A Trustworthy Blockchain-Based Decentralised Resource Management System in the Cloud
Total Page:16
File Type:pdf, Size:1020Kb
Author version. Presented at 2020 IEEE 26th International Conference on Parallel and Distributed Systems (ICPADS). Published version available at https://ieeexplore.ieee.org/abstract/ document/9359214 Copyright (c) 2020 IEEE A Trustworthy Blockchain-based Decentralised Resource Management System in the Cloud Zhiming Zhao∗, Chunming Rongy and Martin Gilje Jaatuny ∗University of Amsterdam, Netherlands [email protected] yUniversity of Stavanger, Norway fchunming.rong, [email protected] Abstract—Quality Critical Decentralised Applications (QC- for developing Decentralised Applications (DApp). However, DApp) have high requirements for system performance and the current blockchain technologies suffer from high storage service quality, involve heterogeneous infrastructures (Clouds, cost of ledgers, low collaboration efficiency among distributed Fogs, Edges and IoT), and rely on the trustworthy collaborations among participants of data sources and infrastructure providers peers for consensus, and insecure off-chain data sources for to deliver their business value. The development of the QCDApp blockchain transactions. has to tackle the low-performance challenge of the current On the other hand, Cloud computing has been a major blockchain technologies due to the low collaboration efficiency disruptive technology providing resources-as-a-service for di- among distributed peers for consensus. On the other hand, verse Internet applications. While Cloud environments provide the resilience of the Cloud has enabled significant advances in software-defined storage, networking, infrastructure, and every not only elastic capacity, but also customisable connectivity, technology; however, those rich programmabilities of infrastruc- often called virtual infrastructure, over a large-scale network, ture (in particular, the advances of new hardware accelerators the resilience of the cloud have enabled significant advances in the infrastructures) can still not be effectively utilised for in software-defined storage, networking, infrastructure, and QCDApp due to lack of suitable architecture and programming every technology, which promotes emergence of heteroge- model. 1 Index Terms—DevOps, Cloud Computing, Blockchain neous programmable infrastructures across different Clouds, and devices on the network edges (often called Edge or Fogs). However, this rich programmability of infrastructure, I. INTRODUCTION in particular, the advances of new hardware accelerators in The recent advances in Cloud computing, IoT, Artificial the infrastructures, can still not be effectively included in Intelligence and big data greatly accelerate the innovations the development and operations (DevOps) of Quality Critical in the digitalisation of business applications towards Next Decentralised Applications. Generation Internet (NGI)[1], such as • Seamlessly processing dynamic physical events when II. BACKGROUND automating business processes (e.g., temperature sensitive Quality Critical Decentralised Applications (QCDApp) fo- cold supply chains); cus on software architecture and DevOps tools, and across • Realtime online cooperation (e.g., crowd story telling three typical domains: Decentralised Applications, quality crit- during content delivery (e.g., in live events); and ical systems and programmable heterogeneous infrastructures. • Business critical operations (e.g., risk assessment) during In this section, we review the state of the art of 1) DApps complex decision making (e.g., for financial investment). and quality critical DApps, 2) trustworthiness and privacy in Those innovations promote a new paradigm of applications, distributed applications, 3) software technologies for QCDApp which have strict requirements for system performance and development, and 4) infrastructure utilisation of heterogeneous service quality, involve heterogeneous infrastructures (Clouds, hardware advances. Fogs, Edges and IoT), and rely on the trustworthy collabo- Decentralized Applications (DApps) employ blockchain rations among participants of data sources and infrastructure technologies to realise decentralised trust among peers, and providers to deliver their business value, which cannot be fully provide entire business logic at the backend. Blockchain main- supported by the classical centralised architecture. We thus tains system states (e.g., transactions among participants) via call such new application paradigm as Quality Critical De- a worldwide and decentralised ledger, and updates the ledger centralised Applications (QCDApp). Blockchain technologies through consensus mechanisms among participants (e.g., Proof have demonstrated their great potential for realising trustwor- of Work as in Bitcoin [2]). All the transaction states stored on thy (via immutable ledgers and consensus among peers) and the blockchain are public, verifiable and immutable. Ethereum fault tolerance (no single point failure among decentralised is a second-generation blockchain which allows a general- nodes) in business applications, and have become a basis purpose program (called a smart contract) to be stored on 1In this paper, the terms of programmable infrastructure and software- 978-1-7281-9074-7/20/$31.00 c 2020 IEEE defined infrastructure are interchangeable. the blockchain, and to be executed through the Ethereum VM delays frustrate users, making current DApps less com- concept. The business logic of a DApp is often governed by petitive with existing non-blockchain alternatives. one or several smart contracts interacting with the underlying 3) Sequential Performance of a DApp is determined by blockchain [3]. Since the data is decentralized, even if one the response delays from all nodes in the network, point or node in the network is breached, other nodes in the since all transactions/operations should be executed and network can securely reinstate the data. DApps have demon- verified by all nodes to reach a consensus. However, strated their potential in a big spectrum of applications, in- dependencies among software components or logical cluding IoT [4], financial [5], logistics [6] and social networks steps often exist in an application and restrict it from [7]. Quality critical business applications consider quality of parallel executions; there thus is a need to provide fast service (QoS) or user experience quality, e.g., decision time or sequential performance in order to handle high volumes. delay for online user; any fails in those constraints may cause 4) Blockchain evolution, e.g., hard fork, is the only current severe loses of the business value. Time-critical applications approach in order to enable a system wide upgrade, distinguish two classes: 1) speed critical (or latency sensitive) which may result in the loss of participating network relying on continuously system optimisation to reach as fast as nodes, due to the nature of P2P consensus in blockchain. possible, and 2) timeliness relying on real-time task scheduling Another potential issue for a hard fork is that there will [8]. When using virtualised infrastructures, the uncertainty be multiple similar tokens sharing a common origin, of the underlying infrastructure often makes it difficult to which will confuse users. guarantee the time critical constraints. 5) Security issues in smart contracts must be enforced by Trustworthiness is considered a non-functional requirement careful implementation and intensive tests. Nevertheless, for the consistency of software quality with subjective user it is hard to guarantee a bug-free non-trivial smart assessments. Trust is commonly assessed through reputation contract, and more so for the high complexity in many systems [9]; however, existing systems rely on ratings provided DApps. However, any bug patch delivery may run into by consumers, which can lead to non-objective evaluation conflict with the immutable nature of blockchain data. results. Other approaches use computational models based on Hence, the related platform must provide flexibility in sociological and biological factors of reputation concepts, or supporting bug patch approaches for developers, espe- formalism [10]. However, it is still very challenging to measure cially for critical issues that may have system wide the general trustworthiness of software due to the complex impacts. social context of different software actors. 6) Identity management of users and transactions are im- Privacy remains a fundamental research challenge in dis- portant while anonymity may be needed in certain tributed applications, Cloud, Fog, or Edge computing [11], in circumstances. There has also been recent work to add particular, diverse privacy regulations involved due to states the ability for anonymity on top of existing blockchains, and regions involved in the same application. Other critical through smart contracts and regulatory bodies requiring quality constraints include energy consumption, e.g., power the Know Your Customer (KYC) and Anti Money limits of edge nodes [12], security, e.g., cyber attacks [13]. Laundering (AML) checks without giving up the identity The development of Quality Critical DApps has to face of the contributors to the entire global network. On the challenges of not only decentralised nature of the application, other hand, there is a movement to create Distributed but also performance critical requirements: Identity (DID) that can be used across all DApps in a 1) An effective incentive model is needed to credit par- similar way how openID was used to create a common ticipants to encourage them to contribute to maintain identity