Evaluation of a Secure Agent Based Framework for Optimized ... · Cloud computing (CC) has gain...

188

International Journal of Computing Academic Research (IJCAR) ISSN 2305-9184 Volume 4, Number 4 (August 2015), pp.188-198 © MEACSE Publications http://www.meacse.org/ijcar

Evaluation of a Secure Agent Based Framework for Optimized Resource Scheduling in

Cloud Computing

Aarti Singh and Manisha Malhotra Maharishi Markandeshwar University, Mullana, Haryana, India

Abstract.

This work presents secure agent based framework for optimized resource scheduling in CC (SAFORS). It is an

extension of authors earlier work in which different frameworks has been proposed. This work explores the

real world applicability by integrating all proposed framework. SAFORS has been implemented and it is

evaluated based on metrics important for cloud environment. Results obtained are promising.

Keywords: Cloud computing, Evaluation, Intelligent Agents, Multi Agent System, Optimization, Resource Scheduling.

Introduction

Cloud computing (CC) has gain widespread popularity because of economic and operational benefits offered to

IT based organizations or setups. CC offers on demands self- service, ubiquitous network access, location

independent resources, pooling, rapid elasticity and measured services [11]. All these features make CC

appealing and are attracting individuals and organizations to shift towards it. However, despite all the hypes

about CC, well established large organizations are reluctant to shift to this new computing model, as it seems to

end users like a black box. Users are receiving desired services and paying for the same, but they don’t have any

control over security and accessibility of their data. This is one of the major concern of users about CC.

Additionally, multi tenancy, resource sharing, load balancing and trust management are some other challenges

[12] still prevailing in this domain. This work is an extension of authors earlier work, in which individual agent

based frameworks for cost optimization of resource provisioning in CC, load balancing algorithm and two tier

hybrid security framework has been proposed. This work presents secure agent based framework for optimized

resource scheduling in CC (SAFORS), which integrates all earlier proposed frameworks. This mechanism

provides layers for optimized resource scheduling, load balancing and security of data in cloud environment.

Evaluating this framework on available metrics to check its applicability for cloud environment is the

motivation of this paper.

The structure of paper is as follows: Next section presents working of proposed integrated SAFORS framework.

Section 3 presents relevant literature and explores parameters suitable for evaluation of this mechanism. Results

and implementations will be discussed in section 4 and finally section 5 concludes the whole work and further

outlines the future scope in this field.

Secure Agent Based Framework for Optimized Resource Scheduling in CC (SAFORS)

SAFORS is an integrated framework facilitating optimal resource allocation, load balancing and secure

communication in cloud environment. It comprises of two layers namely resource allocation layer and security

International Journal of Computing Academic Research (IJCAR), Volume 4, Number 4, August 2015

189

layer. Resource allocation layer is responsible for optimal resource allocation with optimized cost. Security

layer is responsible for improved data security in CC. High level view of SAFORS is as given below:

SAFORS comprises of various agents, working in its different modules for providing automated service

composition (ASC) [6], autonomous load balancing (A2LB) [2] and hybrid two tier security (HT2SE) [5].

Agents present in each framework are responsible for a specific function and task. All of these frameworks are

arranged in such a manner so that an agent communicates with other concerned agents only and overall

complexity of mechanism is not increased. The detailed view and two layers of SAFORS are shown in figure 2

given below.

Figure 1. High Level View of SAFORS


190

Description of all agents used in SAFORS is as follows:

Assistant Agent (AA): AA keeps the record of all avaialble VM in local DC [6]. After finding suitable

resources, it forwards the request with approporiate resources to resource manager agent (RMA). In

case of overloaded VM it forward the request to load agent (LA).

Resource Manager Agent (RMA):Resource Manager Agent receives user requests and corresponding

resources recommended by AA. It plays the final and important role in SAFORS by allocating the

suitable resources to every corresponding request [6].

Figure 2. Detailed View of SAFORS


191

Load Agent (LA):The major work of a load agent is to calculate the load on every available virtual

machine after allocation of a new job in the data centre [2].

Channel agent (CHA):On receiving the request from load agent, the channel agent will initiate some

migration agents to other data centers for searching the virtual machines having similar configuration as

in concerned data center. It maintains this information for future usage [2].

Migration Agent (MA):These agents are initiated by channel agent. It will move to other data centers

and communicate with load agent of that data centre to enquire the status of VMs present there, looking

for the desired configuration. On receiving the required information it communicate the same to its

parent channel agent. Afterwards, it will stay at destination location, waiting for self-destroy message

from parent CA channel agent. The status of migration agent may be alive or destroyed based on its

applicability [2].

Crypto Agent: This agent is responsible for encryption and decryption of data at client end. It is

equipped with user’s set of keys. Whenever a user gets registered with a CSP, CA exchanges its ECC

Private Key with ECC public key of cloud service provider agent. When user sends some data to cloud

data center, CA first encrypts it with blowfish algorithm and then with ECC algorithm. In case some

data is received from cloud data base it decrypts it with ECC key of CSP [5].

Cloud Service Provider Agent (CSPA): This agent is responsible for interacting with crypto agent of

user. It receives encrypted data from the user, places it in cloud data base. It also keeps record of user

ECC public key in server key log file. Whenever user requests for its data, it authenticates user, then it

decrypts data to level1 using ECC public key of concerned user and then again encrypts that data using

ECC private key of CSP. Then it sends data to the user. CSPA knows blowfish key of service provider

and uses it for encrypting its Key server log so that even if a hacker hacks this database, it can’t access

user data [5].

The detailed decription of layers and working of SAFORS framework is discussed in next subsection :

Allocation Layer

This layer is responsible for two major tasks:

Optimized Resource Scheduling

Load Balancing

On every incoming requests, whether it is Saas, Iaas or Paas, assistant_agent (AA) gets activated and start

finding all potential and available resources in its database. While searching, there are two options, either the

resources are availbale in its own data center (DC) or they are not. If resources are found by AA even then it is

possible that concerned virtual machine (VM) is underloaded or overloaded. Equation 1 represents the staus of

DC. In case of underloaded VM, its status would be 0 and for overloaded VM it would be 1.

𝐷𝐶𝑣𝑚_𝑠𝑡𝑎𝑡𝑢𝑠 = {0 𝑈𝑛𝑑𝑒𝑟 𝐿𝑜𝑎𝑑𝑒𝑑1 𝑂𝑣𝑒𝑟 𝐿𝑜𝑎𝑑𝑒𝑑

(1)

Case I: DCvm_status= 0

One AA keeps the record of a DC and status of every VM available in it. After finding the suitable VM, AA

forwards the information to resource_manager_agent (RMA) which applies the automated request processing

mechanism for optimizing resource allocation [6]. AA search appropriate instances of VM and forwards the list

of specification to resource_manager_agent (RMA).RMA has an important and final role in the proposed

framework means to allocate the resources recommended by AA against the request forwarded by user. RMA

also update the resource_repository and allocation table after completion of a task.

Case II: DCvm_status= 1


192

In this case VM of a DC are overloaded, then possible solution is to adapt scalability [4]. Load agent is

responsible to ensure its scalability. It works on autonoumous agent based load balancing algorithm(A2LB) [2].

It works proactively for calculating load status of various VMs available in its DC. LA periodically determines

the workload of virtual machines in terms of available memory, available CPU utilization, and expected

response time.Afterwardsit calculates the fitness value of each virtual machine which is directly proportional to

the memory of a machine and is calculated by equation 2, 3 and 4:

(2)

(3)

µ is the percentage of memory used and is the fitness value for a virtual machine.

The percentage of fitness values gives the status of a virtual machine.

(4)

Load agent calculates percentage of µ and since these factors affect processing of incoming requests. Based

on value of µ available, fitness value ( ) for each node is generated. As long as of a node is greater than the

threshold value i.e 25%, in this case VM status is normal. As and when fitness value of a VM becomes less than

or equal to threshold value, load balancing needs to be performed. Load agent on observing critical status of a

VM will intimate and send the specification of that VM to the channel agent (CHA). The channel agent will

initiate the migration agents to other data centers for searching the virtual machines having similar

specifications. Migration agents (MA) being ants will travel only one way. On reaching a destination data

centre, MA will first send an acknowledgement message to its parent CHA. Afterwards it will check with load

agent of that data centre for availability of virtual machines having similar configuration as desired. If no such

VM exists at that data centre, migration agent sends a <Not-Applicable> message back to its parent CHA and

waits for <self_destroy> instruction from it. However, if one or more VMs having desired configuration are

found, MA further checks their µ and status and sends this information to CHA.LA forwards the suitable

resources to AA, further AA passes this information of requests and corresponding resources to RMA for

allocation.

Security Layer

Data security is of utmost important in CC. Since all user data is kept on cloud server, it has to be secured at

cloud as well as in the network. Security layer of SAFORS uses hybrid two tier security engine based on

HT2SE [5] mechanism. This mechanism has two layers, first layer makes use of symmetric key algorithm i.e.

Blowfish to encrypt data, this key would only be known to the user.Output of the first layer would be processed

by second layerwhich would again encrypt same data with asymmetric key ECC, for this layer ECC private key

will be with user and corresponding public key will be with CSP.After user registration, whenever data is

received from the cloud user for

available total used

(%) 100available

total

25%

25%

Critical Allocation

Normal Allocation


193

storage on cloud database, crypto agent (CA) gets activated. It first applies Blowfish algorithm for converting

original data into cipher form in level 1 and then it applies ECC private key to encrypt cipher text obtained from

level 1 to encrypt it for the second time. It then sends this double encrypted data for travelling in the network

and further storage in cloud database. When data reaches cloud data center, CSPA gets activated, it fetches user

ECC public key stored in Server key log and decrypts data to level1 and then saves it in cloud data center’s data

base. Whenever data is required by a particular user, CSPA fetches requested data, encrypts it for the second

time using its own ECC private key and sends it on the network. This

way data is always double protected while travelling in the network and both encryption keys can’t be hacked as

they are distributed.

Next section discusses the possible evaluation parameters of SAFORS.

Evaluation Parameters

A critical review of existing literature reveals that there are no well-defined or standard metrics for evaluating

agent based frameworks in cloud computing. Even there is no literature in which authors have evaluated their

work in cloud environment. For illustration, Niloofar et al. [11] explained some parameters which effect

performance of cloud computing environment. According to them, performance is directly proportional to all

factor related to service provider and end users. Finally they highlighted some important factors in two

categories. First category comprises of security, scalability, workload, latency and network bandwidth that

affects the performance and second category comprises of number of data centers, response time of data center,

VM cost and total cost of data center that effect the simulation environment. Repschlaeger et al. [12] indicated

that the required criterion to adopt a cloud solution is scalability, service response time, interoperability,

reliability, cost, throughput, efficiency and availability. Beside these parameters of cloud, some author have

evaluated their agent based work in other fields like fuzzy logic, semantic web etc. Juneja et al. [7] evaluated

their agent based framework in cellular network. They have considered nonfunctional issues like performance,

scalability and security. Singh et al. [1] evaluated their work in semantic web. Their work is based on multi

agent system and proposed multi agent framework for semantic web (MAFSW).Authors evaluated this

mechanism on the basis of performance, scalability, stability, trustworthiness and security. After analyzing

parameters affecting the performance of cloud environment, scalability, response time, security, workload and

VM cost are chosen as suitable parameters for evaluating performance of our proposed system. Brief

description of these parameters is as below:

Scalability: Scalability is the ability of system to accommodate the request either by scaling in or

scaling out services. Scale in and scale out service time will affect the performance of system.

Response Time: It is an important parameter that directly affects the performance of a cloud. A cloud

service provider (CSP) delivering the services in minimum time will be chosen by users.

Security: Security is of utmost importance to cloud users. CSP must ensure stringent security policies at

all levels.

Workload: Workload is defined as the load shared by multiple users on different VMs. Load on various

VMs in a data center has to be balanced for optimal utilization of resources.

VM Cost: This is the cost that user has to pay for accessing services. From user’s point of view, it is

significant parameter. CSP has to ensure that while scaling in or scaling out services, VM cost should

not be affected.

Next section presents the implemetation of SAFORS and discusses the results achieved after implementation.

Implementation and Results


194

After a critical investigation on available evaluation parameters, the proposed integrated framework considered

VM cost, scalability, response time, workload and security parameters for evaluation of proposed mechanism.

VM Cost: The evaluation of virtual machine cost is the simplest and practical way to compare the cloud

service providers. The key concern for cloud service provider is thatuser should not bear expense of

scalability. Scalability is abstracted from user and user is unaware of it. The work described in [6]

proves that cost remains unaffected whether the resources are found in local datacenter or from other

datacenters. If we look towards the response time, it takes almost double time to serve a request in case

scalability is adopted. This is shown in figure 3.

Scalability: Scalability in cloud computing refers to upscale and downscale of the requirement as and

when needed and in case of mobile agents it is directly concerned with the performance by changing

number of agents. Here the point of concern is that effect of adopting scalability on the complexity of

system. Proposed SAFORS mechanism is scalable [4] since it is combination of different agent based

frameworks and agents can replicate themselves at any time to cater increased request. The mechanism

proposed in [2, 6] deliver full scalability without any additional cost as already been discussed in earlier

parameter.

Response Time: A2LB [2] mechanism uniquely contributes towards response time in CC. Because this

mechanism has proactive load calculation of VM in a DC and whenever load of a VM reaches near

threshold value, load agent initiates search for a candidate VM from other DCs. In figure 3, response

time gets doubled in case of different DC but this flaw has been removed in A2LB. It takes

approximately same amount of time whether the resources are found in same DC or other DC due to

overloading of VM as shown in figure 4. However, if we search resources in other DC without applying

A2LB then response time increases to almost double.

Figure 3. Variation of VM Cost & Response Time in Same and Different Data

Centers

Figure 4. Illustration of Response Time in Different Cases

0

200

400

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

Same DC (Underloaded

VM)

Overloaded VM with

A2LB

Overloaded VM without

A2LB

0

5

10

15

Same DCDifferent

DC

Response Time(Sec)

Cost ($)

$

Sec


195

Workload:In CC workload is the abstraction of actual work that is going to be performed in an instance

or set of instances. In SAFORS, increased workload doesn’t affect performance of the system since it

comprises of multiple agents each of which is responsible for performing a specific task. Moreover,

agents may be replicated as and when required to cater increased user requests. Thus with increase in

number of agents, workload per agent gets reduced. Workload of proposed framework is indicated in

below figure 5.

Security: Security is also one of most important parameter of CC. SAFORS gives promising security by

providing dual security mechanisms. The hybrid mechanism adopted for security amalgamates

symmetric and asymmetric key algorithms to ensure stringent security of data and distribution of

encryption keys. Blowfish and ECC encryption algorithms provide efficient security with smaller key

sizes, as compared to other existing algorithm. The SAFORS mechanism uniquely contributes towards

data security in cloud environment. A prototype implementation indicated small increase in encryption

time, as compared with single encryption algorithms, which seems acceptable considering the level of

security offered. Figure 6(a), (b), (c) given below indicates this.

Figure5. Workload of SAFORS

0

10

20

1 2 3 4 5

Wo

rklo

ad

Number of Agents

Workload of SAFORS

Workload Number of Agents

0 50 100 150 200 250 300 35020

30

40

50

60

70

80

90

100

110

120

File Size in KB

Time i

n sec

Encryption Time in sec

Decryption Time in sec

Figure 6(a). Encryption and Decryption time using ECC


196

Conclusion

The adoption of cloud computing in IT industries has raised some key issues which need attention from

research community. This paper proposed the SAFORS framework which is an integration of author’s earlier

work. Also this study evaluated the proposed SAFORS framework on the basis of five important metrics which

should be considered before embracing a cloud service. Result obtained by implementing proposed mechanism

seems promising. However, trust in cloud environment has been left as dimension of future research.

References

[1] Aarti Singh, Dimple Juneja, A.K. Sharma, “Evaluation of intelligent & adaptive multi-agent framework for

semantic web”, In Global Journal of Computer Science and Technology, Volume 11, Issue 11, pp. 41-46, July

2011.

[2] Aarti Singh, Dimple Juneja, ManishaMalhotra, “Autonomous agent based load balancing algorithm in cloud

computing”, Accepted in International Conference on Advanced Computing Technologies and Applications.

Published in International Conference on Advanced Computing Technologies and Applications Science Direct,

Procedia of Computer Science, Volume 45, pp 832-841. March 2015.

0 50 100 150 200 250 300 35020

30

40

50

60

70

80

90

100

File Size in KB

Time i

n ms

Encryption Time in ms

Decryption Time in ms

Figure 6(b). Encryption and Decryption time usingBlowfish

0 50 100 150 200 250 300 35020

30

40

50

60

70

80

90

100

110

120

File Size in KB

Time i

n sec

Encryption Time in sec

Decryption Time in sec

Figure6(c). Encryption and Decryption time of SAFORS


197

[3] Aarti Singh, ManishaMalhotra, “Adaptive framework for load balancing to improve the performance of

cloud environment”, Presented in IEEEInternational Conference on Computational Intelligence and

Communication Technology, pp 224-228. DOI 10.1109/CICT.2015.11, 13-14th

Feb 2015.

[4] Aarti Singh, ManishaMalhotra, “Agent based framework for scalability in cloud computing”, In

International Journal of Computer Science & Engineering Technology Vol 3 Issue 4, April 2012, pp. 41-45.

[5] Aarti Singh, ManishaMalhotra, “Hybrid two tier framework for improved security in cloud environment”,

Communicated in IEEE International Conference on Advanced Computing and communication Technologies,

Springer-Verlag publisher, 2015.

[6] Dimple Juneja, ManishaMalhotra, Aarti Singh, “A novel agent based autonomous service composition

framework for cost optimization of resource provisioning in cloud computing”,communicated for Patent and

Copyright Filing.

[7] Juneja D., Iyengar S.S. and Phoha V. V., “Fuzzy evaluation of agent based semantic match making

algorithm for cyberspace”, Published in International Journal of Semantic Computing, Vol. 3, issue 1, pp. 57-

76, 2009.

[8] Karageorgos A. and Mehandjiev N., “A design complexity evaluation framework for agent based system

engineering methodologies”, Published in Engineering Societies in the Agents World, LNCS, Vol. 3071/2004,

pp. 258- 274, 2004.

[9] Keith R. Jackson & Krishna Muriki, “Performance analysis of high performance computing applications on

the amazon web services cloud”, IEEE International Conference on Cloud Computing Technology and Science,

pp. 159-168, 2010.

[10] Mohammed Alhamad, “A trust-evaluation metric for cloud applications”, International Journal of Machine

Learning and Computing, Vol. 1, No. 4, pp. 416-421,2011.

[11] NiloofarKhanghahi and Reza Ravanmehr, “Cloud computing performance evaluation: issues and

challenges”,International Journal on Cloud Computing: Services and Architecture (IJCCSA),Vol 3, No.5, pp.

29-41, October 2013.

[12] Repschlaeger, Jonas, Zarnekow, Ruediger, Wind, Stefan, Turowski, Klaus, Cloud requirement framework:

requirements and evaluation criteria to adopt cloud solutions”, In European Conference on Information Systems

(ECIS), paper -42, pp2-14, 2012.

[13] Bhaskar. R, Deepu. S.R and Dr. B.S. Shylaja, “Dynamic allocation method for efficient load balancing in

virtual machines for cloud computing environment”, Advanced Computing: An International Journal (ACIJ),

3(5), pp. 53-61, 2012.

[14] Birje, M.N., Manvi, S.S., Prasad, B.: “Agent based resource brokering and allocation in wireless grids”,

Published in proceedings of IEEE International Conference on Services Computing (SCC-06), pp. 331-334,

Sept 2006.

[15] Buyya, R., C. S. Yeo, and S. Venugopal, “Market oriented cloud computing: vision, hype, and reality for

delivering it services as computing utilities”., Published inproceedings of 10th IEEE international conference on

High Performance Computing and Communications, pp. 234-242, 2008.

[16] Buyya, R., K. Branson, J. Giddy and D. Abramson, “The virtual laboratory: enabling molecular modeling

for drug design on the world wide grid”, Published in Journal of Concurrency and Computation: Practice and

Experience Volume 15 Number 1,pp 1–25, 2003.

[17] Cardellini, V., Colajanni, M., Yu, P.S.,“Request redirection algorithms for distributed web systems”, IEEE

Trans. Parallel Distrib. Syst. 14(4), 355–368, 2003.

[18] Fan, C.T., Wang, W.J., Chang, Y.S.: “Agent – based service migration in hybrid cloud”, Published in IEEE

International Conference on High Performance Computing and Communications, pp. 887-892, 2011.

[19] Faniyi, F., Bahsoon, R., Theodoropoulos, G., “A dynamic data driven simulation approach for preventing

service level agreement violations in cloud federation”, In International Conference on Computational Science ,

pp 1167-1176, 2012.


198

[20] Hossein R., Elankovan, S., Zulkarnain, M. A., Abdullah M. Z., “ Encryption as a service as a solution for

cryptography in cloud”, In 4th

International Conference on Electrical Engineering and Informatics indexed in

Science Direct, pp 1202-1210, 2013.

Evaluation of a Secure Agent Based Framework for Optimized ... · Cloud computing (CC) has gain...

Documents

Transcript of Evaluation of a Secure Agent Based Framework for Optimized ... · Cloud computing (CC) has gain...