New Paper Accepted: Multi-Dimensional Certification of Modern Distributed Systems
Our paper entitled Multi-Dimensional Certification of Modern Distributed Systems has been accepted for publication at the journal IEEE Transactions on Services Computing (IEEE TSC), the leading journal in services computing.
The paper is the result of more than one year of work and represents a significant shift for software and service certification. We propose a novel certification scheme that extends the scope of certification beyond the evaluation of software artifacts, for the first time according to our knowledge. Our scheme groups information related to the service to be evaluated in dimensions, and evaluates each dimension independently according to its peculiarity.
The authors of the paper are: Marco Anisetti, Claudio A. Ardagna, and Nicola Bena (me).
Below is the full abstract.
The cloud computing has deeply changed how distributed systems are engineered, leading to the proliferation of ever-evolving and complex environments, where legacy systems, microservices, and nanoservices coexist. These services can severely impact on individuals’ security and safety, introducing the need of solutions that properly assess and verify their correct behavior. Security assurance stands out as the way to address such pressing needs, with certification techniques being used to certify that a given service holds some non-functional properties. However, existing techniques build their evaluation on software artifacts only, falling short in providing a thorough evaluation of the non-functional properties under certification. In this paper, we present a multi-dimensional certification scheme where additional dimensions model relevant aspects (e.g., programming languages and development processes) that significantly contribute to the quality of the certification results. Our multi-dimensional certification enables a new generation of service selection approaches capable to handle a variety of user’s requirements on the full system life cycle, from system development to its operation and maintenance. The performance and the quality of our approach are thoroughly evaluated in several experiments.
The paper is available in early access here.
A Quick Overview
The following figure shows our approach at a glance, with our certification scheme driving the certification of (cloud) services and selection according to the corresponding certificates.
In general, a non-functional property describes a non-functional aspect of a software/system/service (service in the following), that is, it does not describe specific functionalities offered by the service, but rather how the service works and operates. The typical properties Confidentiality, Integrity, and Availability of the CIA triad are, in fact, non-functional properties.
Security assurance aims to demonstrate that a service holds one or more non-functional properties. In the case of certification, we award a certificate to the service stating that it supports a given property as the result of some evaluation activities.
Up to now, the literature has always represented a non-functional property as a pair of i) property name, ii) set of key-value attributes refining the property. For instance, this is how we typically model confidentiality.
p_conf = (confidentiality, {algorithm=AES, key-length=256})
The Certification Authority then defines the certification activities to perform to verify whether a given service supports p_conf.
This definition of property is simple and intuitive and has worked well in the past. However, there is one strong limitation: it focuses on the software artifacts only (i.e., the running service), without taking into account how the service has been realized nor how it has been actually certified (e.g., the depth of tests against the service). This basically means that we evaluate only a part of the service, directly impairing the quality of the activities following certification, such as service selection and composition.
For this reason, in this paper we extend the scope of certification by including how the service has been realized and certified, and we organize these additional aspects into dimensions.
Basically, in our novel definition of non-functional property, we group attributes into sub-sets, each sub-set representing a dimension. The scheme built on top of this allows to i) evaluate in a more comprehensive way the service, and ii) model and execute the certification activities according to the dimensions in the property.
We then present a service selection process grounded on multi-dimensional certificate, where users express their requirements on each dimension, and our process selects the best service according to the requirements. For this purpose, we rely on VIKOR.
Overall, we think that the certification scheme in this paper will be for further work boosting the usage of certification in the real world.