19. Rady, M., Parameters for Service Level Agreements
advertisement
SERVICE LEVEL AGREEMENT PARAMETERS FOR ECOMMERCE CLOUD AbdelSalam H. Busalim1 Ab Razak Che Hussin 1 1 Universiti Teknologi Malaysia, Faculty of Computing, Skudai, Jorhor Bahru, Malaysia (www.utm.my) ABSTRACT Nowadays Services Level Agreement (SLA) became an important aspect between the cloud consumer and cloud provider, the dynamic nature of cloud computing needs to continue monitoring of the services. The restricted choice of appropriate parameters in SLA affects the interacting of end user with cloud services and creates risks of user data. End users are concerned about their data and how it will be stored in cloud and how the data is recovered in the case of failure of disaster. However, none of SLAs consider the end user view while conducting the SLA document. This paper discusses the importance of the parameters which need to be included in SLA when ecommerce companies move to cloud services, In order to verify and validate these parameters in ecommerce cloud, data were collected from105 respondents in faculty of computing in Universiti Teknologi Malaysia. The results indicate that most of the selected parameters are significant from the end users point of view. Keywords: SLA, Cloud Computing, ecommerce cloud 1. INTRODUCTION Cloud technology is becoming an increasingly popular trend. As a new concept, cloud computing offer online software and hardware capabilities. It offers a secure online environment for data storage and various e-commerce services that maintain the latest technologies and continuous protections for clients. Many ecommerce companies are turning to cloud computing and services due to the cost-efficiency it offers. According to the Gartner group report, by 2013, 40 % of e-commerce companies will use a complete cloud services (SaaS) solution. It appears that cloud computing is set to change the ways in which businesses operate [1]. Form the business perspective, cloud computing offers a great number of benefits including reduced infrastructure and maintenance costs. Many e-commerce companies and retailers have moved to cloud services due to the many benefits this shift offers in regards to cost effective and easily accessible storage options, and elastic computing and infrastructure. In 2012, the Gomez application performance monitor report clearly showed that among the 50 well known online retailers, 40% use Amazon cloud-based applications. However, there a number of risks associated with this reliance on outside services, especially from the perspective of end users. For ecommerce cloud companies, the end user is an important capital; therefore, satisfaction of the end user is a major goal of e-commerce cloud service providers. Among the risks the end user potentially faces when engaging in cloud-based e-commerce, is the issue of confidentiality of data, how data is stored, and who has access to this data. Another problem concerns privacy. The dynamic cloud environment makes it difficult for cloud providers to observe current data protection regulations and privacy policies [2]. The majority of current cloud contracts are little concerned with consumer privacy and consumers are often poorly informed about privacy issues [3]. One method of ensuring that the client receives the correct services best suited to its needs is the SLA, which has transformed from being a financial contract into a managerial tool to ensure the expectations of the customer are met [4]. For this mechanism to be effective there is a need for clear definitions of services, and suitable measuring parameters to measure the level of services. In the cloud computing environment, computer resources and infrastructures that are offered are scalable, and the platform, software and infrastructure provided in the form of services can be accessed anytime and anywhere. However, provisioning this paradigm of cloud services requires specific SLAs for every type of services. This can be rather challenging in view of the diverse range of services offered by cloud computing services, the various levels of each service, and the diverse needs of clients. No two clients are identical. This paper organized as follow. Section 2 highlights the literature review, Section 3 explains the methodology adopted by this paper, Section 4 will cover the results and discussion of the paper, then conclusion of this paper will be in Section 5. 2. LITERATURE REVIEW A. Risks and Challenges in E-Commerce Cloud In ecommerce cloud sellers ,a large number of users information is stored in the cloud ,and transmission and processing taking place in cloud, therefore, the problems and risks more than traditional e-commerce model [5]. Increasingly, online retailers are relying on cloud services and applications such as storage, computing, comparison engines, product locators and dynamic imaging to run their businesses. With this relying on outside services high risks raised out . As a result, they are losing control of the end user experience. The confidentiality of the user’s data is one of the main risks facing ecommerce cloud. In ecommerce cloud, most of the business information is stored in the cloud therefore, e-commerce companies are not able to supervise and monitor user's sensitive information. As virtualization technology been used in cloud computing, ecommerce companies using cloud services are not clear about where the data been stored, and do not even know the physical location of that data.[5]. The European Network and Information Security Agency (ENISA), conducted a survey for the main cloud computing security issues. More than 70 % of the SME (small and medium enterprises) in this study are concerned by the first six criteria and more specifically by confidentiality of data. Privacy are another important issue in Cloud Computing. The dynamic nature and structure of Cloud environment, make it difficult for Cloud providers to follow the current data privacy and protection rules. The main reasons beyond this, the transnational nature of Cloud Computing that has to face the national nature regulation privacy[2]. Transparency towards cloud services users must be the golden rule. Users do not know where the data stored and by whom it will be finally processed. It is compulsory for Cloud services providers to inform the users about the way in which data are processed . In the case of e-commerce Companies concern about the end user personal data, these important and private data may contain names, addresses, e-mail addresses and credit card numbers [2]. As known, that virtualization is one of the backbone of cloud computing technology, therefore there are some security risks in sharing machines for instance, losing control over data location, and who has the right to access to user data. [6] B. Services Level Agreement (SLA) To achieve high quality and performance goals in services or products, it may need the enterprise to establish and manage service level agreement (SLA) between the enterprise which provides the business service or product and the consumers, companies are responsible for its shareholders, expectations of the level of service to be offered [7]. The main goal of establishing SLA process is to improve the Quality of Experience of the service or product to the enterprise customer and reach the satisfaction level . However Service level Agreement (SLA) is a document describes the level of service expected by a customer from a services provider, based on metrics or policies by which that services are measured, and penalties if any, should the agreedupon levels not be achieved. Usually, SLA is between companies and external suppliers[8].A service level agreement can be an extremely effective communication tool for creating a common understanding between two parties regarding services , expectation , responsibilities and priorities [9]. Cloud technology as new paradigm of computing where available computing resources are delivered as a service. These resources are generally offered under the concept of pay-as-you-use, therefore cloud services become attractive to cost conscious customers. In order for Cloud providers to provide customers with services that meet their demands, both sides need to negotiate the client's requirements and the provider's services capabilities, and then they agree to certain conditions and terms which is the services level agreement [10]. The figure below shows the SLA parties in cloud environment. Figure 1: SLA parties in cloud environment . The main purpose of SLAs is to set a parameters and finally he proposed a monitoring framework for the providing services and for the framework for compliance checking.[14] proposed cooperation among service providers and service a framework to minimize the issues of consumers[2]. However the concept of "everything- trustworthiness among the cloud service provider as- services" offered by in cloud manner, this and cloud consumer, by using a quantitative model paradigm has made the establishment of SLA more of trust. They identified and formalized several challenging and makes the relation among the cloud parameters which has derived from SLA, these providers and users getting more complex. parameters to estimate trust. In this framework, the identified set of parameters have categorized into two sets. The first set of parameters obtained from C. Services Level Agreement Parameters the SLA description and named as Pre-SAL The SLA in cloud computing It consists of a parameters. These parameters are obtained in trust set of measurable attributes called SLA parameters estimation before signing the SLA contract, which which are established by some objectively can to help to build the consumer’s initial trust on measurable conditions, termed as Service Level the cloud provider. However, most of cloud service Objectives (SLOs)[11]. The parameters used to providers focus only on small set of parameters, measure and manage performance compliance to namely Availability, request completion rate and SLA commitments are the key of successful response time.[15] conducted a study to break agreements and are a critical long term success down the Cloud SLA into easy and understandable factor[12]. There are examples include the components and compare the SLAs of the parameters of throughput and timing, also the considered public cloud provider. By comparing the percentage of availability of virtual machines and SLA of Amazon, Rackspace, Microsoft, Terremark other resources, these objectives can be written in vCloud Express and Storm on demand, the study the SLA in the form below: [13]. highlighted that none of those providers offer nay performance guarantee for the services Availability of a service X is 99.5% nevertheless, none of the providers automatically credit the consumer for SLA violation, consumer Response time of a database query Q is should detect the SLA violation. The problems and between 3 to 5 seconds unfulfilled expectations during accomplishing the Throughput of a server S at peak load time SLA are the result of , poor choice of parameters[12]. is 0.875. There are several many studies have been conducted related to SLA in cloud computing environment. [11] pointed out that the SLAs provided by the presented cloud providers are relatively biased towards cloud providers and do not provide any formal method of verifying if the guarantees are complying or not, therefore the author attempted to identify the SLA parameters for Storage-as-a-Service in cloud delivery model and also the objectives for measuring these As we mentioned in our previous paper [16] that In ecommerce cloud, to alleviate the risks and challenges facing the end user during using ecommerce cloud websites, suitable parameters need to be included in SLA to consider the end user perspective. The table below describes the extracted parameters for E-commerce cloud SLA, which can be used for Managing and monitoring the Quality of services delivered by cloud providers. Table 1 : Deriving Cloud SLA Parameters Parameters Description Citations Availability The uptime of the services for the user in specific time [15, 17] [18] [19] [11] [20] [21] Scalability Ability to increase and decrease the storage space [21] [19] [18] Portability The services working on different devices or different platforms [21] [19] [18] Performance The duration of time to respond on user's requests [17] [20] [19] [18] [15] [14] Security The security of user data and the safety of the environment in the cloud [17] [19] [18] Reliability Services ability to operate over the time without failure [21] [19] [18] Usability The ability of the service to be attractive ,understandable, learnable, operable [19] [21] [18] Backup & Recovery How the Service store the image of user data and the ability to recover data in disaster. [17] [18] [15] [14] Availability zones in which the data are stored [18] Data location 3. METHODOLOGY This section basically illustrates the activities for every phase in the research, which should be carried out for this paper. There are four phase in the research methodology which are illustrated in the figure 2 below. From the literature review phase we have found out some potential limitations in the SLA parameters and frameworks provided by cloud services providers, especially in the context of the e-commerce cloud. The current SLAs mentioned only the availability of the service and the performance level of the services, in e-commerce environment most of the companies have moved to cloud service, however the ecommerce end user in cloud computing environment facing risks during communicating with ecommerce cloud websites and, the SLA between the cloud provider and ecommerce company does not consider these risks, and the user should be aware for this SLA. After identifying the main SLA parameters which is based on the risk and challenging in ecommerce cloud, a questionnaire is constructed to verify the end user perceptions regarding the importance of these parameters. This research is using quantitative method for collecting data. The questionnaire consist of two parts, the first part is the demographic part and part B is questions which related to parameters. Content validity process has been conducted before distributing the questionnaire, by asking two experts in faculty of computing in Universiti Teknologi Malaysia (UTM), to make sure that the questionnaire is well organized and the questions is easy to understand. The final modified questionnaire has been distributed online using Survey Monkey tool. The sample size of the respondents after distributing the final questionnaire is 105 students, and the time for collecting the data was around two weeks The respondents are the postgraduate and undergraduate students of computing faculty in UTM. Figure2: Research framework Table 2 shows the structure of part B in the final questionnaire distributed. The structure of this part of the questionnaire represent the parameters which extracted from literature review. The first column shows the parameters of SLA, the second column shows the questions of each parameters based on the objectives related to that parameter, and the last column represent the ID of each questions to make the process of analyzing easy and achievable. The aim this part of the questionnaire is to know the end user point view regarding the proposed parameters and how these parameters can reduce the risks in ecommerce cloud Therefore, to validate the collected data form questionnaire, SPSS statistical analysis software has been used in this research. Table 2. Structure of the questionnaire 4. RESULTS AND DISCUSSION A. Demographic Analysis Most of the respondents are male, 80 students out of 105 which represent 76% of the respondents where the rest of the respondent are female with approximately 24% as it can been seen in figure 3. Figure 3. Information on respondent's gender Figure 4 shows the level of education of the respondents, the highest number of the respondents are Masters students which represent 69% of the total respondents , where 18% of them are bachelor degree students and 10% are Phd students. While the rest are 1.9% are new undergrad students. As mentioned earlier the scope of the respondents was limited in student of faculty of computing, in order to make sure the answers are accurate regarding the parameters which can be used in ecommerce cloud environment. Figure 4: Education level of the respondents Figure 5 explains the information of respondent about how frequently they buy online. Based on the graph below, the major number of the respondent is buying once a month which represent 33.3%. The second is 28% which buy online once in every year and 22.8% represent the frequency of buying once in sex month, while 11.4% of the respondents buy once in every week. The less number represent 3.8% who are buy every day. Figure 5: Frequency of buying online Another results shows the experience of the respondents about cloud computing applications. The major number of the respondents (54 students) using cloud applications between 2 to 4 years which represent 51.4% from the whole respondents. While 33.3% of the respondents using cloud from less than one year and the rest of the respondents using cloud from 5 to 7 years which represent 14.2%. From the figure above, it can be pointed that majority of the respondents know very well the concept of the cloud computing. Figure 6 illustrates these results. Figure 6: Respondents experience in using cloud B. Descriptive statistics Cronbach's alpha method used to measure the internal consistency, which means how closely the item are related to each other as group . In Cronbach's alpha the reliability should be more than .70 in order to consider the items are. The result of Cronbach's alpha reliability analyze is .961 as shown the table below. Table 3: Reliability Statistics for Questionnaire Cronbach's Cronbach's Alpha Alpha Based on N of Items Standardized Items .961 .965 31 The tables below shows the Descriptive statistics Analysis for the parameters The tables show the Descriptive statistics for each variables in the questionnaire as listed in table 1. In part B of the questionnaire the weight is (1.Strongly Disagree, 2Disagree, 3 Neutral, 4 Agree, and 5Strongly Agree). Table 5. Descriptive Statistics Variables N Mean Std. Deviation SEC1 SEC2 SEC3 SEC4 SEC5 SEC6 SEC7 PRF1 PRF2 PRF3 PRF4 PRF5 PRF6 USE1 USE2 USE3 88 84 87 86 87 85 87 88 87 85 87 85 88 88 86 88 4.34 4.58 4.54 4.36 4.52 4.49 4.45 4.02 4.30 4.18 4.07 4.25 4.20 4.38 4.33 4.33 .815 .779 .775 .825 .819 .854 .743 .934 .794 .833 .832 .844 .833 .778 .913 .827 Table 6. Descriptive Statistics Variables N AVL1 AVL2 DLC1 DLC2 BKRC1 BKRC2 BKRC3 BKRC4 RBY1 RBY2 RBY3 SBLY1 SBLY2 PROT1 PROT2 88 87 85 85 85 85 85 84 85 85 85 85 84 85 83 Mean Std. Deviation 4.43 4.45 3.33 3.61 4.28 4.22 4.27 4.18 4.19 3.51 4.08 4.13 4.31 4.41 4.40 .841 .789 1.189 1.114 .781 .905 .892 .946 .764 .840 .848 .753 .744 .678 .748 According to Table 5 and 6 most of the items have higher means which means all the items are important and significant from the end user point of view, we considered the items who have higher means as most important for user perspective. C. Factor Analysis Factor analysis is data reduction technique, which used to structure large number of items in the questionnaire. Factor Analysis also used to minimise the redundancy between items and to group the items based on the inter correlation between these items. Since this study to identify the main important parameters for SLA cloud commerce, factor analysis has been used to remove the inappropriate items which are not suitable or not belong to any parameters. The first output of factor analysis showed in table 7 is a Kaiser-Meyer-Olkin measure of sampling adequacy and Bartlett‟s Test. In KMO and Bartlett's Test the value should be greater than 0.5 in order to consider the sample is adequate and suitable for applying factor analysis. According to the table above the value of KMO test for this study is .732 which greater than 0.5 meaning that ,the questionnaire sample is suitable to conducting factor analysis. Table 7 : KMO and Bartlett's Test Analysis Kaiser-Meyer-Olkin Measure of Sampling Adequacy. Approx. Chi-Square Bartlett's Test of Sphericity .732 2149.043 df 465 Sig. .000 The last output of the factor analysis is Communalities Analysis. Table 8 and 9 below explain the communalities before and after extraction which highlight shows how much of the variance for the variables accounted for by the extracted factors. For example over 80% of variance in Parameter NO.2 (security2) is accounted while 50% of the variance in parameters No.27 (reliability 3) is accounted. From the factor analysis results we can highlight that all the parameters and their objectives are significant and recognized are important from the end users perspective, which may improve the quality of the SLA between the cloud providers and ecommerce seller by considering the end user perspective during conducting the negotiations process between the two parties. Considering end use perspective toward cloud services in the SLA can increase their trust and also the reputation of the ecommerce seller well be increased. Table 8. Communalities Analysis Item Initial Extraction SEC1 1.000 .711 SEC2 1.000 .804 SEC3 1.000 .823 SEC4 1.000 .715 SEC5 1.000 .808 SEC6 1.000 .808 SEC7 1.000 .676 PRF1 1.000 .697 PRF2 1.000 .785 PRF3 1.000 .811 PRF4 1.000 .632 PRF5 1.000 .756 PRF6 1.000 .692 USE1 1.000 .750 USE2 1.000 .809 USE3 1.000 .725 Table 9. Communalities Analysis Item Initial Extraction AVL1 1.000 .694 AVL2 1.000 .704 DLC1 1.000 .782 DLC2 1.000 .770 BKRC1 1.000 .653 BKRC2 1.000 .797 BKRC3 1.000 .820 BKRC4 1.000 .787 RBY1 1.000 .607 RBY2 1.000 .492 RBY3 1.000 .567 SBLY1 1.000 .759 SBLY2 1.000 .719 PROT1 1.000 .782 PROT2 1.000 .671 5. CONCLUSION Service Level Agreement has significant impact on ecommerce websites which using cloud services, SLA can guarantee the services provided to the ecommerce websites and protecting ecommerce user by applying appropriate parameters. This paper introduced ecommerce cloud SLA parameters which consider the ecommerce cloud end users, these parameters has been selected based on the risks facing the user during interacting with ecommerce cloud, the parameters validated by conducting a survey inside Faculty of computing in UTM. The results indicates that all the parameters are important from end user point of view. However this research included only the student in faculty of computing as respondents . Futures work should cover wider variety of respondents 6. 7. Group, T.O., SLA Management Handbook. Vol. 4. 2004, UK: The Open Group. 137. 8. REFERENCES 2. 3. 4. 5. Motahari-Nezhad, H., B. Stephenson, and S. Singha, Outsourcing Business to Cloud Computing Services: Opportunities and Challenges. IEEE IT Professional, Special Issue on Cloud Computing, 2009. 11(2). Gangadharan, G.R. and D. Parrilli, Service Level Agreements in Cloud Computing: Perspectives of Private Consumers and Smallto-Medium Enterprises, in Cloud Computing for Enterprise Architectures, Z. Mahmood and R. Hill, Editors. 2011, Springer London. p. 207-225. Bashir, M.N., et al., Privacy in the cloud: going beyond the contractarian paradigm, in Proceedings of the 2011 Workshop on Governance of Technology, Information, and Policies2011, ACM: Orlando, Florida. p. 21-27. Bouman, J., J. Trienekens, and M. Van der Zwan. Specification of service level agreements, clarifying concepts on the basis of practical research. in Software Technology and Engineering Practice, 1999. STEP'99. Proceedings. 1999. IEEE. Hanyan, H., Research of E-commerce Security Strategies Based on Cloud Computing Platform, in Green Communications and Networks, Y. Yang and M. Ma, Editors. 2012, Springer Netherlands. p. 1487-1493. Greiner, L. and L.G. Pau. SLA Definitions and Solutions.2009[cited201321-3];Available from:http://www.cio.com/article/128900/SLA_ Definitions_and_Solutions?page=1#what. 9. Karten, N. Establishing Service Level Agreements. 2008 [cited 2013 21-3]; Available from: http://www.nkarten.com/sla.html. 10. 1. Pearson, S. and A. Charlesworth, Accountability as a Way Forward for Privacy Protection in the Cloud, in Cloud Computing, M. Jaatun, G. Zhao, and C. Rong, Editors. 2009, Springer Berlin Heidelberg. p. 131-144. Falasi, A.A. and M.A. Serhani, A Frameworl( for SLA-Based Cloud ServicesVerification and Composition, in International Conference on Innovations in Information Technology2011. p. 6. 11. Ghosh, N. and S.K. Ghosh. An approach to identify and monitor SLA parameters for storage-as-a-service cloud delivery model. in Globecom Workshops (GC Wkshps), 2012 IEEE. 2012. IEEE. 12. Paschke, A. and E. Schnappinger-Gerull, A Categorization Scheme for SLA Metrics. Service Oriented Electronic Commerce, 2006. 80: p. 25-40. 13. DeveloperWorks Editors, I. Review and summary of cloud service level agreements. 2010 [cited 2013 2-4 ]; Available from: http://www.ibm.com/developerworks/cloud/li brary/cl-rev2sla.html. 14. Chakraborty, S. and K. Roy. An SLA-based Framework for Estimating Trustworthiness of a Cloud. in Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on. 2012. 15. Baset, S.A., Cloud SLAs: present and future. ACM SIGOPS Operating Systems Review, 2012. 46(2): p. 57-66. 16. 17. Busalim, A.H., A.R.C. Hussin, and A. Ibrahim. Service level agreement framework for e-commerce cloud end-user perspective. in Research and Innovation in Information Systems (ICRIIS), 2013 International Conference on. 2013. Ben Pring, C.A., William Maurer, Alexa Bona, Best Practices for Service-Level Agreementsfor Software as a Service, 2010, Gartner Stamford. p. 10. 18. Alhamad, M., T. Dillon, and E. Chang. Conceptual SLA framework for cloud computing. in Digital Ecosystems and Technologies (DEST), 2010 4th IEEE International Conference on. 2010. IEEE. 19. Rady, M., Parameters for Service Level Agreements Generation in Cloud Computing, in Advances in Conceptual Modeling2012, Springer. p. 13-22. 20. Chauhan, T., et al. Service level agreement parameter matching in cloud computing. in Information and Communication Technologies (WICT), 2011 World Congress on. 2011. IEEE. 21. Nie, G., E. Xueni, and D. Chen, Research on Service Level Agreement in Cloud Computing, in Advances in Electric and Electronics2012, Springer. p. 39-43.
