification of image content on Android devices related to negative content. In this case, researchers using Clarifai API. The result of this research is to produce a system which has feature, give a report of image file contained in target smartphone and can do deletion on the image file, receive browser history report and can directly visit in the application, receive a report of child location and can be directly contacted via this application. This application works well on the Android Lollipop (API Level 22). Index Terms— Application Programming Interface(API), Monitoring, Negative Content, Children, Parent.

Download Full-text

A Practical Conflicting Role-based Cloud Security Risk Evaluation Method

Recent Advances in Computer Science and Communications ◽

10.2174/2666255813666191204145140 ◽

2019 ◽

Vol 13 ◽

Author(s):

Jin Han ◽

Jing Zhan ◽

Xiaoqing Xia ◽

Xue Fan

Keyword(s):

Risk Evaluation ◽

Evaluation Method ◽

Service Providers ◽

Risk Preferences ◽

Cloud Service ◽

Cloud Security ◽

Third Party ◽

Security Evaluation ◽

Security Risk ◽

Cloud Users

Background: Currently, Cloud Service Provider (CSP) or third party usually proposes principles and methods for cloud security risk evaluation, while cloud users have no choice but accept them. However, since cloud users and cloud service providers have conflicts of interests, cloud users may not trust the results of security evaluation performed by the CSP. Also, different cloud users may have different security risk preferences, which makes it difficult for third party to consider all users' needs during evaluation. In addition, current security evaluation indexes for cloud are too impractical to test (e.g., indexes like interoperability, transparency, portability are not easy to be evaluated). Methods: To solve the above problems, this paper proposes a practical cloud security risk evaluation method of decision-making based on conflicting roles by using the Analytic Hierarchy Process (AHP) with Aggregation of Individual priorities (AIP). Results: Not only can our method bring forward a new index system based on risk source for cloud security and corresponding practical testing methods, but also can obtain the evaluation result with the risk preferences of conflicting roles, namely CSP and cloud users, which can lay a foundation for improving mutual trusts between the CSP and cloud users. The experiments show that the method can effectively assess the security risk of cloud platforms and in the case where the number of clouds increased by 100% and 200%, the evaluation time using our methodology increased by only by 12% and 30%. Conclusion: Our method can achieve consistent decision based on conflicting roles, high scalability and practicability for cloud security risk evaluation.

Download Full-text

A Qualitative Study on Non-functional Requirements in Agile Software Development

IEEE Access ◽

10.1109/access.2021.3064424 ◽

2021 ◽

pp. 1-1

Author(s):

Aleksander Jarzebowicz ◽

Pawel Weichbroth

Keyword(s):

Qualitative Study ◽

Software Development ◽

Agile Software Development ◽

Functional Requirements ◽

Agile Software

Download Full-text

A Design of an Integrated Cloud-based Intrusion Detection System with Third Party Cloud Service

Open Computer Science ◽

10.1515/comp-2020-0214 ◽

2021 ◽

Vol 11 (1) ◽

pp. 365-379

Author(s):

Wisam Elmasry ◽

Akhan Akbulut ◽

Abdul Halim Zaim

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Cloud Service ◽

Third Party ◽

Traffic Flows ◽

Cloud Environment ◽

System Service ◽

Reporting Service ◽

Bagging Ensemble

Abstract Although cloud computing is considered the most widespread technology nowadays, it still suffers from many challenges, especially related to its security. Due to the open and distributed nature of the cloud environment, this makes the cloud itself vulnerable to various attacks. In this paper, the design of a novel integrated Cloud-based Intrusion Detection System (CIDS) is proposed to immunise the cloud against any possible attacks. The proposed CIDS consists of five main modules to do the following actions: monitoring the network, capturing the traffic flows, extracting features, analyzing the flows, detecting intrusions, taking a reaction, and logging all activities. Furthermore an enhanced bagging ensemble system of three deep learning models is utilized to predict intrusions effectively. Moreover, a third-party Cloud-based Intrusion Detection System Service (CIDSS) is also exploited to control the proposed CIDS and provide the reporting service. Finally, it has been shown that the proposed approach overcomes all problems associated with attacks on the cloud raised in the literature.

Download Full-text

TWO-STAGE THIRD-PARTY REVIEW PROPOSAL USING THE ENTERPRISE ARCHITECTURE IN SOFTWARE DEVELOPMENT

Procedia Computer Science ◽

10.1016/j.procs.2018.08.059 ◽

2018 ◽

Vol 126 ◽

pp. 1187-1196 ◽

Cited By ~ 1

Author(s):

Haruhiro Tsuchiya ◽

Shuichiro Yamamoto ◽

Yuko Murakami ◽

Tomoyuki Yanagisawa ◽

Naoko Kobayashi ◽

...

Keyword(s):

Software Development ◽

Enterprise Architecture ◽

Third Party ◽

Two Stage

Download Full-text

Comparable Encryption Scheme over Encrypted Cloud Data in Internet of Everything

Security and Communication Networks ◽

10.1155/2017/6430850 ◽

2017 ◽

Vol 2017 ◽

pp. 1-11

Author(s):

Qian Meng ◽

Jianfeng Ma ◽

Kefei Chen ◽

Yinbin Miao ◽

Tengfei Yang

Keyword(s):

Model Performance ◽

Data Integrity ◽

Cloud Service ◽

Third Party ◽

Encryption Scheme ◽

Cloud Data ◽

Practical Applications ◽

Internet Of Everything ◽

Window Method ◽

Comparable Encryption

User authentication has been widely deployed to prevent unauthorized access in the new era of Internet of Everything (IOE). When user passes the legal authentication, he/she can do series of operations in database. We mainly concern issues of data security and comparable queries over ciphertexts in IOE. In traditional database, a Short Comparable Encryption (SCE) scheme has been widely used by authorized users to conduct comparable queries over ciphertexts, but existing SCE schemes still incur high storage and computational overhead as well as economic burden. In this paper, we first propose a basic Short Comparable Encryption scheme based on sliding window method (SCESW), which can significantly reduce computational and storage burden as well as enhance work efficiency. Unfortunately, as the cloud service provider is a semitrusted third party, public auditing mechanism needs to be furnished to protect data integrity. To further protect data integrity and reduce management overhead, we present an enhanced SCESW scheme based on position-aware Merkle tree, namely, PT-SCESW. Security analysis proves that PT-SCESW and SCESW schemes can guarantee completeness and weak indistinguishability in standard model. Performance evaluation indicates that PT-SCESW scheme is efficient and feasible in practical applications, especially for smarter and smaller computing devices in IOE.

Download Full-text