abstract - eubrasilcloudforum › sites › default › files › eubras...eubrasilcloudforum...

EUBrasilCloudFORUMreceivesfundingfromtheEuropeanUnionHorizon2020Programme(H2020/2014-2020)undergrantagreementn°689495andfromtheMinistryofScience,TechnologyandInnovationofBrazilthroughRedeNacionaldeEnsinoe

Pesquisa(RNP)underthe3rdEU-BRCoordinatedCallInformationandCommunicationTechnologies.

ProjectAcronym EUBrasilCloudFORUM

ProjectTitle FosteringandInternationalDialoguebetweenEuropeandBrazil

ProjectFullTitle EUBrasilCloudFORUM–FosteringandInternationalDialoguebetweenEuropeandBrazil

ProjectNumber 689495

DeliverableTitle Analysis and identification of the gaps and research opportunities related to cloudcomputing,includingsecurity

DeliverableNo. D3.1

DeliveryDate 30-06-2016

Author MarcoVieira(UC);PriscilaSolis (UnB);NunoLaranjeiro(UC);EdmundoMonteiro(UC);JamesClarke(WIT),EduardoAlchieri(UnB),MarcosCaetano(UnB)

ABSTRACT: This deliverable analyses and identifies gaps and research opportunities related to cloud computing,including security. These gaps and research opportunities resulted from the internal discussions and public eventsorganizedbytheEUBrasilCloudFORUMproject.Thedeliverable,builtaroundasetofcoreconceptsandfollowingawell-definedprocess,shouldbeseenasaworkingdocumentthatwillserveasbasisandsupportfordevelopingtheresearchroadmaplaterintheproject.

[email protected]|eubrasilcloudforum.eu 2

PROJECT

ProjectAcronym EUBrasilCloudFORUM

ProjectTitle FosteringandInternationalDialoguebetweenEuropeandBrazil

ProjectFullTitle EUBrasilCloudFORUM-FosteringandInternationalDialoguebetweenEuropeandBrazil

ProjectStart January1st,2016

ProjectDuration 24months

Funding H2020-EUB-2015GrantAgreementNo. 689495

DOCUMENT

DeliverableNo. D3.1

DeliverableTitle Analysisandidentificationofthegapsandresearchopportunitiesrelatedtocloudcomputing,includingsecurity

ContractualDeliveryDate June30th,2016

ActualDeliveryDate June30th,2016

Author(s) MarcoVieira (UC); Priscila Solis (UnB);Nuno Laranjeiro (UC); EdmundoMonteiro(UC);JamesClarke(WIT)

Editor(s) MarcoVieira(UC)

Reviewer(s) AntônioAugustoFrohlich(UFSC);JimClarke(WIT),MoacyrMartucciJr(USP)

Contributor(s) PauloCarvalho(UC);MariliaCurado(UC);AntônioAugustoFrohlich(UFSC),GiovaniGracioli(UFSC);SergioTakeoKofuji(USP);MoacyrMartucciJr(USP);SaraPittonet(TRUST-IT)

WorkPackageNo.&Title WP3:EU-BrazilPolicyResearchRoadmapping&ActionPlan

WorkPackageLeader MarcoVieira,UC;PriscilaSolis,UnB

WorkPackageParticipants UC;TRUST-IT;WIT;UnB;FUSP;UFSC

EstimatedPersonMonths 5

Distribution PUBLIC

Nature Report

Version/Revision 1.0

Draft/Final Final

TotalNo.Pages(includingcover) 49

Keywords CloudComputing,Security,ResearchOpportunities,Scenarios,Drivers,Gaps,SotA


DISCLAIMER

EUBrasilCloudFORUM(689495) isaprojectco-fundedbytheEuropeanCommissionunderthecallH2020-EUB-2015,topicEUB-1-2015,CoordinationandSupportAction(CSA)aspartoftheHorizon2020-theFrameworkProgrammeforResearchandInnovation(2014-2020),andbythetheMinistryofScience,TechnologyandInnovationofBrazil(MCTI)throughRedeNacionaldeEnsinoePesquisa(RNP)underthe3rdEU-BRCoordinatedCall.

Thisdocumentcontains informationonEUBrasilCloudFORUMcoreactivities, findingsandoutcomesand itmayalsocontaincontributions fromdistinguishedexpertswhocontributeasEUBrasilCloudFORUMWorkingGroup(WG)andAdvisoryBoard(AB)members.Anyreferencetocontentinthisdocumentshouldclearlyindicatetheauthors,source,organisation,andpublicationdate.

The document has been produced with the funding of the European Commission and the Ministry of Science,Technology and Innovation of Brazil (MCTI). The content of this publication is the sole responsibility of theEUBrasilCloudFORUMConsortiumand itsexperts,and itcannotbeconsideredtoreflect theviewsof theEuropeanCommissionorthetheMinistryofScience,TechnologyandInnovationofBrazil(MCTI).Theauthorsofthisdocumenthavetakenanyavailablemeasureinorderforitscontenttobeaccurate,consistentandlawful.However,neithertheprojectconsortiumasawholenortheindividualpartnersthatimplicitlyorexplicitlyparticipatedinthecreationandpublicationofthisdocumentholdanysortofresponsibilitythatmightoccurasaresultofusingitscontent.

TheEuropeanUnion(EU)wasestablishedinaccordancewiththeTreatyontheEuropeanUnion(Maastricht).Therearecurrently28memberstatesof theEuropeanUnion. It isbasedontheEuropeanCommunitiesandthememberstates’cooperationinthefieldsofCommonForeignandSecurityPolicyandJusticeandHomeAffairs.ThefivemaininstitutionsoftheEuropeanUnionaretheEuropeanParliament,theCouncilofMinisters,theEuropeanCommission,theCourtofJustice,andtheCourtofAuditors(http://europa.eu/index_en.htm).

Copyright©TheEUBrasilCloudFORUMConsortium2016.

For more information on the project, its partners and contributors please see eubrasilcloudforum.eu. You arepermittedtocopyanddistributeverbatimcopiesofthisdocumentcontainingthiscopyrightnotice,butmodifyingthisdocument isnotallowed.Youarepermittedtocopythisdocument inwholeor inpart intootherdocuments ifyouattachthefollowingreferencetothecopiedelements:“Copyright©TheEUBrasilCloudFORUMConsortium2016.”

TheinformationcontainedinthisdocumentrepresentstheviewsoftheEUBrasilCloudFORUMConsortiumasofthedate theyarepublished.TheEUBrasilCloudFORUMConsortiumdoesnotguarantee thatany informationcontainedherein is error-free, or up to date. THE EUBrasilCloudFORUM CONSORTIUM MAKES NO WARRANTIES, EXPRESS,IMPLIED,ORSTATUTORY,BYPUBLISHINGTHISDOCUMENT.


GLOSSARYABBREVIATION DEFINITIONAB AdvisoryBoardEUBR EU-BrazilCPSoSes Cyber-PhysicalSystem-of-SystemsCSC CloudStandardsCoordinationDSM DigitalSingleMarketDISA DefenceInformationSystemsAgency(USA)EEGI EuropeanElectricityGridInitiativeETSI EuropeanTelecommunicationsStandardsInstituteEU EuropeanUnionHPC HighPerformanceComputingIaaS InfrastructureasaServiceICT InformationandCommunicationTechnologiesIoT InternetofThingsIT InformationTechnologyMCTI MinistryofScience,TechnologyandInnovationofBrazilMPOG MinistryofPlanning,BudgetandManagementNIST NationalInstituteofStandardsandTechnologyPaaS PlatformasaServiceRNP RedeNacionaldeEnsinoePesquisaSaaS SoftwareasaServiceSDG SustainableDevelopmentGoalSET-PLAN StrategicEnergyTechnologiesPlanSIIF StandardforIntercloudInteroperabilityandFederationSLA ServiceLevelAgreementSLTI SecretariatofLogisticsofInformationTechnologySotA StateoftheArtWG WorkingGroups


TABLEOFCONTENTSExecutiveSummary............................................................................................................................................................71 Introduction...............................................................................................................................................................82 Scenarios..................................................................................................................................................................11

2.1 SC1.Environmentalmonitoring.......................................................................................................................132.2 SC2.Smartwaterandenergymanagement.....................................................................................................162.3 SC3.Assistedhealthandwell-being.................................................................................................................18

3 Drivers......................................................................................................................................................................213.1 DR1.Cloudcomputingtechnologiesareglobalandpervasive........................................................................223.2 DR2.Socio-economicfactorsaffectthecloudcomputingmarket...................................................................233.3 DR3.Technologicalinnovationcreatesnewissues..........................................................................................23

4 StateoftheArt.........................................................................................................................................................254.1 KeyCloudconcepts..........................................................................................................................................254.2 CloudComputingfromdifferentperspectives.................................................................................................274.3 Relatedresearchworksandprojects...............................................................................................................30

5 GapsandPreliminaryOpportunities........................................................................................................................375.1 OP1.Commontechnologicalandlegalframeworkformanagingsecurityandprivacyaspectsoncloud.......375.2 OP2.AnEU-BRcommunitytoworkoncommonstandards............................................................................385.3 OP3.CloudfederationandOpenScienceCloudatcross-regionallevel..........................................................385.4 OP4.Cloudsustainedcyber-physicalsystemsandsystemsofsystems...........................................................385.5 OP5.Cloudtotheedge....................................................................................................................................395.6 OP6.Cloudsupportedinnovativeandinclusivesocieties................................................................................395.7 OP7.HighPerformanceComputing(HPC)inCloudenvironments..................................................................40

6 Conclusions..............................................................................................................................................................41References........................................................................................................................................................................43A1.TemplateforGatheringScenarios.............................................................................................................................45A2.MappingDriversandOpportunities..........................................................................................................................46A3.OtherPotentialScenariostobeStudied....................................................................................................................47

A3.1.HeterogeneousCloudRadioAccessNetworks...................................................................................................47A3.2.BaseStationVirtualizationinCloud-RadioAccessNetworks..............................................................................48


TableofFiguresFigure1.Analysisandidentificationofthegapsandresearchopportunities...................................................................9Figure2.ProcessfortheidentificationoftheScenarios..................................................................................................11Figure3.SustainableDevelopmentGoals(SDGs)fromtheUnitedNations(UN)...........................................................12Figure4.CirclesofSustainabilityforseveralcitiesaroundtheworld.............................................................................13Figure5.TheIaaSservicemodel......................................................................................................................................26Figure6.ThePaaSservicemodel.....................................................................................................................................26Figure7.TheSaaSservicemodel.....................................................................................................................................27

TableofTablesTable1.Mappingbetweenthescenariosandpotentialdrives.......................................................................................21Table2.Mappingopportunitieswithdrivers...................................................................................................................46


ExecutiveSummary

Themainobjectiveofthisdocumentistoanalyseandidentifythegapsandresearchopportunitiesrelatedtocloudcomputing,includingsecurity,intheEU-Brazilcollaborationcontext.Thesegapsandresearchopportunitiesresultedfrom the internal discussions and public events organized by the EUBrasilCloudFORUM project. It contains alsocontributions from distinguished experts who contribute as EUBrasilCloudFORUMWorking Group (fromWP2) andAdvisoryBoardmembers(fromWP3).

D3.1wasbuiltaroundasetofcoreconceptsandfollowingawell-definedprocess,andshouldbeseenasaworkingdocumentthatwillserveasbasisandsupportforthepreliminaryresearchroadmaplateron.TheworktowardssuchresearchroadmapisbeingdevelopedontopofasetofScenariosandDriversthat,oncemappedwiththeStateoftheArt,allowunderstandingtheresearchGapsandOpportunitiesthatneedtobefilled.Thesegapsandopportunitiesarethestartingpointfortheresearchroadmap,whichwillobviouslyputastrongfocusontheprioritiesofbothEUandBRandonthebenefitsofthepotentialcollaborations.

Scenariosarefuturisticviewpointsofdifferentstakeholders, includingindustrialplayers,end-users,researchers,andregulators,forcloudcomputing, includingsecurity, IoTandBigDataaspects.Threescenariosare includedbasedonthe analysis of the Sustainable Development Goals (SDGs) from the United Nations, which include 17 goals totransformourworld,andofthecurrentsituation(intheformofCirclesofSustainability)andthepotentialprioritiesforEuropeandBrazil:

• Environmentalmonitoringforclimateaction,assuringecologicaldevelopmentstowardsthesustainabilityofairquality,faunaandflora,emissions,waste,etc.

• Smart water and energy management for assuring the sustainability of key natural resources, based onadvancedmonitoring,analysis,andcontrolofproductioninfrastructuresandconsumptionenvironments.

• Assisted health and well-being, focusing on advanced and proactive personalised health services, andsupportforwell-beingspeciallyforchildrenandseniorpeople.

Thedriverscanbeseenaschallengesforthedevelopmentofthecloudcomputingtechnologiesandmodelsneededforimplementingthescenarios.Thedeliverablediscussesthemaindriversforexpandingresearchactivitiesoncloudcomputing,includingsecurity,consideringthreeperspectives:

• Cloudcomputingtechnologiesareglobalandpervasive,raisingnewsecurityanddataprivacydemandsabletotackleemergingcyber-threats,andcreatingtheneedfordataflowandportabilityacrossservices,systems,countries,andcontinents.

• Socio-economicfactorsaffectthecloudcomputingmarket,includingdemandscreatedbynational/regionalregulations,andhumanfactors(humansaspartanddriversforcomplexsociotechnicalsystems),andothersocietal aspects demanding for new ways of deploying and providing innovative services for inclusivesocieties.

• Technologicalinnovationcreatesnewissues,suchasgreencomputingforasustainableenvironment,accesstoopendata for supportingadvancedservicesandresearch,andstandardization tosupport integrationofdataandsystemsandforsupportingbackwardscompatibility.

ThecurrentStateoftheArt(SotA)hasseveralgapsthatpreventovercomingthedrivingchallengesandthusblocktheimplementationof thescenarios.Suchgapsrepresentresearchopportunities for theEU-Brazilcollaboration. In thiscontext, the main gaps and opportunities are identified considering the three scenarios defined, and taking intoaccounttheresearchdrivers.Gapsandopportunitiesareorganizedunderseventopics,namely:

• Acommontechnologicalandlegalframeworkformanagingsecurityandprivacyaspectsonthecloud• SupportthecreationofanEU-BRcommunitytoworkoncommonstandards• SupportcloudfederationandanOpenScienceCloudatcross-regionallevel• Cloudsustainedcyber-physicalsystemsandsystemsofsystems• Cloudtotheedge• Cloudsupportedinnovativeandinclusivesocieties• HighPerformanceComputing(HPC)inCloudenvironments


1 Introduction

TheEUBrasilCloudFORUMproject:FosteringanInternationaldialoguebetweenEuropeandBrazil,whichstartedonJanuary 1st, 2016, is a Coordination Action project, whose main purpose is to facilitate the policy and technicaldialogues between the European Union (EU) and Brazil (BR) in focus areas related to cloud computing, includingsecurityaspects.ThemaingoalistoestablishanorganisationalcooperationforumthatenablestheEuropeanUnionandBraziltoformulateanddevelopacommonstrategyandapproachforresearchandinnovationincloudcomputing.Inpractice,EUBrasilCloudFORUMhasthefollowingcoreobjectives:

• Objective 1. Structure a community driven engagement forum for EU-Brazil policy and research andinnovationdialogues;

• Objective 2. Deliver an EU-Brazil Research and Innovation Roadmap and Action Plan related to cloudcomputing,includingsecurityaspects;

• Objective3.BuildawebbasedEU-BRServicePlatformtopromoteandmarkettheresultsfromtheEU-Brazilcommunityaswellasshowcasingsuccessstories;

• Objective4.OrganizeandsupportfocusedEU-BRCloudComputingEvents,includingEU-BRpolicydialogues,CloudscapeBrazilannualevents,cooperationworkshopsandmajorEU-BRconferences.

Deliverable D3.1: Analysis and identification of the gaps and research opportunities related to cloud computing,including security, is the first tangible output of Task 3.1: Roadmap Definition & Future coordinated call topics,whichstartedbyfocusingontheanalysisand identificationofthegapsandresearchopportunitiesrelatedtocloudcomputing.Basedonsuchanalysis,anopencallforchallengesandtopicswillbeissuedinthenearfutureinordertogather the ideasandopinionsof the relevant stakeholders. Inparallel,brainstorming,discussions,andexchangeofideaswith the experts selected and engaged in the project (namely, the Advisory Board and theWorking Groupsmembers) will be carried out and two workshops for discussions will be organized. The inputs and informationcollected from theexpertswillbeused toprepareanddeliverapreliminaryEU-BrazilResearchRoadmaponcloudcomputingandrecommendations for futureEU-BRcoordinatedcall topics (deliverableD3.2)by theendof the firstyearoftheproject.Thepreliminaryresearchroadmapwillthenbedisseminatedanddiscussedwiththecommunity,leadingtothedevelopmentanddeliveryofafinalversionofalong-termresearchroadmap(D3.3)bytheendoftheproject.

Thisdeliverablewasbuiltaroundasetofcoreconceptsandfollowingawell-definedprocess,andshouldbeseenasaworking document that will serve as basis and support for the preliminary research roadmap later on. The worktowardssuchresearchroadmapisbeingdevelopedontopofasetofScenariosandDriversthat,oncemappedwiththeStateoftheArt,allowunderstandingtheresearchGapsandOpportunitiesthatneedtobefilled.Thesegapsandopportunitiesarethestartingpointfortheresearchroadmap,whichwillobviouslyputastrongfocusontheprioritiesofbothEUandBRandon thebenefitsof thepotential collaborations.The followingconcepts shouldbeknowntobetterunderstandthisdeliverable:

• Scenarios:futuristicviewpointsofdifferentstakeholders,includingindustrialplayers,end-users,researchers,andregulators,forcloudcomputing,includingsecurity.

• Drivers: challenges that will act as drivers for the development of the cloud computing technologies andmodelsneededtosupportthescenariosdefined(e.g.standardization,opendata).

• Gaps:aspectsthatpreventovercomingthedrivingchallengesconsideringthecurrentStateoftheart(SotA),andthusblocktheimplementationofthescenarios.

• Opportunities: researchopportunities related to cloud computing, including security, considering the gapsidentified.SuchopportunitiesarederivedfromthegapsandshouldtakeintoaccounttheEU-BRpriorities.


Considering the key concepts above, Figure 1 overviews the process followed to build the current deliverable. Inpractice,theprocessstartedwiththedefinitionofasmallsetofpreliminaryscenarios(preliminaryinthesensethattheywillevolveduring thedevelopmentof thenextdeliverables), identifiedby theprojectconsortiumand initiallydiscussedattheEUBrasilCloudFORUMconcertation/WGmeetingonMarch18th,2016,inRiodeJaneiro1.Foreachofthosescenarios,anumberofdrivershasbeenidentifiedconsideringseveralaspects,includingtheneedforpersonaldataprotection,flowsofdata,portabilityofdata,opendatausage,andstandardisation,amongothers.Ahigh-levelanalysisoftheSotAandoftheworkbeingdevelopedinotherprojects(includingbutnotlimitedtotheprojectsintheEU-BRcollaboration)hasthenbeenconducted.Themappingbetweenthedriversforeachscenarioandthecurrentstate of the art resulted in the identification of the gaps that prevent the implementation of the scenarios. This,together with the current understanding of the consortium regarding the priorities of EU and BR, resulted in apreliminaryproposalforasetoffutureresearchopportunitiesfortheEU-BRcollaboration.

Figure1.Analysisandidentificationofthegapsandresearchopportunities.

TheoutlineofthedeliverablecloselyfollowstheprocessdescribedbeforeandoutlinedinFigure1.Section2presentsthescenariosanddiscusseshowtheyweredefined.Section3discussesthedriversandSection4overviewsthestateoftheart.Section5presentstheidentifiedgapsbasedonthemappingbetweenthedrivers,theSotA,andtheEU-BRpriorities,andpresentsapreliminaryproposalforasetoffutureresearchopportunitiesfortheEU-BRcollaboration.Finally,Section6concludesthedeliverable,alsodiscussingthenextstepstowardsthedevelopmentoftheresearchroadmap.

1http://eubrasilcloudforum.eu/shaping-cloud-excellence-between-europe-and-brazil-eubrasilcloudforum-concertation-meeting

Scenarios

Drivers

GapsandPreliminaryOpportunities

D3.1

SotA

&other

Projects

EuropeandBrazilPriorities


2 Scenarios

Scenariosarefuturisticviewpointsofdifferentstakeholders,includingindustrialplayers,end-users,researchers,andregulators, for cloud computing, including security. Their purpose is to enable focusing onto the identification ofdrivers and gaps, and to support the future development of a research roadmap (whichmay also consider otherscenariosdefinedmeanwhile).

A processwas followed to support the identification of a preliminary set of scenarios focusing in relevant societalchallenges.AsshowninFigure2,westartedbyanalysingtheSustainableDevelopmentGoals(SDGs)fromtheUnitedNations,which include 17 goals to transform ourworld, ranging fromNo Poverty and Zero Hunger to SustainableCitiesandCommunitiesandGoodHealthandWell-being,amongothers(seeFigure3)(UnitedNations2016).Thenweanalysed the current situation (in the formof Circles of Sustainability) (TheCircles Project 2016) and thepotentialpriorities for Europe and Brazil. These are valuable pieces of information in their own capacity, but the key andobviousquestionhereisHowcancloudcomputinghelp?

Figure2.ProcessfortheidentificationoftheScenarios.

CirclesofSocialLifeareanapproachforguidingpracticesinmakingcities,localesandorganizationsmoresustainable,resilient,adaptable,andliveable(TheCirclesProject2016).TheCirclesofSustainabilityarepartoftheCirclesofSocialLife and provide tools for understanding the sustainability of cities and communities. They exist formultiple citiesaround theworld, including in Brazil. In practice, the analysis of such circles allows a better understanding of thecurrentworldsituationandidentifypotentialsocietalneedsandchallengesconsideringpolitical,economical,cultural,and ecological aspects. Figure 4 presents some examples, showing some problematic areas in the ecological (e.g.waterandair,materialsandenergy)andcultural(e.g.well-beingandhealth,genderandgenerations)domains.

AdetailedanalysisandmappingoftheSustainableDevelopmentGoals(SDGs)fromtheUnitedNationswithdifferentCirclesofSustainability,highlightedseveralareasthatseemtobeofhighpriorityworldwide,namelyinwhatregardstheEcologicalandCulturaldomains.Obviously,cloudcomputingstandsasakeyinfrastructureforsupportingsomeofthe societal changesneeded toovercome theexistingproblems inmanyareas,but in the contextof thisworkweneed to restrain the scope to the most relevant and promising ones, that at the same time open a broad andrepresentative setof researchchallengesof interest in the scopeof theEU-Brazil collaboration.Thisway,with thelemma“CloudComputingforSustainableLiving”,weproposethreemainscenarios,whichraisemultipleneeds:


• SC1. Environmental monitoring for climate action, assuring ecological development towards thesustainabilityofairquality,faunaandflora,emissions,waste,etc.

• SC2.Smartwaterandenergymanagementforassuringthesustainabilityofkeynaturalresources,basedonadvancedmonitoring,analysis,andcontrolofproductioninfrastructuresandconsumptionenvironments.

• SC3.Assistedhealthandwell-being, focusingonadvancedandproactivepersonalisedhealthservices,andsupportforwell-beingespeciallyforchildrenandseniorpeople.

Figure3.SustainableDevelopmentGoals(SDGs)fromtheUnitedNations(UN).

(adaptedfrom(UnitedNations2016))


Figure4.CirclesofSustainabilityforseveralcitiesaroundtheworld.(from(TheCirclesProject2016))

The initial ideas for the future scenarios being sought were highlighted at the EUBrasilCloudFORUM project’sconcertationworkingmeeting on 18thMarch, 2016, held in Rio de Janeiro, and have been further refined for thisdeliverable.Thefollowingsectionsintroducethescenarios,themainneedsraisedbyeachone,whytheyarerelevantfortheEU-BRcollaboration,andsomerelatedinitiativesthatmaybeofinterestforeachscenariointhecontextoftheEUBrasilCloudFORUMproject.

2.1 SC1.Environmentalmonitoring

Scenario:Understandingclimatechanges,conservingandsustainablyusingmarineresources,terrestrialecosystems,forests,orcombatingdesertificationrequires thecollectionandanalysisofhugeamountsofdata (e.g. forplanningand acting), that in turn require great storage and processing power, which are characteristics that fit the cloudcomputingparadigm. Thiswill also strengthena general “green”movement, encompassingagriculture. Inpractice,environment monitoring infrastructures and services will be defined around very large, dynamic, environmental-friendlynetworksofsensorsthatgatherdataandmustreliablyprovide it tocloud-supportedactuators, tobigdatastorageinfrastructures,andtoanalyticstoolsfordecisionmaking.Thisimpliesreliableandfast,butenergy-efficient,on-demand provisioning of services and infrastructures. The reliability and protection of the data and associated


services, their physical location and use, as well as portability characteristics supported by adequate integrationmechanisms,areaspectsthatneedtobetackled.

Needs:

Acquired data should be available whenever needed and should be reliable, as it is the key asset forunderstandingwhatisgoingonandthusactuatinginduetime.Suchdatashouldbeofhighquality,allowingextracting useful information by means of big data processing intelligent algorithms. Data integrity andcompletenessareobviouslymajorconcerns,whileprivacymaybeofrelevanceinsomeparticularcases,asfor example monitoring of specific neighbourhoods in a city. The supporting infrastructure should beprotectedagainstunauthorizedaccessesatalltimes.

For supporting global environmental services, specific sets of data should be shared worldwide, whichrequiresthecreationofflowsofdata.Insuchcases,thedatashouldbeplacedclosetothesystemsand/orusers that use it. In practice, environmental monitoring data should be accessible based on specificagreementsandtheoutputoftheiranalysisshouldbesharedacrosscountriesandregions.

Enablingaccesstodatamonitoredbydifferentsystemsandfromdifferentregionsraisesportability issues,suchascommunicationamongsystemsandintegrationofdatasets.Thehugediversityofsystemsanddataformats in thedomainwill requiredata representationand storage to follow specific rules and formats inordertobeportableandusableacrosssystemswithfullinteroperability.

The huge amounts of data to be processed may also call for cloud federation, a practice that allowsinterconnecting different cloud computing environments for load balancing, enhanced performance, datareplication,etc.Whenmassiveamountsofdataaretobeprocessedbychallengingalgorithms,thedemandforcloud-based,high-performancecomputingwillalsoraise.

Greatpartofthevalueofenvironmentalmonitoringdataresidesontheiropenusagetosupportcontinuousanalysis and adequate actuation. Also, such data is of utmost importance for researchers to develop andvalidate new intelligent systems and algorithms,whichmay be supported by anOpen Science Cloud thatallows open access to the shared data and resources. However, as mentioned above, in some specificsituationsdatamayneedtobepre-processedforassuringprivacyaspects(insuchcases,anonymizationmaybearelevantneed).

Datasharingrequiresstandardsfordataportabilityandsystemsintegration.Thehugediversityofsystems,users,andentitiesinvolvedinthecollection,storage,andanalysisofenvironmentaldatamakestheissueofstandardization of great difficulty, that can only be overcome if supported by high-level agreementsestablishedinthecontextofalargecommunity.

Why EU-Brazil cooperation is needed: The importanceof EU andBrazil cooperation in this scenario is to create asynergy of the better practices and to provide access and experience in a diversity of different monitoringenvironments.Brazil,beingacontinentalcountrywithalotofdiversityregardingtopographyandnature,hasaspecialposition for this. Certainly, for Brazil the environmental monitoring is something very strategic. Since 1998, Brazilparticipates in theworld's largestEnvironmentalMonitoringSystem,calledSIVAM,whichrepresentsanexpenseofUSD 1.4 billion (the second largest strategic project in the world until 2012) and had the goal of monitoring theAmazoniausingsatellitesandsensors.Thesystemreceiveda lotofcriticism,mainlyduetothe lackofclearprivacyrulesregardingthedata(obviouslyrelatedtonationalsecurity).Today,SIVAMismanagedbytheorganisationEZUTE,together with the SisGAAz (Sistema de Gerenciamento da Amazônia Azul). EZUTE was funded by the FINEP(Financiadora de Estudos e Projetos)/MCTI. There are several institutions in Brazil that have projects forenvironmental monitoring including the National Institute for Space Research (Instituto Nacional de PesquisasEspaciais - INPE), theBrazilianAgriculturalResearchCorporation (Embrapa), theNationalWaterAgency (ANA), theBrazilianForestService(SFB),amongothers.


Consideringtheabove,Brazilhasknow-howonenvironmentalmonitoringprogramsandpolicies,whichmayhelptoidentify and discourage leakage in other regions, including Europe. In fact, among other initiatives to promotedevelopmentandalleviatepoverty,BrazilhasfosteredagriculturalandinfrastructuralexpansionincountriesinLatinAmerica and Africa. Nevertheless, Brazilian governors have recently revised the Brazilian Forest Act – its mainenvironmentallegislationonprivateland,reducingthecoverageofsomeprotectedareasandallowingthecreationofnewhydropowerplantsonundisturbedAmazonianrivers.

IntheEuropeanUnion,theWorkingGrouponEnvironmentalMonitoringandAssessmentwasestablishedin2000toserve as an instrument to provide recommendations, to propose action plans, and to improve coordination ofinternational initiatives inenvironmentalmonitoring, assessment, and reporting.Asanexampleof anenvironmentmonitoringsysteminEurope,wecanmentionCopernicus.CopernicusisaEuropeansystemformonitoringtheEarthandconsistsofacomplexsetofsystemsthatcollectdatafrommultiplesources:earthobservationsatellitesandin-situsensorssuchasgroundstations,airborne,andsea-bornesensors.Itprocessesthesedataandprovidesuserswithreliable and up-to-date information through a set of services related to environmental and security issues. Theservicesaddresssixthematicareas:land,marine,atmosphere,climatechange,emergencymanagement,andsecurity.Theysupportawiderangeofapplications, includingenvironmentprotection,managementofurbanareas,regionaland local planning, agriculture, forestry, fisheries, health, transport, climate change, sustainable development, civilprotection,andtourism.

Considering the above, there is a strong potential to create synergy in cooperation activities between differentenvironmental monitoring applications and users that may lead to innovative solutions regarding sensingtechnologies,thedevelopmentofnewadvancedservicesforsmartenvironments,theoptimizationofdatastorage,securityandprivacy,advancedalgorithmsforbigdata,andcooperation indevelopingcooperativecloudcomputinginfrastructures.

RelatedInitiatives:

TheBilateralAgreementforscientificandtechnologicalcooperationbetweentheEuropeanCommunityandthe Federative Republic of Brazil began in 2007 and was renewed for another five years in 2012. Thecounterpartsare:TheMinistryofExternalRelationsandtheMinistryofScience,TechnologyandInnovation(MCTI)fromtheBraziliansideandtheDirectorateGeneralforResearchandInnovationfromtheEUside.Themainareasofcooperationare:environment;informationandcommunicationtechnologies;food,agriculture,fisheries, and biotechnology; health; nanotechnologies, transport materials and new productiontechnologies;energy;socialsciencesandresearch,aswellasinfrastructures.

ACooperationArrangementwassignedin2013betweentheEuropeanCommission'sJointResearchCentre(JRC)andtheBrazilianMinistryofScience,TechnologyandInnovation(MCTI).Theobjectiveistostrengthenandfurtherstructurescientificandothercooperativeactivitiesintheareasofdisasterpreventionandcrisismanagement; climate change and sustainable management of natural resources and ecosystem services;energy, including bioenergy and smart grids; food security; bio-economy; information and communicationtechnologies(ICT),aswellasnanotechnologies.

The First Brazil-Europe Coordinated Call in ICT was launched in 2010 with two thematic research linesregardingmonitoringsystems:(1)MicroelectronicsandMicrosystems,and(2)NetworkMonitoring.Bothhadspecifically listedastopicsof interestenvironmentmonitoring.Theprojectsapprovedinthiscallrelatedtothis topic were the BEMO-COFRA (Brazil-Europe - Monitoring and Control Frameworks) and theEUBrazilOpenBio(EU-BrazilOpenDataandCloudComputinge-InfrastructureforBiodiversity).

TheBrazilianInstituteofEnvironmentandRenewableNaturalResources(IBAMA),receivedin2013Europeanscientists specialized in remote sensing to follow through cooperation activities between the national andEuropeaninstitutionsinthisfield.TheIBAMAstaffshowedtheirEuropeanpeerstheiractivitiesinmonitoringdeforestationonBrazilian territory.Thegroupalsohada fieldactivity tovisit theBrazilianCerradobiome,whichisnowadaysoneofthemainprioritiesregardingnaturepreservationandfirecontrolinBrazil.


The National Institute for Space Research (Instituto Nacional de Pesquisas Espaciais - INPE), the BrazilianAgriculturalResearchCorporation(Embrapa),theNationalWaterAgency(ANA),theBrazilianForestService(SFB), theNationalSupplyCompany (Conab),and theUniversityofAlagoas (UFAL)participated in theGEOBrazil in 2012, an event related to the Plenary Meeting of the Intergovernmental Group on EarthObservations(GEO).

2.2 SC2.Smartwaterandenergymanagement

Scenario: The population growth and concentration in large communities is making water and energy extremelyvaluableresources.Citiesexperiencingacceleratedgrowthwillbechallengedtoexpandandoperatesustainablyandefficiently,whilemaintainingahighqualityoflife.Smartwaterandenergymanagementaretwokeybuildingblocksof a sustainable world and in particular of the smart cities of the future. Cloud computing (together with sensornetworks, the internet of things, and big data analytics) will become a fundamental part of the cyber-physicalinfrastructureneededtomanageenergyandwaterresources,supportingcontrolfunctions,dealingwiththesensorsandactuators,andcollectingandconvertingthedatatoservicesfordifferentstakeholderswithintherespectivegrids.Thisrequiresreliableandon-demandprovisioningofservicesandinfrastructures(sensorsandactuators),whichmustbe dynamically adapted to new demands and to the growth and changes in the grids. The data and associatedservices, their location and use, are aspects that need to be tackled. Cloud services will thus reach the very endsystems interactingwith the sensing and actuating devices, organized in differentways, within the context of theInternetofThings(IoT).Inthiscontext,thereisaverylargegapbetweenthecloudcomputingandIoTparadigmsthatneedstobeaddressed.

Needs:

Water and energy infrastructures will be deployed in different phases, by different providers and withemergingnewapplicationrequirements.Thiscreatesanextremelyheterogeneousenvironment,that,whenintegrated with the cloud, imposes new challenges to the communication system infrastructure andprotocols. In addition, these heterogeneous devicesmust coexist and cooperate in large scale integratedsystems.

Greencomputingandcommunicationsareanobjectiveorthogonal tomostsystems. Inthescopeofwaterandenergymanagement,therearetwoimportantissuesthatneedtobeaddressedatthecoreofthecloudcomputingsystemandattheIoTlevel:itisparticularlyrelevanttoimprovethelifetimeofbatterypoweredsensing and actuating devices and to reduce operational costs without compromising the processing andcommunicationlevels.

Althoughmuchinformationexchangedinthecontrolofwaterandenergysystemsdoesnotrequirereal-timeactions, it is of utmost importance that the monitoring and actuating data is reliably delivered withinadequatetimeconstraints.Theserequirementsaredynamic,dependingonfactorssuchasthedemandfromtheinfrastructure(e.g.highlevelsofenergyneededfromindustry)andtheresponseincaseofdisasters.TosupportsuchrequirementsthereistheneedtodevelopandmanageIoT-basedcloudsystemswhichsupportreliableand lowlatencyservices,evolvingexitingsolutionsthatareapplied independently ineachofthesedomains,butfailtoaddressthecompletescenario.

Dependingonthedimension/scopeofthemanagedwaterorenergyinfrastructure(e.g.neighbourhood,city,state,country,etc.),thedatacollectedmaycontainsensitiveinformationthatcanbeusedtoextractpatternsandprofilesof thepeople living inthearea.Thisway,different levelsofdataprivacyenforcementmayberequired.Also,aswaterandenergyinfrastructuresarecritical,cloud-basedmanagementsystemsshouldbeprotectedagainstcyber-attacks.

Standardization will be required for implementing policies formore efficient use of water and energy, inparticularforestablishing,implementing,maintainingandimprovingmanagementsystems,includingaspectslikemeasurement,designandverificationofequipment,systems,processesandpersonnelthatcontributetoimproveperformance.


WhyEU-Brazilcooperationisneeded:AccordingtotheCensusof2013,Brazilhasapopulationof200.4million.Also,Brazilhasoneofthebiggestmetropolisoftheworld,SãoPaulo,with10millioninhabitants.SãoPauloandothercitiesin Brazil had a water crisis in 2014. The main source of electricity in Brazil is the hydraulic. In November 2008,hydroelectric plants, regardless of size, respond for 75.68%of the total installed capacity in the country (Carvalho2015).AwatercrisisisalsoanenergycrisisinBrazil.

Intherecentyears,severalcompaniesinBrazilactingasmanagersofpublicconcessionsoperatinginallprocessesofthe full cycle of water are seeking to optimize water consumption and promote a better water distribution. TheaveragewaterlossinBrazil isaround38%accordingtoasurveyfromtheTrataBrazil Institute(Carvalho2015).Theaveragelevelgloballyisbelievedtobeapproximately25%.

Some companies inBrazil are already runningpilot projects onwater distributionmanagement aiming at reducinglosses and improving efficiency, some of them using cloud-based software that allows remote monitoring andmanagementofthenetworkforchangesinflow,pressure,andotherparametersonareal-timebasis.Nowadays,thesmartmeteringconcept ispresent in6Brazilian states, includingSãoPaulo,Riode Janeiro,Paraná,andAmazonia,involving local providers but mainly regarding energy. Other essential services such as water, sewage, and gasdistribution fall behind in termsof a smart grid. The technology for such kindofmetering exists, but they arenotwidelyadoptedbytheserviceproviders.OneexampleisthecityofCampinas, inthestateofSãoPaulo,thatusesaPLCbasednetworktomanagetheaverageconsumptionofelectricityandwater.

Regarding energy, the pioneer in the modernization of its grid, which started a project in 2008, is AMPLA, theelectricitysupplierof66citiesinstateofRiodeJaneiro.Thecompanyoperatesinanareawithmorethan2millionhomesand,withtheuseofsmartmetering,wasabletoreduceby20%theoveralllossonthegridduetotheft.Evenwithsomeinitialproblems,itwasconsideredtobeoneofthebiggestinnovationsinthelastdecadeinBrazil.

Currently, the Brazilian Power Grid ismostly amechanical system,with limited use of sensors,minimal electroniccommunication, and almost no autonomous control. The smart grid is an innovation that has the potential torevolutionize the transmission,distribution, andconservationofenergy.GivenBrazilianpopulationgrowthand theexponential increase in thenumberof power-hungrydigital components in thedigital economy, theremust be anevolutionofthecurrentsystem.

InEurope,thesmartwatermanagementmarketisexpectedtogrowfrom$1.73billionin2013to$3.46billionin2018ataCAGR(CompoundAnnualGrowthRate)of14.9%fortheperiod2013to2018(ETPSGWorkingGroup12016).Themarket is primarily drivenby advancement in technology in the region and smartmeter compliances.Most of theutilities in the EUmember countries have adopted advance solutions, such as pressuremanagement, meter dataanalytics,networkmonitoring,andleakagedetection.TheEU’s20-20-20projectstatesthatbytheyear2020,around80%ofthehouseholdmeterswillbereplacedbysmartmetersandtheabsoluteroll-outwillbeaccomplishby2022.Thisroll-outofsmartmetersisexpectedtodrivetheEuropemarketwithcountrieslikeFranceandGermanytobethepotentialleadersinthesmartgridtechnology.Also,theEuropeanTechnologyPlatformforElectricityNetworksoftheFuture,alsocalledETPSmartGrids,isthekeyEuropeanforumforthecrystallisationofpolicyandtechnologyresearchanddevelopmentpathwaysforthesmartgridssector,aswellasthelinkbetweenEU-levelrelatedinitiatives.

Also, the Strategic Energy Technologies Plan (SET-PLAN) established a 9-year European research, development anddemonstration(RD&D)programmetoaccelerate innovationandthedevelopmentoftheelectricitynetworksofthefutureinEurope.Theprogrammefocusesonsysteminnovationratherthanontechnologyinnovation,andaddressesthe challenge of integrating new technologies under real life working conditions and validating the results. EEGI'sobjectivesarethebaseoftheEEGIRoadmap2010-18andImplementationPlan2010-12,whichhasbeenpreparedbyENTSO-EandEDSO4SGinclosecollaborationwiththeEuropeanCommission,ERGEGandotherrelevantstakeholders.ThisimplementationplanhasbeenformallyendorsedattheSET-PLANconferenceinMadridon3rdofJune2010.

ThecreationofaBrazilianassociationforthesmartgridindustry,likethosethatalreadyexistinothermarkets,whereprojectshavealreadyreachedmillionsofmeterpoints,wouldcertainlybeawelcomesteptoleadtheplansfortheBraziliansmartgrid.The initiativecansucceedinBrazil,wherethemainfocuswouldbetosupporttheworkofthe


regulatoryagenciesandothersindefiningbusinessmodels.Consideringtheabove,acooperationbetweenBrazilandEuropeshowsalongtermstrongpotentialintheexchangeoftechnologiesandscientificknowledgeintheseareas.

RelatedInitiatives:

TheBraziliangovernmentandtheEuropeanCommissionwill launchthe4thcoordinatedcall,whichwillbeofficiallylaunchedinNovember2016,intwomainareas:cloudcomputingandInternetofThings(IoT)Pilots.Thecloudcomputingcallwillfocusonthedevelopmentofinnovativetechnologiesfornextgenerationcloudinfrastructures and services able to address the requirements and tackle the challenges from high-impactsocio-economic applications; standardization, such as interoperability and data portability, should be theenablertodevelopsecureandtrustworthyapplications.TheIoTpilotcallhastheobjectiveofdemonstratingtheIoTtechnologiesandapplicabilityofthealreadydevelopedplatformsinreal-wordscenariosaddressingspecific socio-economic challenges in real-life settings. The 5 areas of interest for this call are: (i)environmentalmonitoring;(ii)smartwatermanagement;(iii)energymanagement;(iv)smartassistedlivingandwellbeing;and(v)smartmanufacturing.Thepilotsshouldinvolveend-usersonbothsidesoftheAtlantic.

The IMPReSSproject isa jointEU-Brazilproject thatended inMarch2016. Theaimof theprojectwas toprovide a Systems Development Platform that enables rapid and cost effective development of mixedcriticalitycomplexsystems involving InternetofThingsandServices(IoTS),andatthesametimefacilitatesthe interplaywithusers andexternal systems. The IMPReSSdevelopmentplatformmaybeusable for anysystemintendedtoembraceasmartersociety.ThedemonstrationandevaluationoftheIMPReSSplatformwas focused on energy efficiency systems addressing the reduction of energy usage and CO2 footprint inpublic buildings, enhancing the intelligence ofmonitoring and control systems, aswell as stimulating userenergyawareness.

UFSC Smart Solar Building is a live lab to perform experiments on sustainability, renewable energies, andintelligentautomation.Thebuildingwasinauguratedin2015,resultingfromajointeffortofthreeresearchgroupsatUFSC:SolarEnergyResearchLaboratory(Fotovoltaica),Software/HardwareIntegrationLab(LISHA),andPowerElectronics.Ithasphotovoltaicpanelsthatproduce40%moreenergythanthebuildingconsumes.Energy supply and consumption technology is designed to support educational activities on therole/operationofeachcomponent (e.g. renewables,grid interfaceandcontrol).ASmartSpaceautomatedwithstate-of-the-artsensorsandactuatorsisavailable,enablingresearchandteachingactivities.

IntheCIA²project,BuildingSmartCities: fromEnvironment InstrumentationtoApplicationDeployment,18BrazilianuniversitiescooperatedtobuildthefundamentalsofBrazilianSmartCities.Theprojectwasfundedby CTIC, RNP's fund for projects related to Smart Cities. Within the CIA² project, LISHA and UnB wereresponsibleforbuildinganinfrastructurefortheInternetofThings(IoT).This infrastructurewascomprisedbyanembeddedplatform(mote)andano-legacynetworkstack.Thenetworkstackfocusesonlowresourceutilization (including processing,memory, energy, and communication bandwidth), while dealingwith theplatform'sheterogeneity,mobility,noisycommunicationchannel,scalability,andconfigurability.

2.3 SC3.Assistedhealthandwell-being

Scenario: Assisted Health and well-being is a key scenario for the application of cloud computing presentingdemandingresearchchallenges.Infact,cloudcomputingisafundamentalenablerforsolvingsomekeychallengesinthe area related to patient centred andmobility (national and trans-national) of health services. This includes theimplementation of disruptive algorithms, protocols,mechanisms, and services to support the Big Data acquisition,storageandprocessing required for the implementationofpersonalized,precisionandsystemsmedicinesolutions.Such solutions should support assisted health and well-being services tailored to individual patient needs,characteristicsandcontexts,butalsosupportdecisionmakersindefiningregional,nationalandtransnationalpolicies(e.g.inpublichealth).Thisway,aspectsrelatedtomandatoryqualityattributeslikeperformance,reliability,security,privacy, scalability, andmaintainability in the contextof cloud computing, cloud services and cloud infrastructures,needtoberesearched.


Needs:

Assisted health requires complete and consistent personal health records. However, due to the privateinformation included, such records should be protected at all time, being only accessible to authorizedpeople when strictly needed. In addition to privacy enforcement, there are also demanding securityrequirements (including availability), in the sense that the systems storing,managing, and accessing suchinformationshouldimplementadequatesecuritymechanismsandberesilienttosecurityattacks.

Inordertobeusefulandavailablewhenneeded,healthrelateddatashouldbeclosetothelocationofthepeople, being accessible from whatever location a given person is. This way, assisted health anywhererequires continuous flow of data across countries and continents, which raise demanding issues of dataavailabilityandportability (seebelow).Also,proactiveservices forwell-beingmayrequirecontinuousdatasharingacrosssystemsrunningindifferentlocations.

Theexistingproliferationofproprietarysystemsandtheexpectedgrowthofglobalservicesinthehealthandwell-beingdomains,togetherwiththeneedfordatasharingandintegration,raisetheneedforassuringtheportability of personal records. This is exacerbatedby the local/national/regional legislations that typicallyimpose constraints to the development and integration of health systems, leading to the development ofproprietary(andclosedsystems)andtotheuseoftailoreddatarepresentationformats.

Rawpersonalhealthrecordscannotbeofopenuseduetotheprivateandsensitive informationthat theycontain. However, such records represent a key source for extracting valuable information for providingadvancedservicestospecificcommunitiesand,generically,totheentiresociety.Infact,theaggregationofknowledgefromindividualrecordsisessentialforgeneralizingsymptomsidentification,treatments,andsideeffects. This way, the anonymization of personal health records is a key need for the implementation ofassistedhealthandwell-beingservices.

Innovative and inclusive cutting-edge health andwell-being services require consolidating different healthcarerecordsofapersonwithinaprimarypersonalhealthrecordthatstoresthehistoryofthatpersonandcan be accessed by authorized entities whenever needed. This raises the need for data portability andsystemsintegration,whichcanonlybeachievedifbasedonastrongandacceptedsetofstandardsfordatarepresentationandforsystemsintegrationandcommunication.

WhyEU-Brazil cooperation is needed:Populationaging inBrazilhasbeenparticularly fast.Thespeedof change isshownbyaveryimpressivedropofthefertilityrate,fromabout6.3childrenperwomaninthe1960stoitscurrentvalueof1.8-wellbelowthereplacementrateof2.1.Atthesametime,lifeexpectancyatbirthinBrazilrosefrom55yearsin1960to73yearstoday.Consideringthis,thehealthcareinitiatives,diseasepreventionandhealthpromotion,managedcare,lifeinsurance,reversemortgages,andcheapermedicineswillhaveagreatnewandexpandingmarket.The13.2millionseniorsof todayalreadyforman importantmarket; thenearly50millionseniors in2050will formone3.8timeslarger.InEurope,theMemberStatesarealsoalreadyfacinganageingpopulationanditsconsequencesonstabilityandeconomiccompetitiveness.

The IoT applications in this area may create use cases that use intelligent devices (e.g. wearables, sensors,smartphones,andintelligenthomeappliances)toautonomouslygeneratereportsonanindividual'sphysicalactivity,overall vital signs andwell-being. It allows the use and sharing of the collected data for personal use or report tospecificservicesthroughconnecteddevicesandmayallowthefollow-upofvulnerablepeople.Thetreatmentofdata,cloudstorage,userempowermentregardingprivacyandsecurityarestrongissuestobeaddressedinthiscooperativeresearch.

Thisway,itisimportanttofosterinEuropeandBraziltheemergenceofinnovativeICT-basedproducts,servicesandsystems for ageing well at home, in the community, and at work, thus increasing the quality of life, autonomy,participationinsociallife,skillsandemployabilityofolderadults,andreducingthecostsofhealthandsocialcare.AnEU-BRcollaborationinthisdomainwouldbeofgreatrelevanceandimpact.


RelatedInitiatives:

INHERITisa4-yearHorizon2020researchprojectbringingtogether18partnerswiththegoalofexaminingthe health and environmental implications of our living,moving and consuming patterns. In practice, theproject joins“experts fromthehealth,environmentandothersectors, including technology, to investigatehowtoensureenvironmentalsustainabilityandimprovehealthequityandwell-being”.Theultimategoalistoseehowwecanmodifyourlifestylestosimultaneouslyprotecttheenvironmentandourhealth.

The European Innovation Partnership on Active and Healthy Ageing aims at “enabling EU citizens to leadhealthy,activeandindependent liveswhileageing, improvingthesustainabilityandefficiencyofsocialandhealthcaresystems,andboostingandimprovingthecompetitivenessofthemarketsforinnovativeproductsandservices,respondingtotheageingchallengeatbothEUandgloballevel,thuscreatingnewopportunitiesforbusinesses”.

TheH2020Linkproject:LinkingExcellenceinBiomedicalknowledgeandComputationalIntelligenceResearchforpersonalizedmanagementofCVDwithinPHC,coordinatedbytheUniversityofCoimbra,bringstogethercompetences in intelligent processing in order to create a research ecosystem to address two centralscientificandtechnicalchallengesforPersonalHealthCare(PHC)deployment:(1)infusionofclinicalevidencebiomedicalknowledgeinPHCsolutions,and(2)movingPHCsolutionsfrompersonaltopersonalizedservices,i.e.,servicesadaptedtothespecificuserneedsandcharacteristics.ThiswillfosterEUimpactandleadershipinintelligentprocessingforCVDmanagementinPHC.

TheCyclopsGroup,atUFSC,isdevelopingnewGraphicComputingandSpatialModellingtechniquessuitedfor the thespecial tasksof flexibleandplatform-independent representationandvisualizationof3-and4-dimensionalmedicaldata,immersiveorganicstructureexaminationandanalysis,supportingdiagnostictasksnormallybetterperformedon3Dreconstructionsand4Dsimulations,andrealisticsimulationoftheelasticand rupture behavior of organic tissue and of articulated organic structures allowing the simulation ofoperative procedures. For this purpose, there is the need for volumetric data acquisition techniques frommedicalcross-section imagestacks,aswellasthestructuresrequiredfortherepresentationofthiskindofdata. Suchprocedures and structures aim to achieve the requisites of a virtual and cooperativeoperationroom. Besides the computational models for medical spatial data representation, visualization andmanipulation,thegoalistohavealow-costsolution.Thus,cloudcomputingcanhelptoprovideeasyaccesstodataacquisitionandprocessing(LAPiXImageProcessingandComputerGraphicsLab2016).


3 Drivers

Thedriverscanbeseenaschallengesforthedevelopmentofcloudcomputingtechnologiesandmodelsneededforimplementing the scenariosdefined in theprevious section.Twokeydriversareobviously complexity,whichoftensproutdifficultiesinsystemsdevelopment,andthepaceofchangethatrequiresorganizationstorapidlyunderstandthebenefitsanddrawbacksofcloudcomputing,whilemaintaininglegacysystemsandobsoletetechnologies.Inthischapter, we discuss the main drivers for expanding research activities on cloud computing, including security,consideringthreeperspectives:

• Cloudcomputingtechnologiesareglobalandpervasive,raisingnewsecurityanddataprivacydemandsabletotackleemergingcyber-threats,andcreatingtheneedfordataflowandportabilityacrossservices,systems,countries,andcontinents.

• Socio-economicfactorsaffectthecloudcomputingmarket,includingdemandscreatedbynational/regionalregulations,andhumanfactors(humansaspartanddriversforcomplexsociotechnicalsystems),andothersocietal aspects demanding for new ways of deploying and providing innovative services for inclusivesocieties.

• Technologicalinnovationcreatesnewissues,suchasgreencomputingforasustainableenvironment,accesstoopendata for supportingadvancedservicesandresearch,andstandardization tosupport integrationofdataandsystems,andforbackwardscompatibility.

Table 1presents a preliminarymappingbetween scenarios anddrives, highlighting the importance/impactof eachdriverintheachievementofagivenscenario(asimplequalitativescalewiththreevalues,low,mediumandhigh,wasusedforsimplicity).Forexample,thetableshowsthatsecurityandprivacy,dataflow,andportabilityaremandatoryaspectsfortheimplementationoftheAssistedhealthandwell-beingscenario.Ontheotherhand,thosesamedrivershave a low-to-medium relevance in the context of the scenario on Smart water and energy management. Thefollowingsectionsdiscussthedriversingreaterdetail.

ScenarioSC1Environment

ScenarioSC2Energy/Water

ScenarioSC3Health

CloudcomputingtechnologiesareglobalandpervasiveSecurityandprivacy low medium highDataflow medium low highPortability medium low highSocio-economicfactorsaffectthecloudcomputingmarketRegulations medium high highHumanfactors high medium highInnovativeservices low high highTechnologicalinnovationcreatesnewissuesGreencomputing high medium lowOpendata high medium mediumStandardization medium high high

Table1.Mappingbetweenthescenariosandpotentialdrives.


3.1 DR1.Cloudcomputingtechnologiesareglobalandpervasive

DR1.1.Securityandprivacy:Fullyassuringdataprivacy,whileallowingpeopletodefinefine-grainedaccesscontrolpoliciestotheirdata,willbekeychallengesforthedevelopmentoffuturecloudsystemsandservices.Infact,societyisbecomingmoreandmoreawareoftheimportanceofkeepingdataprivate,butalsounderstandingthatdifferentdatamayrequiredifferentlevelsofprotection.Thiswillbeexacerbatedbytheexistingtrendofmovingalldataandapplicationstothecloudandbyemergingcyber-attacks.Keyaspectsaretheadequatedefinitionandenforcementofaccess policies in the context of big data that allow keeping performance overhead at acceptable levels. Also,protecting large volumes of data during storage and processing against unauthorized and malicious accesses(attackers)willrequiredisruptiveapproachesintheareasofdataencryption,obfuscationandmasking,includingtheneedformechanismsabletodecidewhat,whenandhowdataandinformationcanbereleased(e.g.consideringthepotentialabilityofattackerstoextractpatternsfromaggregateddata).Obviously,thiscanonlybeachievedifsecurityaspectsareassuredat the storage, communicationandprocessing levels,whichwill require the real applicationofdefence-in-depth approaches that cover all aspects and layers of cloud infrastructures and services (includingintrusion detection at all levels, vulnerability detection and real-time repair, and advanced authorization,authenticationandaccountingsolutions).Adding to theexpectedbigdatavolumes,privacyandsecuritychallengeswillbeintensifiedbytheneedforcontinuousmovementofdata,bythedemandforportabilityacrosssystems,andbythe development of new systems based on the integration of existing ones (i.e. systems of systems, which arecharacterizedbyemergentbehavioursthatcannotbepredictedbyanalysingthecomponentsystems,butonlyinthecontextof thesystemasawhole),amongothers.Assuringandproviding (communicating)evidencesaboutprivacyandsecuritywillalsobemajorchallengesinthefuture.

DR1.2.Dataflow:Allowinglargevolumesofdatatoflowacrosssystems,countries,regions,andcontinents,inordertobeusedbydifferentpartiesorprocessedclosetothelocationwheretheyareneeded,willraiseseveralchallenges.Of particular importancewill be the need formoving large volumes of data across different cloud infrastructures,services,providers,andconsumers,distributedworldwide, inawaythatallowsnearly real-timeaccess todataandresources. Another key aspect related to effective data flow is the need for assuring data quality (correctness,completeness,integrity,etc.),thusrespectingregulationsandqualityofserviceagreementsthathavetobespecifiedin advance.All these aspectswill require high-performancedata communication channels andprotocols, and raisenewchallengesrelatedtodataflowcontrol,monitoring,logging,auditing,andanalysis.Dataflowalsoraisechallengesrelatedtootherdriversincludingprivacy(theflowingdatashouldmaintaintheirprivacyproperties),portability(datashouldbereadablebydifferentsystemsandservices), standardization (todefinecleardata formatsandflowrules,thus supporting privacy and portability), and national/regional regulations and agreements (to support privacy,portability,andstandardization,whileregulatingwhat,whenandhowdatacanbeshared),amongothers.

DR1.3.Portability:Dataportability,theabilityformovingdataacross interoperablesystems,applicationsandcloudservices,willonlybepossibleifcertainchallengesarefulfilled,providinganessentialbasisforopeningaccesstodata,drivenby standardsand regulations, and thusavoiding vendor lock-in. In addition toquality, a keyaspect fordataportabilityisdatarepresentation,includingatthemeta-datalevel,posingmajorchallengestoenterpriseadoptionofcloud computing services nowadays,whichwill be further exacerbatedwith the increasingmovement of data andservices to the cloud. In practice, achieving full data portabilitywill require the definitionof standard formats andadvancedlanguagesfordefiningsemanticsatthemeta-level.Obviously,theextremelyhugediversityofcontentsandrepresentationformats,andtheevergrowingsizeofdatawillmakesuchinitiativesofgreatdifficulty.Akeyconstraintwillbetheneedformaintainingbackwardscompatibility.Portabilityisalsorelatedwithotherdriversincludingdataflow,opendataandstandardization.


3.2 DR2.Socio-economicfactorsaffectthecloudcomputingmarket

DR2.1.National/regionalregulations:Societywillbecomeincreasinglydependentonlarge-scalecloud-basedsystemsand services, as well as advanced cyber-physical systems, which in the event of major service failures (includingprivacy and security) may cause not only significant economic loss, but also severe accidents or loss of vitalgovernmentandpublic services.Thisdependencewill increase theefforts to regulatemany issues related tocloudcomputing, as regulators seek to protect the public (for example, data retention regulationsmay bemotivated bycyber-crime and terrorism). Such regulations will be issued by different authorities and for multiple applicationdomainsandbepotentiallyincompatible/inconsistent(e.g.privacyregulationsonthehealthdomainwillbedifferentfromthewaterandenergymanagementdomain),thusimpactingandconstrainingthedevelopmentandoperationofcloud infrastructuresand services.Agreateffortwillbeneeded to influence regulatorybodiesandauthorities inaway thatallowssatisfying individualneedsand requirementswhileassuringabroader reach.This ismandatory forcloudsystems,servicesanddataintendedtobeusedacrossbordersanddomains.

DR2.2.Humanfactors:Humanfactorscantaketwoperspectives,whichwillbothdrivecloudcomputinginthefuture:humansaspartofcomplexsociotechnicalsystemsandhumansasdriversforthedevelopmentofnewsystemsandservices.Itiswellknownthatcomplexsystemsrelytoalargeextentonhumanoperatorsandtheirabilitytohandlefailuresandothercriticalevents,includingsecurityaspects.Infact,experienceshowsthateveninsystemsthathavebeen designed to be highly resilient (e.g. telephone systems and large file servers) outages are often caused byoperatormistakes(Pattersonetal.2002).Whilehumanreliabilityanalysishasalonghistory,thereisastrikinglackofadequate techniques forassessingandmodellingusersandoperators incomplex roles,whichwillbean increasingdemand for futurecloud-basedsystemsandservices indifferentdomains.On theotherhand, thedesignof futuresystems is expected to be fully human-driven, taking into account human and societal requirements and needs.Understandingsuchrequirementsandneedsandaccommodatingchangeswillrequirenewapproachesformodellinghuman-computerinteractionsanddependencies.

DR2.3. Innovative services: The cloud computing paradigm has the potential to democratize the access toinformation,resources,andadvancedtoolsthatwerebeforeonlyavailabletolargecompaniesandrichcountries.Theaccess to information and computing resources will stimulate entrepreneurship, innovation, information andknowledge, which will generate competitive advantages. However, this will raise the need to accelerate thedevelopmentanddeploymentofnewcloudcomputingsupportedservicesandbusinessmodels,targetingthedesignanddeliveryofinnovativeInternetservicesbynewplayerslikesmallandmedium-sizedenterprises,communitiesandindividuals.Thiswillbeparticularlyrelevantinemergingeconomiesdominatedbystrongpublicsectors,universities,andlargecompaniesthattendtodominatethemarketanddifficulttheaccessofnewplayerstoinformationintensivebusiness activities. Innovative services will include new small and medium-sized enterprises or community basedservicesbasedonopendata,bigdata,crowdservices,e-governance,culturalcontent, inclusiveactivitiesandmanyotherbottomupdrivenservicesandbusinessmodels.

3.3 DR3.Technologicalinnovationcreatesnewissues

DR3.1.Greencomputing:Thereareseveralongoinginitiativestomakeefficientuseofcomputerresources,toreducethe emission of greenhouse gases and to improve the environment. Due to the expected growth of future cloudinfrastructures,energyconsumptionwillbecomeamajorissuethatneedstobeaddressedfrombothhardwareandsoftwareandstorageandprocessingperspectives.Infact,althoughonetendstoassumethatenergyusageismostlyrelatedtohardware,that is indeednotthecase,assoftwaredesignand implementationdecisionsclearly influencethe amount of processing and storage capabilities needed, thus largely determining the energy consumed bycomputer and network systems and associated cooling infrastructures. This way, new approaches for cloudinfrastructures and services design will be needed, including low energy data storage and processing hardware,energyefficientsoftwaredesignand implementation,andenergy-drivenresourceprovisioning. Inadditiontogreenusage(energyconsumption), thereareother issuesongreencomputingthatwillalsohavetobeconsidered inthefuture,namely:greendesign,greenmanufacturing,andgreendisposal.


DR3.2.Opendata:Opendatacanbefreelyused,reusedandredistributedbyanyonewithoutlimitationsimposedbycopyrights,beingsubject,atmost,totherequirementtoattributeauthorship.Theconceptisgroundedinthreekeynotions:availabilityandaccess (data shouldbe freelyavailableasawhole), reuseand redistribution (datamustbeprovided in a way that allows free reuse and redistribution), and universal participation (there should be nodiscriminationintheaccesstothedata).However,fullyopendatawillbringspecificchallengessuchasanonymizationand portability. On the one hand, some data can only be open if adequately anonymized to remove sensitiveinformationandeventopreventtheextractionofpatterns.Ontheotherhand,opendata isusefulonly if itcanbeportedacrosscloudsystemsandservices.Opendataisofutmostimportanceforthescientificdevelopmentinmanydomains as it provides the means for testing and validating new techniques and tools. From a governmentalperspective,opendatacanbeused to supportdecisionmakingandalso forassuring transparencyofmanagementprocessesandprocedures.Finally, fromabusinessperspectivethevalueofopendatawill increaseconsiderably,assuch data will allow defining new disruptive products and services for more innovative and inclusive societies. Inpractice, new combinations of open data will allow creating new knowledge leading to whole new fields ofapplication.

DR3.3. Standardization:Standardization isakeyaspect tomaximizecompatibility, interoperability, repeatability,orquality. It can facilitate custom processes, procedures, products, and services. In cloud computing, the idea ofstandardizationcanbeseenasthesolutionforthecoordinationproblem,inwhichallpartiescanrealizemutualgains,butonlybymaking consistentdecisions. This is clearly the case foropendata, portability, data flow, amongotherdrivers.Thisway,thedemandsforstandardizationwillbeexacerbatedbytheneedforsharingdataacrosssystems,countries, regions, and continents, both for the cases of open data and proprietary data. Standards are need forspecifying formats for data representation, including formeta-data. Also, standardswill be needed for supportingreliablesystemcommunicationandintegration.Finally,standardswillbeessentialformanagingsecurityandprivacyaspectsofbigdatainthecloud,includingenforcingapplicationdeveloperstohandlepersonaldataadequately,whileallowingpeopletodefinefine-grainedaccesscontrolpoliciesfortheirdata.


4 StateoftheArt

Thischapterhighlightsanumberofkeyconceptsoncloudcomputing,namelyarchitectures,models,andtypes.Then,it discusses the use and benefits of cloud computing from different perspectives, focusing on business, user, andgovernment. Finally, related researchworks andprojects arepresentedwith the goal of characterizing the currentsituationinwhatregardsthechallengesraisedbythemaindriversdiscussedintheprevioussection.Thechapterdoesnot intend to provide a full overview on the state of the art (SotA), but to provide the basis for supporting theidentificationofthegapsthatpreventtheimplementationoftheproposedscenarios.

4.1 KeyCloudconcepts

The architecture of a cloud computing environment includes two main parts: the frontend and the backend,connectedbyanetwork,whichismanytimestheInternet.Thefrontendreferstotheclient-sideandcomprisestheapplicationsandtoolsthattheclientneedstousethecloudservices.Theseapplicationscanbequitedifferent,canpresentdifferent interfacestousers,andalsousedifferent interfacestoconnecttothebackend,dependingontheparticularcloudsystemdeployed.

Thebackendisthecorepartofthecloudcomputingenvironmentandreferstoalltheresourcesthatarenecessarytoprovidethecloudservices.These includephysicalorvirtualhardware,operatingsystems,middleware,applications,services,andbusinessprocessesthatformasharedpoolofresourcesthatcanbeprovisionedon-demandtousersorreleasedveryquickly.Themaincharacteristicsofacloudcomputingsystemareasfollows(MellandGrance2011):

• On-demand self-service: the goal is that the client can itself provision computing resources (e.g. storage)withoutfurtherinteractionwiththecloudsystemproviderormanager.

• Broad network access: the cloud computing services are made available on the network, supported bymechanismsthatfacilitatetheaccessbyavarietyofheterogeneousclients.

• Resourcepooling:thecloudresourcesarekeptinpoolsforfastprovisiontoclients,withoutclientsknowingthephysicallocationoftheresourcesinuse.

• Rapid elasticity: the resource demand is dynamic and so is the provision of capabilities, with elasticacquisitionandreleaseofresourcesbeingakeyfeature.Theclienthasanillusionofcomputingcapabilitiesthatarenotlimitedbyspecificinstantaneoususes.

• Measured service: the cloud system is able to monitor, control, and to report the use of computingresources.Thus,ithasthemechanismstomeasure,control,andoptimizetheuseoftheresources,accordingtotheprovidersandclients’goals.

Acloudcomputingenvironmentcanbedefinedaccordingtodifferentservicemodels,andalsoaccordingtodifferentdeploymentmodels,asdiscussednext.

4.1.1 CloudServiceModels

IntheInfrastructureasaService(IaaS)modelthefocusissetonthehardware,beiteitherphysicalorvirtual,andthegoal isthatproviderssharetheresourcesofthatinfrastructureamongclients,asdepictedinFigure5(Fehlingetal.2014). Self-service, fast elasticity, combinedwithpay-per-usemodels are, as in the remaining servicemodels, verytypical.


Figure5.TheIaaSservicemodel.

Theclient isabletoeasilyacquirecomputingresources,suchasprocessingorstorage,andusethemtodeployandexecutesoftware,whichtypicallyareoperatingsystemsandmiddlewaresuchasapplicationservers,andapplications.Managementandcontrolof the infrastructure isnormallynotcarriedoutby theclient,although it cancontrol thesoftwarethatwillbedeployedontopoftheinfrastructure(MellandGrance2011).Theoccurrenceofworkloadsthathave reoccurring peaks or that have one outstanding peak demand a model where IT resources can be quicklyprovisioned(Fehlingetal.2014).

The Platform as a Service (PaaS) service model, depicted in Figure 6, targets to provide application hostingenvironments to clients, so that they can be elastically provisioned on-demand. The goal is that the cloud offersmanagedoperatingsystemsandmiddleware.Theproviderisinchargeofthemanagementaspects,suchastheneedfor scaling or acting upon failure of the platforms (Fehling et al. 2014). In practice, in the PaaSmodel, the clientdeploysapplicationsontopofthecloud-providedplatform.Again,theclientdoesnotmanagetheinfrastructure(e.g.servers, operating systems), and simply controls the deployments and some configuration of the hosting platform(MellandGrance2011).

Figure6.ThePaaSservicemodel.

TheSoftwareasaService(SaaS)servicemodel,illustratedinFigure7,consistsofprovidingapplicationsoftwarethatis human-usable so that it is shared among clients and at the same time fulfils the cloud characteristics. Asmanyapplicationshaveturnedintocommodityandareusedinmanycontextsfromenterprisetohome-use,thecloudhasevolvedtoallowtheusecompletesoftwareapplicationsthatcanthenuseiton-demand,withappropriateinterfaces(Fehlingetal.2014). Inpractice, theclientcanuse theprovider’sapplications that runon thecloud infrastructure.Typically, such applications are available for use from a variety of client devices, ranging from thin-clients (e.g.browsers) tofat-clients (e.g.adesktopapplication).Asbefore, theclientdoesnotmanagethe infrastructure,but itdoes also not manage the applications being provided (Mell and Grance 2011). In general, the only client-sidemanageableaspectsarespecificuserconfigurationsoftheapplicationsbeingprovidedbythecloudenvironment.

BusinessProcesses

ApplicationSoftware

Middleware

OperatingSystems

VirtualHardware

PhysicalHardwareInfrastructureasaService

BusinessProcesses

ApplicationSoftware

Middleware

OperatingSystems

VirtualHardware

PhysicalHardware

PlatformasaService


Figure7.TheSaaSservicemodel.

4.1.2 CloudDeploymentModels

Thereare4well-knownclouddeploymentmodels:Private,Public,Hybrid,andCommunity.ThePublicCloudaimsatproviding computing resources to a large customer group, so a provider of this kindhas tomaintain physical datacentresthatcansupportapotentiallyverylargebaseofclients,andthecomputingresourcesshouldstillbeaccessibleinadynamicway.Asthehostingenvironmentissharedbetweenmanyclients,ithasthepotentialtoreducecostsforindividuals(Fehlingetal.2014).

ThePrivate Cloud is to beusedbyoneorganization,whichwill have several consumers, andwhere resources areprovidedtomeethighrequirementsonprivacy,security,andtrustwhilestillofferingthetypicalcloudcharacteristics,suchasthedynamicuseandprovisioningofresources(Fehlingetal.2014).Thecloud infrastructure itselfmightbeowned,completelyorpartiallymanagedbytheorganizationitself,orbyathirdpartyandmaybephysicallylocatedon site or not (Mell and Grance 2011). The motivation is that there are many cases where legal limitations orregulationsandsecurityconcernsbringintheneedforasolutionthatisaccessibleonlytotheemployeesofaspecificorganization.

The Community Cloud is built to be used by some specific community of consumers, which may touch differentorganizations. These organizations will however have some common concerns, interests, or goals (e.g. security,mission).Oneormoreoftheorganizationsinvolvedmightmanagethecloud,butmanagementcanalsobedelegatedtoanexternalentity.Theymightalsosharethesemanagementoperationsorconcerns.Theclouditselfmayexiston-oroff-site(MellandGrance2011).Thegoalistoprovideresourcesasaservicetoaparticulargroupofclients,whichhavesomedegreeoftrustamongthem,sothatthepoolofresourcescanbeelasticallyused.Thecontext isthat, ifthereiscollaborationamongorganizations,itistypicalthattheyshareresources(applications,information,etc.).Thiskindofdeploymentmayfacilitatecollaborationandlowerindividualcosts(Fehlingetal.2014).

IntheHybridCloud,differentcloudinfrastructuresareusedtocomposeahomogeneoushostingenvironment.Whilethecloudsremainindividualentities,theyareconnectedbystandardtechnologiesthatallowtheportabilityofdataandapplications(e.g.toenableloadbalancingbetweenclouds)(MellandGrance2011).Thesettingisthattheneedsoforganizationsarequitediverse,andsuchdeploymentmodelbetterfitsthoseheterogeneousneeds(Fehlingetal.2014).

4.2 CloudComputingfromdifferentperspectives

Cloudcomputinghadaveryfastevolutioninthepastfewyears.Inordertoexploreall itspotentiality,aswellastoidentify gaps and opportunities, it is necessary to understand the various aspects involved in cloud computingenvironments, namely in termsof risks andbenefits. In this sectionwediscuss the benefits and the risks of cloudcomputingfrombusiness,user,andgovernmentperspectives.

BusinessProcesses

ApplicationSoftware

Middleware

OperatingSystems

VirtualHardware

PhysicalHardware

SoftwareasaService


4.2.1 Businessperspective

From the business perspective, cloud computing bringsmany benefits. For example, it allows the configuration ofbusinessservicesthatcanbeaccessedfromanywhereatanytimefrommanydifferentdevices,likesmartphonesandtablets, giving a widespread visibility, use and access to the service. Another important benefit is the increasedefficiency,i.e.,servicesaredeployedandreadytouse(muchmore)fasterthaninthetraditionalcomputingmodel.Inthefollowingwepresentthemainbenefitsofthecloudcomputingusefromabusinessperspective:

• Businessagility:inthecloudcomputingparadigmitiseasytogettheresourcesthatoneneedsforaservice.These resources could be physical infrastructures as computational power and storage (IaaS), a platform(PaaS),orevenasoftware installation (SaaS).Moreover, theaccess to theseresourcesdoesnotdemandahighinitialcapitalinvestment.Thesecharacteristicsleadtoafastertimetomarket.

• Easy service operation: by using standards, operational issues and defects are significantly reduced. Thisincreasesbusinesscontinuityandreducesthetimespentwithoperationalissues,allowingfocusingmoreontheaspectsthataremoreimportantforthebusiness,whilealsoreducingtheoverallcosts.

• Betteruseof resources:cloudcomputingallowsorganizationstousedistributedcomputingresourcesthataresharedasservices.Thisallowsamoreefficientuseof resources.Moreover,as theserviceoperation iseasy,theemployeescanspendtheirtimesinotherusefulactivitiesthathavepotentialtobringvaluetothebusiness.

• Reduced costs: cloudcomputingbroughtanewway topay for thecomputinguse, i.e.,onlywhat is reallyusedmustbepaid.Moreover,cloudcomputingleadstoreducedinfrastructurecostsandenergysavings,aswell as reducedupgradesandmaintenancecosts (moving the service to thecloudmay reduce thecostofmanagingandmaintainingInformationTechnology(IT)systems).

• Scalability:cloudcomputingmakesiteasyforenterprisestoscaletheirservicesaccordingtotheirdemands.Moreover,ifsomeserviceneedsmoreresourcesinsometimeperiods(e.g.specificmonthsofayear),cloudcomputingallowstheservicetomeettherequirementwithoutsupportingthecostsofhostingatraditionalinfrastructureallthetime.

• Innovation and new business models: cloud computing makes possible new classes of applications andservices, like mobile interactive applications that are location-aware and applications that need parallelprocessingwhereitispossibletouseahugeamountofcomputationalpowertoanalysedatarapidly.

Themainbenefitsfromthecloudcomputingparadigmarerelatedwiththecostreductionandtherapidlydeploymentofnewservices,thuspotentiallyincreasingsavings/winnings.Akeyaspectisthatresourceconsumptionisadjustedtotheneedsoftheservices.However,therearesomerisksrelatedtotheuseofcloudcomputing.Inthefollowingwehighlighttwomainaspects:

• Service availability: if amission-critical service is deployed in the cloud, the cloudprovidermust supply ahigh-qualityserviceandavailabilityguarantees,asdemandedbysuchenvironments.Moreover,asusual inthecloudcomputingparadigm,theserviceisaccessedfromtheInternet,whichisanotherpointthatcouldbreakavailability.

• Datasecurity(privacy,integrityandconfidentiality):inthecloudcomputingparadigm,thephysicalcontrolofthedataislost.Usually,itisnotpossibletoguaranteethelocationofthedataonaspecifiedsetofserversatsomelocation,whichisnotthecaseintraditionalinfrastructures.Infact,thedatacontrolisdeliveredtothe cloudproviders, thusbringingmany challenges. For example, it is difficult to ensure that the result ofsomecomputationexecutedinthecloudiscorrect(i.e.,thattheserviceisworkingproperly)oreventhatthedatareceivedfromthecloudisaccurate.


4.2.1 Userperspective

CloudcomputingoffersbenefitslikescalabilityandautomaticresizingandcaneventransfercompletelytheburdenofinfrastructureandITservicesoperationatrelativelylowcosts.Insomecases,itiscertainlytheonlyaffordableoptionforITservices.However,therearerisksinvolved.Forexample,inthecaseofstrategicbusinessdatascatteredinthecloud,likecustomerdatabases.Thisway,theenvironment,thecontext,andrequirementsandpossiblethreatsleadtocomplexsecurityissueswherecurrentconceptsandpracticesmightnotbeappropriate,sufficientorapplicable.Inthishighlyheterogeneousscenariotwoissuesshouldbeconsidered:

• Multi-tenancy:cloudshostseveraltenants,whichconsumetheirservices.Separationbetweenthemhastobeguaranteed.Currently,mostseparationmechanismsareembeddedinvirtualizationandtrustsystems.Asarequirement,separationmustbemaintainedatthelowestlevel.Forinstance,afailure,incidentoreventina tenant contextmayaffectother tenants, e.g. duringa security incident in a tenant context, response toother tenants may be held inaccessible for forensic reasons. This is hardly acceptable and certainlyundesirableandcanbeevenworseifgeographicaldispersionisconsidered.Thisjustshowsthatbeyondtheforensicchallenge,thereisamuchbiggeroneintermsofresourcemanagementandallocationinthecloud.

• Privacy and identity: privacy and identity are complementary issues in cloud environments. Initially,geographicaldispersionmay imply trans-nationality, so thatdifferent legal requirementswouldhave tobesatisfied by providers. Privacy determineswhich datamight be exposed towhom. For effective control, itmustbeestablished“what”iswho.Andthatisrelatedtoidentityissues.Identityservicesshouldbecapableofdealingwithdifferentscenarios,whichleadtoapplicationslike:easyonlineidentitymanagement,onlinecollaborativeworkenvironments,paymentsystemshostedonsmartphonesorusingRFIDwithprivacy,andhealth information infrastructure and services. Among other requirements, identity services should: bedevice independent,providesinglesign-on(useonesinglevalidationprocess tograntaccess toseveral (orbetter, all) services), provide aliases and discrete identities to preserve privacy, be interoperable, providefederatedmanagement,andbetransparentandauditable.

4.2.2 Governmentperspective

Cloudcomputingsolutionscanbeveryproductiveforgovernmententities.Forinstance,theycouldallowthetransfer–withlowcosts–oftheinfrastructureoperationsonus,whencomparedwithothertraditionaloutsourcingsolutions,likecollocation.However,oneofthebiggestchallengesisthesecurityofsensitiveinformation.Animportantissueinthis sector is the data location, as usually cloud services store data in a distributed manner in order to provideredundancyandperformance,butforgovernmentusethisfeaturecancauseseriousconcerns,sincethegovernmentdatacouldbestoredinforeignterritories,andthusbesubjecttotheregulationsofothercountries.

Government entities benefit from the use of cloud computing as much as private companies, although thebureaucracy of governments can slow the adoption process. By enabling local small and medium companies toparticipate, the government use of the cloud stimulates this market. In fact, the use of cloud computing bygovernmentshasseveraluseexamplesaroundtheworld.Severalcountriesarealreadyrunningdifferentframeworkmodelsinordertoenableandfacilitatetheadoptionofcloudservicesbyitsentities.Next,wegivesomeexamples:

• Brazil:recently,theMinistryofPlanning,BudgetandManagement(MPOGinPortuguese)releasedaguideofgoodpracticestobefollowedbythefederaladministrationforhiringcloudcomputingservices.Thisguideispartofagovernmentstrategyto implementcloudcomputing for themaingovernmententities.Theguideimplements the first phase of the strategy in order to reduce costs relatedwith the implementation andmaintenance of IT infrastructures. In practice, the guide states some general policies for cloud use in thegovernmentalcontext.Firstofall,itimposessevererestrictionsonfederalentitiestoacquiresafe-roomsandtoimplementtheirowninfrastructurewithouttheexpressauthorizationfromtheSecretariatofLogisticsofInformationTechnology(SLTI)oftheMinistry.Therecommendationdefinesthattheonlyservicesallowedtobeinthecloudarethosethatdonotcompromisenationalsecurity,whichmaybehostedinhybridclouds.Theguidedoesnotprovidemethodologiestoauditstoreddata,whichdiscouragetheuseofpubliccloudforthestorageofsensitive information.Another importantpoint is that it restricts thestorage locationof the


data in thecloud.Theprovidercontractedby the federaladministrationmuststorealldata (classifiedandnon-classified)inthenationalterritoryonly.Anotherimportantpointofviewdiscussedintheguideisrelatedto basic cloud challenges such as availability and portability, with the purpose of assuring the quality ofservice.This isa first stepofagovernmental strategy inBrazil tomigratemostofnon-criticalgovernmentservices to the cloud. The next steps of this strategy will define the requirements and rules on how tocontractcloudservicesfromprivateandpublicproviders.

• UnitedKingdom: intheUK,severalgovernmentservicesarerunningonthecloud.Theprovidersforcloudservicesmust be firstly accreditedby the government and all the accredited companies enter a cataloguethatfacilitatesthehiringofanyproviderbygovernmententities.Thecurrentrulespecifiesthattheprocessofaccreditationdoesnotinvolveanykindofinspectionthatcertificatescompaniesregardingsecurityoranyotheraspect,anditiscomposedonlybyatermofservicethatthecompanycertifiesasbeinginaccordancewiththeprotectionlawofBritannicdata.UnliketheBrazilianrecommendation,somesensitiveinformationcanbestoredinprivatecloudservers.TheBritishgovernmentdefinesthattheowneroftheinformation,i.e.,the institutionthathiredtheservice, is responsible fortheprotectionof that information.Tofacilitatethisprocedure,theBritishgovernmenthasaguideonhowtoinspectthesecurityofcloudservicesproviders.

• UnitedStatesofAmerica:theUSAalsoaccreditsprivatecompaniestoprovidecloudcomputingservicesforAmericangovernmentbodies.Theprocessismadebyoutsourcedcompaniesand,unliketheBritishinitiative,it involves an inspection of the service, verifying its compliance to the established standards. After theauditingprocess,theenabledcompaniesreceiveatemporarycertificationthatallowsthemtobeincludedina catalogue that facilitates the hiring process by governmental entities. The initiative also defines theutilizationofcloudcomputingformilitarypurposes.TheDefenseInformationSystemsAgency(DISA)extendstheaccreditationprocesswithmorerigidstandardssothatprivateproviderscanparticipateinthismodel.

4.3 Relatedresearchworksandprojects

InthefollowingsectionsweoverviewthestateoftheartregardingthedriversdefinedinSection3.Foreachone,wepresentrelatedresearchworksandprojectswiththegoalofbetterunderstandingtheexistingsolutionsformakingpossiblethescenariosproposedinSection2.

4.3.1 Securityandprivacy

Thecloudcomputingenvironmentbringsincloud-specificthreatstosecurityandprivacy.Theseincludeoutsourcing,which leads customers to physically lose control of their information and tasks; multi-tenancy, where the cloudplatform is sharedamongmultiple customers;and large-scaledataand intensecomputation,where the traditionalsecurity mechanisms may not apply due to their overhead (Xiao and Xiao 2013). However, many traditionaltechniques have evolved for application to the cloud, including intrusion detection techniques based on anomalydetection,machine learning, or genetic algorithms (Modi et al. 2013). Securing data in the cloudusing decoys hasbeenproposedin(Stolfo,Salem,andKeromytis2012).Theapproachisbasedonmonitoringdataaccessesperformedin thecloudanddetectinganomalousaccesspatterns.Whenever thereanunauthorizedaccess isdetected,a largeamountofdecoyinformationissenttotheattackersothatthereal informationismoredifficulttofind.Authorsin(Wangetal.2013)aimtocreatea frameworktoallowthird-partyauditingoncloudsystemsandthat,at thesametime, is able to preserve users’ privacy. In (Santos, Gummadi, and Rodrigues 2009) a platform for trusted cloudcomputing is proposed. The platform aims to ensure confidentiality and integrity of the computation that isoutsourcedtoIaaSservices.Inshort,theplatformprovidesanexecutionenvironmentforaparticularclient’svirtualmachine and guarantees that cloud administrators cannot inspect or alter its content, even if they have sufficientprivileges.

The H2020 CLARUS project (“A Framework for User Centred Privacy and Security on the Cloud (CLARUS)” 2015)addressessecurityissues,suchasconfidentialityandprivacy,andaimstodevelopasecureframeworkforthestorageand processing of data outsourced to the cloud. This frameworkwould allow several important activities, such asmonitoring or auditing,without sacrificing functionality or the cloud’s benefits. In practice, a dedicated proxy at atrusteddomainwillbeavailabletotheenduserandwillprovidethenecessarysecurityandprivacyfeatures.WITDOM


(“empoWeringprIvacy and securiTy inNon-trusteDenvirOnMents (WITDOM)”2015) is anotherH2020project thattargets the future Internet in particular regarding mechanisms for ensuring privacy and integrity of personalinformationonthecloud.Thisprojectaimsatprivacyenhancingtechniques,efficientdataprocessingintheencrypteddomain,andondevelopingaframeworkforevaluatingsecurityandprivacy.Akeygoalistoallowservicestoprovideprivacy,thatisbothefficientandverifiable.PRISMACLOUD(“PRIvacyandSecurityMAintainingServicesintheCLOUD(PRISMACLOUD)”2015) isalsoaH2020projectthatfocusesonprotectingdataonthecloud.Itfocusontechniquesforoutsourcingcomputationthatareverifiableandthatpreserveauthenticity.Thesecureconnectionsandvirtualizedenvironments configuration are verifiable using cryptographic techniques, privacy issueswill be tackled using dataminimizationandanonymizationtechniques,amongotherprivacy-preservingtechniques.

TheEU-BRSecureCloudprojectstartedinJanuary2016withthegoalofenablingnovelbig-dataapplicationstohandlesensitivedatainthecloudtakingintoaccountsecurityandprivacyaspects.Also,theEUBra-BIGSEAproject,startedatthesametime,aimsatdevelopingcloudservicesempoweringBigDataanalyticstoeasethedevelopmentofmassivedataprocessingapplications.Inthisscenario,traditionaltreatmentofdata,fromsecuritytotransformation,maybeinefficientandinadequate.Thus,theprojectaimsatresearchingefficientmechanismstoensureprivacyandsecurity,ontopofaQoS-awarelayerforthesmartandrapidprovisioningofresourcesinacloud-basedenvironment.

4.3.2 Dataflow

TheEuropeanCommissionnegotiated theEU-USUmbrellaAgreement,ensuringhighdataprotection standards fordata transfers across the Atlantic for law enforcement purposes and proposed a framework for commercial dataexchange: the EU-US Privacy Shield. The goal is to protect personal data both inside the European Union andinternationally: the safeguards provided when data are transferred under the new EU-U.S. Privacy Shield areequivalenttodataprotectionstandardsintheEU.

Legal and contractual aspects of data flow in cloud computing considering the relationship and responsibilities oftenants,providersandsubprovidersarediscussedin(Singhetal.2015).Theworkdefinesfourdimensionsthatmustbe considered by initiatives for data flow in cloud computing: contractual obligations (data flows are subject tocontractsasServiceLevelAgreements(SLAs)),dataprotectionlaws(adoptedinmanycountries,placeobligationsandresponsibilities on tenants and providers for themanagement of personal data), law enforcement access (there isincreasing pressure to report government demands for data), and regulatory and common law protections (forparticularlydomains,suchashealthandfinance).

4.3.3 Portability

SeveralorganizationsareinvolvedindefiningprotocolsandAPIspromotingcloudportability.Someofthemostwell-known are the Open Grid Forum (OGF), which concentrates several working groups on this topic, the DistributedManagementTask Force (DMTF), and the StorageNetworking IndustryAssociation (SNIA) (Zhang,Wu, andCheung2013). TheDMTF created theOpenVirtualization formatwhich is anopen standard for packaging anddistributingvirtual appliances. The SNIA proposed the Cloud DataManagement Interface (CDMI), which essentially defines aninterface for creating, reading, updating, and deleting objects from a cloud and plays an important role in cloudinteroperability. OGF defined a RESTful protocol and API for performing cloud management, named Open CloudComputingInterface.

Well-knownattemptstoachievecloudportabilityincludeTOSCA,mOSAIC,AWSCloudFormation,justtonameafew(Markoska et al. 2015). OASIS proposes the Cloud ApplicationManagement for Platforms (CAMP) standard,whichessentially intendsto facilitatehowapplicationsaremanaged inaPaaSenvironment(Carlsonetal.2012). Inshort,CAMP is composedofa specification foraRESTful serviceandanAPI forplatformmanagement.TOSCA isaOASISspecification that has the goal of enabling the interoperable description of applications and infrastructure cloudservices. The goal is that services can be ported to alternative cloud environments in a way that services remaininteroperable. This standard provides a language to describe services and components and their respectivemanagement procedure so that what is needed to be preserved across deployments is precisely defined and thiscomprisesthecompletecloudapplicationlifecycle,includingscalingandmonitoring(OASIS2013).


HeatisanapplicationthatcanhandleorchestrationforOpenStackclouds.Itsgoalistoprovideaservice,thatshouldbehumanandalsomachineaccessible,andthatisabletomanagetheentirelifecycleofinfrastructureandOpenstackcloud applications. It implements an orchestration engine that can launch multiple composite cloud applicationsbasedontemplatesthatcanbehandledascode.Heatalsoaimstoachievecompatibilitywiththewell-knownAWSCloudFormation template format (Amazon 2016). Finally, the IEEE SA P2301 - Guide for Cloud Portability andInteroperabiltyProfiles(CPIP)isanIEEEComputerSocietystandardforassistingcloudcomputingprovidersandusersincreatingsystemsthatareportableandinteroperable(IEEEComputerSociety2016).

TheH2020SENECAproject(“SoftwareENgineeringinEnterpriseCloudApplicationsSystems(SENECA)”2015)focusesonkeyaspectsofcloudsystems,inparticularitsoverallquality,includingportability.Oneoftheproject’stargetistheextension of traditional quality assurance techniques to the cloud. The H2020 FIESTA project (“FederatedInteroperable Semantic IoT/cloud Testbeds and Applications (FIESTA)” 2015) builds on the recent advances in IoTsemantic interoperabilityto implementnovelcloud-based infrastructureswiththegoalofallowingtestbed-agnosticaccesstoIoTdataandresources.CloudWATCHisanH2020projectthataimstoensurehighvisibilityofEuropeanR&Dcloudinitiativesdrivinginteroperablesolutions&services(“AEuropeanCloudObservatorySupportingCloudPolicies,Standard Profiles and Services (CloudWATCH)” 2016). It will promote multi-stakeholder dialogue and exchangeregardingbestpractices.

4.3.4 Regulations

The cloud computing paradigm raises a variety of policy and governance issues, as market regulation, fairness,reliability, privacy and national security. In the European Union, the Digital SingleMarket (DSM) initiative aims tobreakdownthebarriersandprovidedigitalopportunitiesforpeopleandbusiness.WithinDSM,theEuropeanCloudInitiative aims to build trust and confidence in cloud computing in Europe. The EuropeanCloud Initiative includes:actionstoprovidesolutionsforEuropean-widecertification,includingelementsofnetworkandinformationsecurity;personal data protection; service level agreements; interoperability and data portability; contractual terms andconditions;theprospectofaEuropeancloudservicescapability;andtheestablishmentofaEuropeanResearchOpenScienceCloud.TheinitiativealsorelatestoseveralotheractionsoftheDSMstrategysuchasonharmonisedrulesforonlinepurchases,standards,andinteroperability.

TherearethreekeyactionsdefinedtounleashthepotentialofcloudcomputinginEurope:(1)SafeandFairContractTermsandConditions–theaimofthisactionwastodevelopmodelcontracttermsthatwouldregulateissuessuchas:datapreservationafterterminationofthecontract;datadisclosureandintegrity;datalocationandtransfer;andownershipofthedata; (2)Cuttingthroughthe jungleofStandards–themaingoal is thatcloudusersareprovidedwithinteroperability,dataportabilityandreversibility;and(3)EstablishingaEuropeanCloudPartnership–thegoalistobringtogetherindustryandthepublicsectortoworkoncommonprocurementrequirementsforcloudcomputinginanopenandfullytransparentway.

Recently,Brazil adopteda guide that regulates the cloudusageby theentities that compose thegovernment. Theguide presents a set of good practices to be followed by the federal administration for hiring cloud computingservices.Moreover,itblocksthefederalentitiestoacquiresafe-rooms,toimplementtheirowninfrastructures.Thisguide is part of a government strategy to implement cloud computing for the main government entities in theupcomingyears.

4.3.5 Humanfactors

TheETSI(EuropeanTelecommunicationsStandardsInstitute) ishelpingtheEuropeanCommissiontopromotewideraccesstoInformationandCommunicationTechnologybyproducingETSIGuidesandrecommendationstopromotee-accessibility.WithinETSI, theHumanFactorsTechnicalCommitteedealswith issues related to theeaseofuseandaccessibilityforallusers.Accessibilitycanbepromotedbydesignforallapproachwhereproductsaredesignedtobeusablebyallpeople,thuspersonalizingthewayusersconnectwithproducts.

ETSIhasidentifiedparticularuserneedsrelatedto:specialdomainslikein-caruseofICT,publicInternetterminalsandneedsrelatedtoe-Health;novelemerginguserinterfacetechnologies;individualrequirementsrelatedtofactorssuchasage,languageordisability;andpersonalization.


Initiatives likethisofETSIcouldbeadopted inthecontextofcloudcomputing.Forexample, therearesomeworks(Gohary2016;Shimba2010)thatstudythehumanfactorsrelatedwiththeuseofcloudcomputingapplications.Theytriedtoidentifythehumanfactorsinfluencingthecloudbasedapplicationsadoptioninhighereducationsettingsandfoundthatsomehumanfactorssuchassocialinteraction(e.g.exposureandmotivation)canhavehighimpacttotheadoptionprocess.Thesestudies(mainly(Shimba2010)) indicatethatthemaininhibitingfactorforcloudcomputingadoptionisthefearofsendingorganizationaldatatoathirdparty(i.e.,theprovider).

4.3.6 Innovativeservices

InBrazil, inthelast5yearstheRNPhasfundedseveralprojectsincloudcomputing.Theconsortiaoftheseprojectswasmainlyformedbyacademicinstitutions.TheAltoStratusprojectemergedfromtheneedtoadaptandintegratehybridandheterogeneousclouds.Thisplatform implementsmanykindsof services, including: scheduling, security,servicecompositionandmanagementofworkflows, fault tolerance,andmanagementofvirtualcloudservices.Theusercancreateandsubmitaworkflowtotheplatformthatwilldetecttheactivitiesrequestedanditwilldistributetasksamongtheprivateclouds.Also,thedistributionprocesscanbeextendedtopubliccloudsaswell ifneeded,inordertoactonuser-requestedtime.

JitCloud is another funded project by RNP. The project investigated an alternative architecture for buildinginfrastructureprovidersasaservice.Thegoalof theprojectwasthedevelopmentofalternativesofbuildingpublicinfrastructure cloud computing, based on the deployment concept Just in Time, providing just the necessarycomputinginfrastructure,onlywhennecessary.Importantpartsoftheprojectwere:mechanismsforprovisioningandmanagement, charging and monitoring mechanisms, security mechanism and mechanisms for dependabilityautonomic. The EUBrazil Cloud Connectwas a project funded under the second EU-BR coordinated call under thetopic a) Cloud computing for Science. The goal of the project was to create an intercontinental federated e-Infrastructureforscientificusage.Thise-Infrastructurejoinedresourcesfromdifferentframeworks,likeprivateclouds,supercomputing, and opportunistic desktop resources, to offer the community high level scientific gateways andprogrammingmodels.

4.3.7 Greencomputing

In general, energyefficiency techniquesdonot applydirectly to cloud computingenvironments. This is due to thecomplexity of cloud systems, which in turn means that the individual optimization of their components may notimprovetheefficiencyofthesystem.Instead,sharedtechniquesapply(Mastelicetal.2014).Evenso,themonitoringand management infrastructure for a cloud system is one of the main concerns regarding energy efficiency andconsumptionwithinadatacentre (Emerson2010).However,severalotherelementsareresponsible for theoverallconsumption, including the appliances themselves, the servers, network transport, or cooling and power supplies.Main concerns regarding energy efficiency include virtual machine reconfiguration, placement, andmigration andconsolidation. (Borgettoetal. 2012)proposeanapproachwhere themiddleware itself adjusts the resourcesbeingused by a VM to the actual needs. Regarding virtualmachine placement, authors in (Beloglazov and Buyya 2010)describe an architecture to map virtual machines to servers. For this purpose an altered version of the Best FitDecreasingheuristicisused.Anarchitecturalframeworkisalsoproposedin(Banerjeeetal.2010)forgreenclouds,withthegoalofachievingefficientvirtualmachinemigrationandconsolidation.

TheFP7EARTHproject(“EnergyAwareRadioandneTworktecHnologies(EARTH)”2016)aimedtoaddresstheglobalenvironmental challenge by researching mechanisms to reduce energy waste and improving efficiency of mobilecommunicationsystems,whilemaintainingtheQualityofService.Theapproachwasintegratedandrevolvedaroundthecreationofenergyefficientsystems,withfocusonenergy-efficientnetworkarchitectures,deploymentstrategies,and optimization. The H2020 ICARUS (“Integrated Climate Forcing and Air Pollution Reduction in Urban Systems(ICARUS)” 2016) project aims at creating new tools for assessing urban impact, concerning air quality and climatechange in the European Union. An integrated approach will be used for monitoring and assessing air pollution,combiningtechniquesassensing,measuring,andmodelling.Acloud-basedsolutionwillbedevelopedasameanstoinform users of alternatives that respect the environment and thatmay have a positive impact on air quality andcarbon footprint and also on health. The ultimate goal of the project is to develop a vision of a future green city,whereenvironmental andhealth impact isminimized.NUVEA (“ThePremiumGreenMulti-CloudManagementand


OptimizationTool(NUVEA)”2016)isanH2020projectthattargetscloudcomputingstakeholdersthataimtooptimizeenergy consumption and average server load. The goal of the project is to allow management, assessment, andoptimizationofthestakeholdersdistributedITinfrastructure,independentfromthecloudprovider.

4.3.8 Opendata

Intheopendatafield,theEuBrazilOpenBioproject(“EU-BrazilOpenDataandCloudComputingE-InfrastructureforBiodiversity (EUBrazilOpenBio)”2011)wasacollaborativeprojectbetweenBrazilandEurope, fundedunder the2ndEU-BRCoordinatedCall.TheEuBrazilOpenBiohadasmaingoaltodeployane-Infrastructureofopenaccessresources(data, tools, services) toallowthesharingofhardware,software,anddataon-demand. Inessence, itbuildsonthecloudparadigmoffering“computingasautility”withthegoalofmakingdataanddatamanagementservicesavailableondemand.TheOpenBiofacilitieshadthegoalofenablingseamlessdataaccess, integration,analysis,visualizationanduseofbiodiversitydata,namelynomenclaturedataandspeciesoccurrences.Anumberoffacilitiesforinspectingandretrievingdataweredeveloped.

AnothercollaborativeprojectfundedinthesecondcoordinatedcallwastheEUBrazilCloudConnect(“EU-BrazilCloudInfrastructureConnectingFederatedResourcesforScientificAdvancement(EUBrazilCC)”2013).Theprojectcreatedafederated cloud computing infrastructure for science, involving computational resources and services in Brazil andEurope,basedonauser-centredapproach.Thise-infrastructurehasthegoalofsupportingscientists inthefieldsofepidemiology,cardiology,andbiodiversity,whichmayeventuallybeextendedtomeetotherapplicationdomains.Theinfrastructurewillintegratedifferentdatasources,allowingprocessingandsharingofknowledgeamongtheinvolvedinstitutions. Also, some related databases aremeteorological data from land surfacemonitoring stations, satelliteimagesandtheLiDARdataandhyperspectraldata.TheLiDARdatahasrecentlyreceivedmoreattentionbecause itcanovercomethedatasaturationshortcomingofLandsat,providingmorerobustbiomassestimations.

4.3.9 Standardization

There are several initiatives to promote standardization for Cloud Computing. As an example, the NIST cloudcomputing reference architecture has been developed by the NIST Cloud Computing Reference Architecture andTaxonomy Working Group. The architecture defines a generic high-level conceptual model for discussing therequirements,structures,andoperationsofcloudcomputing.Theviewsanddescriptionsmaybeusedasabasisfordiscussingthecharacteristics,uses,andstandardsforcloudcomputing.Atthebeginningof2011,NISTcreatedpublicworkinggroups(WG)inordertoprovideatechnicallyorientedstrategyandstandards-basedguidanceforthefederalcloud computing implementation effort. The created groups are the following: Cloud Computing ReferenceArchitectureandTaxonomyWorkingGroup,CloudComputingStandardsAccelerationtoJumpstartAdoptionofCloudComputing(SAJACC)WorkingGroup,CloudComputingSecurityWorkingGroup,CloudComputingStandardsRoadmapWorking Group, and Cloud Computing Target Business Use Cases Working Group. To assess the state ofstandardization in support of cloud computing, theNISTCloudComputing StandardsRoadmapWorkingGrouphascompiled an Inventory of Standards Relevant to Cloud Computing, which is available at (NIST Cloud ComputingStandardsRoadmapWorkingGroup2016).

TheIEEEStandardassociationcreatedagroupinitiative incloudcomputingstandardization, leadingtotwoworkingdrafts: IEEE P2301 Cloud Profiles (IEEE Computer Society 2016), and IEEE P2302 Intercloud (“IEEE SA - P2302 -Standard for Intercloud Interoperability and Federation (SIIF)” 2016). The IEEE P2301Working group develops theguide for Cloud Portability and Interoperability Profiles (CPIP). The guide advises cloud computing ecosystemparticipants (cloud vendors, service providers, and users) of standards-based choices in areas such as applicationinterfaces, portability interfaces, management interfaces, interoperability interfaces, file formats, and operationconventions. The IEEE P2302Working group develops the Standard for Intercloud Interoperability and Federation(SIIF).Thisstandarddefinestopology,functions,andgovernanceforcloud-to-cloudinteroperabilityandfederation.

InBrazil, theprojectAltoStratus, fundedbyCTIC/RNP in 2010, specified a releaseofmiddleware specification thatstandardizes the composition, model, execution and cloud service management. In Europe, the EuropeanTelecommunicationsStandardsInstitute(ETSI)coordinateswithstakeholdersinthecloudstandardsecosystemsanddevises roadmaps for standard to support theEUpolicy in criticalareas suchas security, interoperability,anddataportability. The ETSI launched the Cloud Standards Coordination (CSC) in collaborationwith a series of prominent


players.TheworkofCSCPhase1wasundertakeninDecember2012,withafinalreportreportpublishedinNovemberand a presentationworkshopheld inDecember 2013. In February 2015, theCSC launched the Phase 2 to addressissues left open after CSC Phase 1, with the publication of four reports by mid-November 2015 and a finalpresentationonJanuary28,2016.

The final report from ETSI’s Cloud Standards Coordination initiative was made public on December 11, 2013, inBrusselsandcontainsthefollowing:adefinitionofrolesincloudcomputing;thecollectionandclassificationofover100cloudcomputingUseCases;alistofaround20relevantorganizationsincloudcomputingStandardizationandaselectionofaround150associateddocumentsStandards&SpecificationsaswellasReports&WhitePapersproducedbytheseorganizations;aclassificationofactivitiesthatneedtobeundertakenbyCloudServiceCustomersorCloudServiceProvidersoverthewholeCloudServiceLife-Cycle;andamappingoftheselectedcloudcomputingdocuments(in particular Standards & Specifications) on these activities. Based on the report, some conclusions have beendeveloped, concerninggeneralaspects (fragmentation,etc.)andmorespecific topicsof Interoperability, Security&Privacy,andServiceLevelAgreements.

TheworkofCSCPhase2hasaddressedsomeoftheissuesthathavebeenleftunresolvedoruntouchedbyCSCPhase1.IthasalsoperformedanotherevaluationofthecurrentstateofCloudComputingstandardsmaturityandthisphasecentredaround4mainworkitems:(1)UnderstandingUserNeeds,(2)StandardsandOpenSource,(3)Interoperability,Conformance:thecaseofSecurity,and(4)CloudComputingStandardsMaturityAssessment.


5 GapsandPreliminaryOpportunities

ThecurrentStateoftheArt(SotA)hasseveralgapsthatpreventovercomingthedrivingchallengesandthusblocktheimplementationof thescenarios.Suchgapsrepresentresearchopportunities for theEU-Brazilcollaboration. In thischapterwediscussthemaingapsandopportunities identified. It is importanttonoticethatsuchopportunitiesarepreliminaryinthesensethattheywillbeevolvedinthenextdeliverables.Infact,asmentionedbefore,thisanalysiswill serve as basis for an open call for challenges and topics to gather the ideas and opinions of the relevantstakeholders.Inparallel,brainstorming,discussions,andexchangeofideaswiththeexpertsselectedandengagedintheproject(namely,intheAdvisoryBoard(AB)andWorkingGroups(WG))willbecarriedoutandtwoworkshopsfordiscussions will be organized, also having these opportunities as starting point for discussion. The inputs andinformation collected will be used to prepare and deliver a preliminary EU-Brazil Research Roadmap on cloudcomputingandrecommendations for futureEU-BRcoordinatedcall topics (deliverableD3.2)by theendof the firstyearoftheproject.Thepreliminaryresearchroadmapwillthenbedisseminatedanddiscussedwiththecommunity,leadingtothedevelopmentanddeliveryofafinalversionofalong-termresearchroadmap(D3.3)bytheendoftheproject.

The outcomes of the above analysis are outlined here for highlighting potential mutually beneficial topics ofcollaboration on cloud computing between the two regions. Note that, these topics fit under the three futurescenariospreviouslydefined, and take into account the researchdrivers related to security andprivacy, data flow,portability,regulations,humanfactors, innovativeservices,greencomputing,opendata,andstandardization,whicharelargelyreflectedinthetopicsbelow.Theproposedtopicsaretheresultofongoingworkrequiringvalidationandimprovement. A mapping between the drivers described in Section 3 and the gaps (Gs) and opportunities (Os)proposedherearepresentedinAnnexA2.

5.1 OP1.Commontechnologicalandlegalframeworkformanagingsecurityandprivacyaspectsoncloud

G1.1:TherearemanydifferencesbetweenEuropeandBrazilregardingthelegalframeworkforprivacymanagement.In fact, privacy-related regulations in Europe aremore advanced in terms of definition and implementation. Also,prioritiesbetweenEUandBrazilarenotalwaysaligned in termsofsecurity/privacy/infrastructureneeds.This isanareathatneedstobeaddressedincooperationbetweenthetworegions,inanintegratedfashionsupportedbyalloftherelevantstakeholdersincludingresearch,industry,andpolicymakers.

G1.2: Current limitations in the technologies for secure processingmay require rethinking big data programmingmodelsforbuildingscalableandsecureapplications.Policiesthatenforceapplicationdeveloperstohandlepersonaldataadequatelyshouldbeputinplace.Applicationdevelopersandtheirusersshouldbeawareoftheriskswhendatais nothandled in a secure andprivacy-friendlyway.Newapproaches for big dataprocessing that allow specifying,enforcingandmonitoringprivacypoliciesareneeded.

OP1.1: Develop a common legal framework for assuring data privacy aspects in cloud computing,speciallyinthecontextofbigdataprocessing.

OP1.2:Designanddevelopatechnologicalframeworkprovidingservicesforprivacy-centredbigdataprocessingonthecloud(PrivacyasaService).

OP1.3: Develop guidelines for helping application developers to design and develop secure andprivacy-friendlyapplications (supporting security-by-design), includingpolicies for forcingdeveloperstoapplytherequiredpractices.

OP1.4: Provide techniques and tools for assuring the security of complex and dynamic cloudapplicationsandservices,includingbothdesign-timeassuranceandrun-timeassurance.


5.2 OP2.AnEU-BRcommunitytoworkoncommonstandards

G2.1:Thereisnostandardizedwaytorepresentthedataandmeta-databetweenthetworegions,whichsubstantiallylimitstheapplicabilityofnewsolutions,especiallyforinnovativeSMEs.

G2.2:Standardswillbeneededforsupportingreliablesystemcommunicationandintegration,includingformanagingsecurityandprivacyaspectsofbigdatainthecloud.

OP2.1:Createaself-sustainablecommunityonstandards,andalsoaddresstheactualconcernsontheadoptionof standardsby industry, inorder toavoidvendor lock-in.This includesstandards fordatarepresentation, and for enforcing application developers to handle personal data adequately,whileallowingpeopletodefinefine-grainedaccesscontrolpoliciestotheirdata.

5.3 OP3.CloudfederationandOpenScienceCloudatcross-regionallevel

G1.1: Federation of cloud resources is the way forward to address data flow. However, the lack of computingresources asidewithdata stores and thedifficulties in replicating and synchronizing referencedata in due time, ispreventingtakingfulladvantageofcloudfederationinmanyscenarios.

G2.1: The scientific community urges the development of public infrastructures that can be used to support theiractivities, especially in the context of BigDataprocessing.Although some initiatives already exist, they are still farfromsatisfyingtheneedsoftheresearchcommunity.

OP2.1:Developadvancedsolutionsforsupportingfederationofdataandresourcesinaneffectiveway,addressing privacy, synchronization, portability, and fast data flow aspects. A strategic opportunitywouldbefortheresearchandindustrycommunitiestoworktogetheronbuildingasystemthatcouldworkonbothsidesoftheAtlantic.

OP2.2: Capitalizing and leveraging upon the Open Science Cloud within the EU’s DSM strategy, aprioritypolicyactionistodefineapublic,opencloudinfrastructurethatallscientificresearcherscanuseinanintegratedway,removingsilos.

OP2.3:Witha look tounderstandingbetterhow theEuropeanOpenScienceCloudproceeds,Brazilshould play a role in understanding how an Open Science Cloud model can be utilized andimplementedinBrazil,creatingnewresearchopportunities.

5.4 OP4.Cloudsustainedcyber-physicalsystemsandsystemsofsystems

G4.1:TheresearchandinnovationchallengesforthenextgenerationofCyber-PhysicalSystem-of-Systems(CPSoSes)askforcloudbasedsolutionstoprovideenhancedfunctionalityinanetworkenvironmentwith365/24/7availability,withahighdegreeofadaptabilityandon-lineevolutiontofacetheneedsofachangingworld,andincreasedlevelsofsafetyandsecurity.Newcloudcomputingprotocolsthataddresstheseaspectsareneed.

G4.2:Usually, CPSoSes applicationspresent awide-scale (e.g. anurbanenvironment). These applications require arelativelylargeamountofprocessingandstorageattheserver-side(e.g.applicationsforidentificationanalysisorfinaluser applications). In this context, it is necessary services that provide scalability and ensure a good applicationperformanceaswell.

G4.3: CPSoSes environments are characterized by openness and dynamic executions. In order to provide a goodintegrationamongtheapplicationsontheseenvironmentsstandardsarenecessary.


OP4.1:DesignanddevelopprotocolsandmechanismsthatusetheflexibilityandelasticityofcloudstoprovidetoCPSoSesSystemssecureandself-adaptableservicestosupporttheircharacteristics,whilereducing costs: including cost of development, cost of ownership, and cost of managing systemevolution(tosolvehardwareobsolescence,tofaceemergentphenomena,etc.).

OP4.2:Definitionofamodelto integrateCPSoSessystems,cloudcomputingandbigdataprotocols.This integration could follow somepolicies. For example, bring the processing of data closer to thedatasourcesinordertoimproveperformanceandreducecommunicationcosts.

OP4.3: Definition of a standard to represent and to store the data provided by the CPSoSesapplications.Moreover,algorithmsandprotocolstoefficiencystoreandretrievedataandneeded,i.e.,datashouldbestoredinawaythatfacilitatesitssearch.

5.5 OP5.Cloudtotheedge

G5.1: Large and centralized clouds have been deployed and have shown how this paradigm can greatly improveperformanceand flexibilitywhile reducing costs. Thereare,however,many issues requiring solutions thatareuserandcontextaware,dynamic,andwiththecapabilitytohandleheterogeneousdemandsandsystems.

G5.2: The Internetof Things (IoT) scenario strongly requires cloud-based solutions that canbedynamically locatedandmanaged,ondemandandwithself-organizationcapabilities,whicharenotavailablenowadays.

G5.3:Cloudtotheedgehasthepotentialtoprovideanenormousamountofresources,butitraisesseveralresearchchallengesrelatedtotheresilience,security,responsetime,dataportabilityandusage,aswellasenergyconsumptionofbatterypowereddevices.

OP5.1: Innovativeapproachestocreate,configureandmanagetimevaryingedgecloudsneedtobedeveloped,uptothecasewhereeach Internetconnecteddevice isacloudprovider/member,goingbeyondthefogparadigm.

OP5.2:Exploreself-*(adaptation,organization,healing,etc.)techniquesandtoolsabletosupportthedeploymentofcontextaware,dynamic,andcomplexCloudbasedsystems.

OP5.3: Develop solutions for supporting and assessing resilience, security, response time, dataportabilityandusage,aswellasenergyconsumptionofbatterypowereddevices.

5.6 OP6.Cloudsupportedinnovativeandinclusivesocieties

G6.1: The cloud computing paradigm has the potential to democratize the access to information, resources, andadvancedtoolsthatwerebeforeonlyavailabletolargecompaniesandrichcountries.Theaccesstoinformationandcomputing resources will stimulate entrepreneurship, innovation, information and knowledge, that will generatecompetitiveadvantages.Inthisscenariothereisaneedtoacceleratethedevelopmentanddeploymentofnewcloudcomputingsupportedservicesandbusinessmodels.

OP6.1:Designanddeliveryof innovativeInternetandcloud-basedservicesbynewplayerslikeSMEs(Small andmedium-sizedenterprises), communities and individuals. These services can includenewSMEs or community services based on open data, big data, crowd services, e-governance, culturalcontent,inclusiveactivitiesandmanyotherbottomupdrivenservicesandbusinessmodels.

OP6.2:Designanddeliveryofcloud-basedservicesthatusetheresourcesefficientlyinordertoreducethe costs related to their adoption, making it possible to be used by several communities andcountries.


OP6.3:Definitionofnewcloudbusinessmodelsaddressedtoallconsumersandcommunitiesinorderto bring more consumers to the cloud. With new models and innovative services for the masses,providerswillhavetheopportunitytoreachbeyondtheirlocalmarket.

5.7 OP7.HighPerformanceComputing(HPC)inCloudenvironments

G7.1: High Performance Computing (HPC) has been responsible for some of the most important scientific andtechnological advances in the last decades, requiring specialized Hardware and Software infrastructures, such asClusters and Grids. The aggregated computational power of thousand processing cores of a conventional CloudHW/SW infrastructurecanbedirectlyused forsomeHPCapplications,however, formanyparallelapplications, theconventionalCloud’sHW/SWlimitstheapplicationperformancescalability.

OP7.1: Design and delivery of new Hardware and Software techniques, mainly in parallel processcommunication, scheduling and synchronization, in order to overlap the limitations imposed toperformanceapplicationsrunningonCloudinfrastructures.

OP7.2: Design and delivery of cloud-based communication protocols focused on decreasing thecommunicationdelay amongHW/SW infrastructures and improve thework loadingamong theHPCarchitecture.

OP7.3: Design and delivery of cloud-base service that will provide HPC available for a broaderacademicandindustrialcommunitythatcurrentlycannotaccessveryexpensiveHPCsystems.

OP7.4: Design and delivery of cloud-based services and protocols focused on reducing the powerconsumption present in HPC infrastructure. One of the possibilities is to distribute the workloadamong different servers on the basis of time and space. Other way for reducing the powerconsumptionistoreducetheCPUutilizationandotheridleresources.


6 Conclusions

This deliverable analysed and identified the gaps and research opportunities related to cloud computing, includingsecurity, in the EU-Brazil collaboration context. These gaps and research opportunities resulted from the internaldiscussionsandpubliceventsorganizedbytheproject.ItcontainsalsocontributionsfromdistinguishedexpertswhocontributeasEUBrasilCloudFORUMWorkingGroup(fromWP2)andAdvisoryBoard(fromWP3)members.

Thedocument startedby identifying a setof scenarios representing futuristic viewpointsof different stakeholders,including industrial players, end-users, researchers, and regulators, for cloud computing, including security. Suchscenarios are based on: the United Nations Sustainable Development Goals (SDGs), which include 17 goals totransform ourworld; the current situation, in the form of Circles of Sustainability; and the potential priorities forEurope and Brazil. The scenarios proposed are: SC1. Environmental monitoring, SC2. Smart water and energymanagement,andSC3.Assistedhealthandwell-being.

Ontopofthescenariosweidentifiedasetofdriversrepresentingchallengesthatwilldrivethedevelopmentofthecloud computing technologies andmodels needed to support the scenarios. Such drivers are grouped consideringthreemainaspects:DR1.Cloudcomputingtechnologiesareglobalandpervasive,DR2.Socio-economicfactorsaffectthecloudcomputingmarket,andDR3.Technologicalinnovationcreatesnewissues.

Tobetterunderstandthecurrentsituation,keyconceptsincloudcomputingwerepresentedandthestateoftheartwasoverviewed,discussingrelatedresearchworksandprojectsinthecontextofeachofthedrivers.

Finally,basedontheanalysisofthecurrentstateoftheartandtheproposeddriversandscenarios,weidentifiedasetofrelevantgapsthatpreventovercomingthedrivingchallenges,andthusblocktheimplementationofthescenarios.Finally, research opportunities related to cloud computing, including security,were proposed considering the gapsidentifiedandtakingintoaccounttheEU&BRpriorities.Theproposedopportunitiesaregroupedinsevensets:OP1.Common technological and legal framework for managing security and privacy aspects on cloud; OP2. An EU-BRcommunitytoworkoncommonstandards;OP3.CloudfederationandOpenScienceCloudatcross-regionallevel;OP4.Cloud sustained cyber-physical systems and systems of systems; OP5. Cloud to the edge; OP6. Cloud supportedinnovativeandinclusivesocieties;andOP7.HighPerformanceComputing(HPC)inCloudenvironments.

Thenextstepstowardstheresearchroadmapincludeissuinganopencallforchallengesandtopicsinordertogathertheideasandopinionsoftherelevantstakeholders(processtobestartedduringtheorganizationoftheWorkshoponCloudNetworksandoftheCloudscapeBrazileventsattheBrazilianComputerSocietyCongressinPortoAlegre,RS,Brazil, July 6-7, 2016). In parallel, brainstorming, discussions, and exchange of ideaswith the experts selected andengagedintheEUBrasilCloudFORUMAdvisoryBoard(WP3)andWorkingGroups(WP2)willbecarriedout.TheinputsandinformationcollectedwillbeusedtoprepareanddeliverthepreliminaryEU-BrazilResearchRoadmaponcloudcomputingandrecommendations for futureEU-BRcoordinatedcall topics (deliverableD3.2)by theendof the firstyearoftheproject.Thatpreliminaryroadmapwillthenbedisseminatedanddiscussedwiththecommunity,leadingtothedevelopmentanddeliveryofafinalversionofalong-termresearchroadmap(D3.3)bytheendoftheproject.


References

“A European Cloud Observatory Supporting Cloud Policies, Standard Profiles and Services (CloudWATCH).” 2016. Accessed June 25. http://cordis.europa.eu/project/rcn/110185_en.html.

“A Framework for User Centred Privacy and Security on the Cloud (CLARUS).” 2015. http://cordis.europa.eu/project/rcn/194136_en.html.

Amazon. 2016. “AWS CloudFormation - Infrastructure as Code & AWS Resource Provisioning.” Amazon Web Services, Inc. https://aws.amazon.com/cloudformation/.

Banerjee, A., T. Mukherjee, G. Varsamopoulos, and S. K. S. Gupta. 2010. “Cooling-Aware and Thermal-Aware Workload Placement for Green HPC Data Centers.” In Green Computing Conference, 2010 International, 245–56. doi:10.1109/GREENCOMP.2010.5598306.

Beloglazov, A., and R. Buyya. 2010. “Energy Efficient Allocation of Virtual Machines in Cloud Data Centers.” In 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing (CCGrid), 577–78. doi:10.1109/CCGRID.2010.45.

Borgetto, D., M. Maurer, G. Da-Costa, J. M. Pierson, and I. Brandic. 2012. “Energy-Efficient and SLA-Aware Management of IaaS Clouds.” In 2012 Third International Conference on Future Energy Systems: Where Energy, Computing and Communication Meet (E-Energy), 1–10. doi:10.1145/2208828.2208853.

Carlson, Mark, Martin Chapman, Alex Heneveld, Scott Hinkelman, Duncan Johnston-Watt, Anish Karmarkar, Tobias Kunze, et al. 2012. “OASIS Cloud Application Management for Platforms (CAMP).” https://www.oasis-open.org/committees/download.php/47496/CAMP-24-2012-11-15.pdf.

Carvalho, Priscila de. 2015. “Smart Grid in Brazil: Perspective and Possibilities.” Technical Report. Emerson. 2010. “Data Center Users’ Group Special Report: Energy Eficiency and Capacity Concerns Increase.”

Technical Report. “empoWering prIvacy and securiTy in Non-trusteD envirOnMents (WITDOM).” 2015.

http://cordis.europa.eu/project/rcn/194197_en.html. “Energy Aware Radio and neTwork tecHnologies (EARTH).” 2016. Accessed June 27.

http://cordis.europa.eu/project/rcn/94414_en.html. ETP SG Working Group 1. 2016. “Progress and Challenges on Asset Management for Future Smart Grids.” “EU-Brazil Cloud Infrastructure Connecting Federated Resources for Scientific Advancement (EUBrazilCC).” 2013.

http://cordis.europa.eu/project/rcn/109810_en.html. “EU-Brazil Open Data and Cloud Computing E-Infrastructure for Biodiversity (EUBrazilOpenBio).” 2011.

http://cordis.europa.eu/project/rcn/99564_en.html. “Federated Interoperable Semantic IoT/cloud Testbeds and Applications (FIESTA).” 2015.

http://cordis.europa.eu/project/rcn/194117_en.html. Fehling, Christoph, Frank Leymann, Ralph Retter, Walter Schupeck, and Peter Arbitter. 2014. Cloud Computing

Patterns. Vienna: Springer Vienna. http://link.springer.com/10.1007/978-3-7091-1568-8. Gohary, Marjan Moshfegh. 2016. “Human Factors’ Impact Leveraging Cloud Based Applications Adoption.” Journal

of Information Systems Research and Inovation (JISRI). Accessed June 28. http://seminar.utmspace.edu.my/Jisri/download/Vol5/Pub11_Human_Factors_For_Cloud_Applications_Adoption.pdf.

IEEE Computer Society. 2016. “IEEE SA - P2301 - Guide for Cloud Portability and Interoperability Profiles (CPIP).” Accessed June 27. https://standards.ieee.org/develop/project/2301.html.

“IEEE SA - P2302 - Standard for Intercloud Interoperability and Federation (SIIF).” 2016. https://standards.ieee.org/develop/project/2302.html.

“Integrated Climate Forcing and Air Pollution Reduction in Urban Systems (ICARUS).” 2016. Accessed June 27. http://cordis.europa.eu/project/rcn/202640_en.html.

LAPiX Image Processing and Computer Graphics Lab. 2016. “3D Reconstruction.” http://www.lapix.ufsc.br/3d-reconstruction?lang=en.

Markoska, E., I. Chorbev, S. Ristov, and M. Gusev. 2015. “Cloud Portability Standardization Overview.” In 2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), 286–91. doi:10.1109/MIPRO.2015.7160281.

Mastelic, Toni, Ariel Oleksiak, Holger Claussen, Ivona Brandic, Jean-Marc Pierson, and Athanasios V. Vasilakos. 2014. “Cloud Computing: Survey on Energy Efficiency.” ACM Comput. Surv. 47 (2): 33:1–33:36. doi:10.1145/2656204.


Mell, Peter, and Tim Grance. 2011. “The NIST Definition of Cloud Computing.” csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf.

Modi, Chirag, Dhiren Patel, Bhavesh Borisaniya, Hiren Patel, Avi Patel, and Muttukrishnan Rajarajan. 2013. “A Survey of Intrusion Detection Techniques in Cloud.” Journal of Network and Computer Applications 36 (1): 42–57. doi:10.1016/j.jnca.2012.05.003.

NIST Cloud Computing Standards Roadmap Working Group. 2016. “Inventory of Standards Relevant to Cloud Computing.” http://collaborate.nist.gov/twiki-cloud-computing/bin/view/CloudComputing/StandardsInventory.

OASIS. 2013. “Topology and Orchestration Specification for Cloud Applications (TOSCA) Version 1.0.” http://docs.oasis-open.org/tosca/TOSCA/v1.0/TOSCA-v1.0.html.

Patterson, David, Aaron Brown, Pete Broadwell, George Candea, Mike Chen, James Cutler, Patricia Enriquez, et al. 2002. “Recovery-Oriented Computing (ROC): Motivation, Definition, Techniques, and Case Studies.” Technical Report UCB//CSD-02-1175, UC Berkeley Computer Science. http://roc.cs.berkeley.edu/papers/ROC_TR02-1175.pdf.

“PRIvacy and Security MAintaining Services in the CLOUD (PRISMACLOUD).” 2015. http://cordis.europa.eu/project/rcn/194266_en.html.

Santos, Nuno, Krishna P. Gummadi, and Rodrigo Rodrigues. 2009. “Towards Trusted Cloud Computing.” In Proceedings of the 2009 Conference on Hot Topics in Cloud Computing, 3. USENIX Association. https://www.usenix.org/event/hotcloud09/tech/full_papers/santos.pdf.

Shimba, Faith. 2010. “Cloud Computing: Strategies for Cloud Computing Adoption.” MSc Thesis, Dublin Institute of Technology, Ireland. http://arrow.dit.ie/scschcomdis/29/.

Singh, Jatinder, Julia Powles, Thomas Pasquier, and Jean Bacon. 2015. “Data Flow Management and Compliance in Cloud Computing.” IEEE Cloud Computing 2 (4): 24–32.

“Software ENgineering in Enterprise Cloud Applications Systems (SENECA).” 2015. http://cordis.europa.eu/project/rcn/193968_en.html.

Stolfo, S. J., M. B. Salem, and A. D. Keromytis. 2012. “Fog Computing: Mitigating Insider Data Theft Attacks in the Cloud.” In 2012 IEEE Symposium on Security and Privacy Workshops (SPW), 125–28. doi:10.1109/SPW.2012.19.

The Circles Project. 2016. “Circles of Sustainability – Practical Tools for Creating Sustainable Cities and Communities.” http://www.circlesofsustainability.org/.

“The Premium Green Multi-Cloud Management and Optimization Tool (NUVEA).” 2016. Accessed June 27. http://cordis.europa.eu/project/rcn/196492_en.html.

United Nations. 2016. “Sustainable Development Goals - United Nations.” United Nations Sustainable Development. Accessed June 28. http://www.un.org/sustainabledevelopment/sustainable-development-goals/.

Wang, C., S. S. M. Chow, Q. Wang, K. Ren, and W. Lou. 2013. “Privacy-Preserving Public Auditing for Secure Cloud Storage.” IEEE Transactions on Computers 62 (2): 362–75. doi:10.1109/TC.2011.245.

Xiao, Z., and Y. Xiao. 2013. “Security and Privacy in Cloud Computing.” IEEE Communications Surveys Tutorials 15 (2): 843–59. doi:10.1109/SURV.2012.060912.00182.

Zhang, Zhizhong, Chuan Wu, and David W.L. Cheung. 2013. “A Survey on Cloud Interoperability: Taxonomies, Standards, and Practice.” SIGMETRICS Perform. Eval. Rev. 40 (4): 13–22. doi:10.1145/2479942.2479945.


A1.TemplateforGatheringScenarios

Thegoalofthistemplateistocollectpreliminaryideasfordesigningasetoffuturisticscenarios(e.g.to2025)fromEUBrasilForumWorkingGroup(WG)members,i.e.futuristicviewpointsofdifferentstakeholders(includingindustrialplayers, end users, researchers, and regulators) for Cloud Computing. The results will be used to draft a researchRoadmaponcloudcomputing, identifyingcollaborationneedsandopportunitiesbetweenEuropeandBrazil fortheEuropeanCommissionandtoMCTI,thuscontributingtothedefinitionoffuturecooperationprioritiesbetweenthetworegions(seeslidesfromtheConcertationMeetinginRiodeJaneiro).

TitleoftheScenario:

BriefDescription(150wordsmax.):

Genericresearchtopicstoenablethefuturescenario:

•

ResearchtopicsrelatedtoDataProtection:

•

ResearchtopicsrelatedtoFlowsofData:

•

ResearchtopicsrelatedtoPortabilityofData:

•

ResearchtopicsrelatedtoOpenDataUsage:

•

Standardisationaspects:

•

Otheraspects:

•

Currentactivitiesknownthatmayberelatedwiththisscenario:

•

Futureactivitiesknownthatmayberelatedwiththisscenario:

•


A2.MappingDriversandOpportunities

Table 2 shows amapping between the drivers described in Section 3 and the gaps and opportunities proposed inSection5(seeTable1forthemappingbetweenthedriversandthescenariospresentedinSection2).Obviously,thisisnotacompletemappingbetweendriversandopportunities,asitemphasizesonlythemainoneswiththeobjectiveofshowingthattheidentifiedopportunitiesallowcoveringthemainchallenges.Inpractice,foreachopportunity,thetable shows the main drivers that are addressed. For example, opportunity 1 (a common technological and legalframeworkformanagingsecurityandprivacyaspectsinthecloud)willcontributetowardsdriversDR1.1(securityandprivacy),DR1.2(dataflow),DR2.2(humanfactors),DR3.2(opendata),andDR3.3(standardization).

Table2.Mappingopportunitieswithdrivers.

Asshown,thesevenopportunitiesproposedcovertheninedriversidentified,whichinturnarerelatedwiththethreeEUBrasilCloudFORUMscenarios.Naturally,somedriversarecoveredbymoreopportunitiesthanothers.Akeyaspectis that the opportunities identified represent great opportunities in the context of the EU-Brazil collaboration, ashighlightedinSection2foreachscenario(discussedintheWhyWhyEU-Brazilcooperationisneededparagraph).Theopportunitiesidentified(andthecorrespondingdriversandscenarios)willbefurtherdetailedduringthedevelopmentoftheResearchRoadmap(D3.2),thusrepresentingastartingpublicforthenextinternalandpublicdiscussions.

DR1.1.Security

and

priv

acy

DR1.2.Dataflo

w

DR1.3.Portability

DR2.1.Regulations

DR2.2.Hum

anfa

ctors

DR2.3.In

novativ

eservice

s

DR3.1.Green

compu

ting

DR3.2.Ope

nda

ta

DR3.3.Stand

ardizatio

n

OP1.Commontechnologicalandlegalframeworkformanagingsecurityandprivacyaspectsoncloud X X X X X

OP2.AnEU-BRcommunitytoworkoncommonstandards X X X X X X

OP3.CloudfederationandOpenScienceCloudatcross-regionallevel X X X X X X

OP4.Cloudsustainedcyber-physicalsystemsandsystemsofsystems X X X

OP5.Cloudtotheedge X X X X X

OP6.Cloudsupportedinnovativeandinclusivesocieties X X X X X

OP7.HighPerformanceComputing(HPC)inCloudenvironments X X X

DR1.Cloudcomputingtechnologiesareglobaland

pervasive

DR2.Socio-economicfactorsaffectthecloudcomputing

market

DR3.Technologicalinnovationcreatesnewissues


A3.OtherPotentialScenariostobeStudied

The following two scenarios have been proposed by the EU-BR FUTEBOL project. These will be analysed andpotentiallyintegratedinthefirstversionoftheresearchroadmap(D3.1).

A3.1.HeterogeneousCloudRadioAccessNetworks

Brief Description (150 words max.): Cheaper radio equipment composed solely by antennas, digital to analogueconverters,andopenopticalinterfaces,calledRemoteRadioHead(RRH),willgraduallysubstitutecurrentradiobasestations in the realization ofHeterogeneous Cloud Radio AccessNetworks. Theirmajor feature is the capability touploadalltheirsampledsignalworkloadtobeprocessedatdata-centres,a.k.a.BasebandUnit(BBU)pools.Farawayfromtheedge,BBUpoolscentralizetheprocessingofRRHworkloadenablingmanybenefits,suchasbetterenergyconsumption and refrigeration system as well as simplified synchronization and signal precoding for Radio AccessNetworks(RAN).

In the realization of H-CRAN, operators also decrease the cost involved with site deploying and maintenance.Meanwhile,giventhepowerfulandcentralizedprocessingofRRH’sworkload,usersexploitoptimizedcommunicationwith improved QoS guarantees, increased capacity, and smaller delays. H-CRAN will play a crucial role in futuredeployments of 5Gbeing oneof the sustainable architecture in termsof investment fromoperators. In particular,fromacloudcomputingperspective,severalnewchallengesarisethroughoutthedevelopmentanddeploymentofH-CRAN.Forinstance,thedevelopmentofspecializedcloud-basedsoftwareforefficientprocessingofRANworkloads,managing the trade-off between using standard less expensive hardware and network performance or energyconsumption,developmentofproperradiovirtualizationtechniques,amongothers.

Genericresearchtopics:

• Resourcesharing• Wirelessandopticalnetworkconvergence• MassivelydistributedMIMOsystems• Precodingandsignalprocessingsynchronization• Radio-over-fibber• Spectrumreuse• Beamforming• 60GHzbasedwirelessfronthaul/backhaul


•


• Ontheintegrationofbackhaulandfronthaul• CoreinfrastructureoptimizationandBBUhoteling


•


•


Standardizationaspects:

• Radio-Over-Fibertechnologies• NewwaveformsforH-CRAN• SDNflowandwirelesscontrol

Otheraspects:

•


•

A3.2.BaseStationVirtualizationinCloud-RadioAccessNetworks

BriefDescription(150wordsmax.):InC-RAN,traditionalBaseStations(BSs)aredecoupledintoRemoteRadioHeads(RRH) and Baseband Units (BBU). RRHs are co-located at each cell site and perform only the radio frequencytranslation, whereas BBUs are placed into a central site and provide the fundamental physical layer capabilities.Recently,MobileNetworkOperatorsareexploringthevirtualizationofBBU.

Inthiscontext,theBBUsfunctionalitiesareimplementedasVirtualNetworkFunctions(VNFs)ontopofstandarddatacentrehardware.ThisbreaksthestaticrelationshipbetweenRRHsandBBUs,asthebasebandprocessingofRRH isconductedbyachainofVNFsinthedatacentre.Thus,mobileoperatorscanperformabroadrangeofadjustments,includingforexampleVNFsdistributionamongdatacentrestoreduceprocessingbottlenecksandconfigurationoftheVNFchaintochangeanyaspectoftheRRH.Ascomparedtotraditionalcloudcomputingapplications,virtualizedradiosignal processing over clouds poses significant challenges due to its pressing delay and bandwidth constraints. Forexample, even more frequent virtualization management operations (creation, migration, destruction of virtualelements)willbetriggeredbyVNFdeploymentsandcomplexVNFchainoptimizations,consideringheterogeneityandspecialized hardware (e.g. digital signal processors) when allocating and provisioning resources, and adapting todemandfluctuationscausedbyusermobility,justtonameafew.

Genericresearchtopics:

• JointRadioResourceAllocationOptimization• Large-ScaleCooperativeMultipleAntennaProcessing• CooperativeRadioResourceManagement• Self-OrganizingNetworks• Radio-over-fiber


•


•


•


•


Standardizationaspects:

• Standardizedcross-platformvirtualizationlayer• StandardizedApplicationProgrammingInterfacetodevelopVNFs• StandardizedVNFinterfacesforcontrolandmanagement

Otheraspects:

•


• TheWiSHFULL(http://www.wishful-project.eu/about)projectisdevelopingacommonframeworktocontroland manage multiple radio hardware and access technologies. Although it does not support thevirtualization aspect describe in this document, it provides the basis for enabling it. Moreover, they areinterested indeploying the framework inanumberof testbeds.TestbedsalreadyusingWiSHFULL include:IRIS,TWIST,ORBIT,FIBRE(onlyattheUniversidadeFederaldoRiodeJaneiro-UFRJ).

abstract - eubrasilcloudforum › sites › default › files › eubras...eubrasilcloudforum...

Documents