group 19 cmpe 295a project proposal
DESCRIPTION
SJSU final projectTRANSCRIPT
i
AN EMPIRICAL SOFTWARE DEVELOPMENT
APPROACH TO U-HEALTHCARE IN MOBILE CLOUD
COMPUTING ENVIRONMENT
Project Proposal
by
CMPE 295A
Ishita Shah
Pinky Shah
Snigdha Gulhati
Project Advisor
Prof. Weider Yu
October 25, 2011
ii
ABSTRACT
AN EMPIRICAL SOFTWARE DEVELOPMENT APPROACH TO U-
HEALTHCARE IN MOBILE CLOUD COMPUTING ENVIRONMENT
By Ishita Shah, Pinky Shah and Snigdha Gulhati
Nowadays, mobile computers in form of smart phones and tablets are extensively used to
obtain ubiquitous computing power making mobility the way of life. Taking the case of
the healthcare industry, patients demand for anytime anywhere, easy-to-access healthcare
information making mobile devices as the next generation service delivery platform for
u-health care solution. However, mobile devices are typically constrained by limited
memory, low processing power, restricted data network connection, small cache size and
battery powered computing environment. As a result, these devices are inefficient to
handle compute intensive applications involving large scale data management, security
algorithms and so on. Cloud computing with its new delivery model can extend
capabilities of these resource constrained devices. However, mobile cloud computing has
its own limitations like network bandwidth, absence of standards, access schemes,
security etc. Our basic intent in this project would be to study the various software
development approaches in the area of Mobile cloud computing, exploring their
limitations and shortcomings with focus on security, and defining an approach to
overcome some of the security related issues, thereby developing secure personal
healthcare applications using mobile cloud computing. We would define an approach, a
process and an implementation in the form of a prototype, with results for validation.
iii
Table of Contents
Chapter 1 Introduction
1.1 Problem statement, motivation, and needs
1.2 Project application and impact
1.3 Expected project results and deliverables
Chapter 2 Background and Related Work
2.1 Background and used technologies
2.2 State-of-the-art
2.3 Literature survey
Chapter 3 Project Description
3.1 Project goals and objectives
3.2 Project approaches
3.3 Project solutions and justification
3.4 Project evaluation and validation
Chapter 4 Project Plan and Schedule
4.1 Project tasks and schedule
4.2 Project resources, budget, and cost analysis
Reference
1
Chapter 1 Introduction
1.1 Problem statement, project motivation, and needs
Currently, mobile devices in the form of smart phones and tablets are vital sources of
communication. They provide global connectivity to support large number of applications,
providing anytime and anywhere access to reliable information. Health care industry is one
of the most prominent industries where mobile devices are considered as the service delivery
platform for u-health care solution which will enable people to access on-demand reliable
health care information. However, mobile devices are resource constrained in terms of
memory, processing power, cache size and battery life. As a result, they are unable to handle
compute intensive applications like data mining, searching, multimedia processing and so on.
Cloud computing with its new delivery model can be used with mobile devices to overcome
the above mentioned limitations. But, mobile cloud computing is at its early stage and has
some issues associated with it and, lack of security is one of the major issues. Security is a
very broad term and there are various levels of security within a mobile cloud which are to be
addressed. However, we consider Identity Access Management and Data Encryption to be
the most important security issues that need to be addressed for enterprise level mobile
applications on the cloud. And so, we are motivated to develop a secure development
approach solving the above mentioned security threats in mobile cloud and validate it by
developing a prototype of a u-healthcare application in cloud for mobile devices.
2
1.2 Project application and impact
In this project, we aim to study various mobile cloud computing (MCC) development
approaches and then propose an approach for developing secure mobile enterprise level
applications on cloud that would address Identity Access Management and Data Encryption
security issues. This would give an insight about the mobile cloud architecture as well as
solve the identified security concerns. Moreover, the development approach could be used by
developers to develop robust and secure enterprise-level applications on the cloud.
1.3 Expected project results and deliverables
The major deliverables for this project are as follows:
Development approach.
Implementation of the development approach in the form of a prototype of u-health
care solution with the aim of validating the development approach.
Test cases used to verify the development approach and its results.
3
Chapter 2 Background and Related Work
2.1 Background and used technologies
Cloud Computing enables on-demand network access to a shared pool of configurable
computing resources (e.g. applications, networks, servers, storage and services) that can be
released and provisioned with minimal management effort or service provider interaction. It
is the most promising technology and is a mechanism to increase the overall IT capabilities
of a company in real time without investing a huge amount in new infrastructure, training,
software licenses and so on. It follows pay-as-per-use model wherein a company pays
according to resources used in the cloud. There are three main models of using cloud
architecture which are as follows:
Software As A Service (SAAS)
o Software is provided as a service by the vendor
Platform As A Service (PAAS)
o Programming tools are provided as a service by the vendor which can be used by the
customers to build their applications.
Infrastructure As A Service (IAAS)
o Computing resources such as storage, processing, networking and so on are provided
by the vendor as a service.
There are various benefits of Cloud Computing which are as follows:
Easy to deploy which reduces the overall time
Pay-as-per-use model reduces infrastructure investment.
4
Ability to use scale up and down when needed.
Ability to use latest functionalities.
Increase the overall capabilities of resource constrained devices in real time.
A mobile device when used with Cloud architecture to store data or perform operations is
known as Mobile Cloud Computing (a.k.a. MCC). Using mobile cloud computing
architecture, consumers can access the services on-demand either through browser or a thin
client on their mobile devices. This is different from “thicker” clients that are downloaded
from application stores and reside on the mobile devices. Mobile cloud services are
independent of the type of device and operating system on which they run. Moreover, the
resource constrained nature of mobile devices could be overcome by MCC.
Figure 2.1: Mobile Cloud
Cloud architecture is mostly provided by a third party infrastructure known as Cloud
Service Providers (CSP) and each one of them has their own unique cloud architecture,
features and standards. Some of the major CSPs are Amazon, Google, VMware,
Rackspace, Salesforce.com, Microsoft and IBM.
5
Though MCC is highly beneficial, lack of security is a major concern with it. There is a
security risk to confidential data residing in the cloud as the customer has to depend on the
security measures provided by its CSP. Moreover, cloud is accessed over the network and so
there is major threat of data being tampered during transfer on the network.
2.2 State-of-the-art technology
As described in [5], mobile devices have brought about a revolution in the area of mobile
computing. The model of exploiting the benefits of Cloud Computing has helped to
overcome the many constraints of mobile devices related to data management, processing
power, algorithms and many more, as discussed in previous sections.
The area of Mobile Cloud Computing is new. According to experts, by 2015, more than 240
million customers are expected to be making use of the cloud computing services through
mobile devices and the market is believed to grow to a whopping $5.2 billion. The reason for
this growth is attributed to an evolving IT supply chain, adoption of cloud platforms for IT
services and greater use of handsets and smart phones [6]. This has triggered a lot of research
in this area and various mobile cloud development approaches have been suggested to
improve the capacity and reliability of mobile devices.
One approach proposes the use of RESTful Webservices [10] to access applications hosted as
the cloud. This makes use of the SAAS deployment model of the Cloud. In this approach
mobile devices rely over network node available in the cloud for more processing
capabilities, storage and security via RESTful web services.
6
Another approach focuses on providing elastic applications [2]. In this, the application in
divided into multiple components called “weblets” to provide elastic middleware. The
decision to launch a weblet is based on application configuration and device status (like
battery level). The architecture of elastic framework is provided in Figure 2.2 below.
However there are certain areas in this approach which need to be considered like data and
state synchronization, Communication between weblets, Weblet migration and Trust and
Security.
Figure 2.2 – Elastic framework architecture [2]
There is one more approach which introduces the concepts of cloudlets as shown in Figure
2.3 [7]. A Cloudlet is a virtual cloud, in the form of a resource-rich, secure computer or a
cluster of computers. The mobile device, instead of sending data to or receiving data from a
7
distant cloud, could connect to a nearby cloudlet in order to reduce latency. If the request is
not fulfilled by a cloudlet, the mobile device could then contact the distant cloud.
Figure 2.3 – Cloudlet concept [7]
Although cloudlet approach reduces the latency of requests, there could be issues related to
it like dividing the storage between cloudlets, managing security etc. Also, more the
number of cloudlets, more can there be points of attacks.
Our approach intents to address some of the security related issues like Identity Access
Management and Data Encryption for mobile cloud application which are paramount in
Healthcare applications.
2.3 Literature survey
Various papers were studied and examined for this project. The paper in [9] discusses the
architecture of mobile cloud computing in detail, along with its various applications,
benefits, challenges and approaches. The usage of cloud computing in mobile healthcare
8
services is discussed in [8]. The various security related challenges in mobile cloud, and
how to secure mobile cloud is provided in a paper presented in [1]. Cloud Alliance’s report
on top cloud threats is provided in [12]. Also, there is a detailed Security Guidance
published by Cloud Alliance which lists some security related guidelines that cloud
providers should follow [13]. Paper in [11] covers a detailed discussion of the usage of
SOA methodology in cloud.
The mobile cloud development approaches are discussed in various papers. Details about
RESTful approach are provided in [10]. The Elastic approach architecture is explained in
detail in [2]. Paper [7] explains the Cloudlet approach and its benefits and challenges.
9
Chapter 3 Project Description
3.1 Project goals and objectives
In order to overcome the limitations of mobile devices, a new “Modern Mobile Architecture”
[1] is described which is a combination of Mobile and Cloud Computing technologies.
However, introducing cloud in mobile internet results in more concerns to be addressed by
currently used mobile architecture. As mentioned in previous sections there are various
approaches proposed for mobile cloud computing. The goal of our project is:
Study basic architecture of mobile cloud computing.
Identify the security issues related to mobile and cloud technology.
Propose a software development approach which can mitigate following security
related issues :
o Identity Access Management
o Data Encryption
Validate the proposed approach by developing prototype for personal u-health care.
3.2 Project approaches
In order to have a working model of our approach, we will develop a prototype for personal
health care management demonstrating our design/approach. Prototyping will help us to
identify design flaws and make sure that our approach really works. It will not be a full
fledged application but it will highlight all the aspects of the final solution.
10
We would like to use SOA based architecture for this project. SOA based architecture will
help us to develop and design software components based on interoperable services. Its main
concept is “Service is Important”. For Mobile applications service delivery is a key point.
SOA architecture provides more flexibility and scalability.
3.3 Problem solutions and justification
As from above discussion it clearly shows that cloud with its new delivery and cost model
proves to be the best solution for mobile constrained devices to handle compute intensive
applications. Mobile Cloud computing is a very new area and is currently in research. Our
approach provides a new way for developing mobile cloud applications. This approach will
help to increase the processing power, reduce security risk and provide better performance
for mobile applications. This clearly justifies our solution to current problems faced by
mobile applications. The high level system architecture diagram is shown in Figure 3.1.
The main components of our design will be:
Cloud
Mobile devices
Web Server and Webservices
Device Manager.
The role of Device Manager would be to fulfill client requests either from the local web
server or send it to the Cloud server considering certain parameters like processing power
and security.
11
Figure 3.1 – High level System Architecture
The web service for our mobile application would be deployed on Cloud as well as a Web
Server outside the cloud and its multiple copies would reside in the cloud to provide highly
available and reliable environment to serve multiple requests from clients. The Web Server
which is not on the cloud will be used to handle less compute intensive operations and highly
confidential data.
12
3.4 Project evaluation and validation
Various activities would be conducted to evaluate the outcome of the project and validate our
results.
In order to evaluate the project and verify that all the requirements have been met, we would
be performing unit and integration testing of the various modules of the prototype. Testing
would involve both Black box and White box testing techniques. Test cases would be
carefully generated based on the requirements identified in Chapter 4 of the project report. A
Requirement Traceability Matrix would be designed to make sure that all the test cases are
traceable to the requirements, and a test execution report would be generated.
To validate our approach, we would be using the developed prototype to check the efficiency
and effectiveness of the new approach. Also, we would be making sure that the security
issues identified by us are addressed.
13
Chapter 4 Project Plan and Schedule
4.1 Project Tasks and Schedule
Preparing a high quality, realistic schedule is one of the most important activities in a project
lifecycle. A good schedule helps in successful completion of the project with minimum
budget overflows and deadline slippage. In order to come up with a good schedule, the first
step is to understand the requirements correctly.
The schedule for this project is divided into various phases, as shown in Figure 4.1 –
Figure 4.1: Project phases
We have provided a detailed schedule for Part A and Part B of the project. Figure 4.2 shows
a Gantt chart containing the detailed project schedule for Part A. Figure 4.3 shows a Gantt
14
chart containing the detailed project schedule for Part B. The task assignment details are also
included in the chart. We have used GanttProject, an open source, cross-platform tool for
project scheduling and management.
Figure 4.2: PART A - Detailed Task list
15
Figure 4.3: PART B – Detailed Task List
16
4.2 Project Budget, Resources, and Cost Analysis
4.2.1 Budget
Project Title :
AN EMPIRICAL SOFTWARE DEVELOPMENT APPROACH TO U
HEALTHCARE IN MOBILE CLOUD COMPUTING
ENVIRONMENT
Team
Members
Ishita Shah
Pinky Shah
Snigdha Gulhati
Project Period 08/24/2011 - 05/31/2012
Items # Cost/item
Semester 1
(8/24/2011 -
12/02/2012)
Semester 2
(01/25/2012 -
05/31/2012)
Equipment
Laptops 3 $ 1500 $ 1500 $ 0
Software
Licenses
- $ 0 (open
source s/w)
$ 0 $ 0
Tablet 1 $250 - $250
Android Phone 1 $150 - $150
Stationary and
Printouts
Variable Variable Approx.
$100
Approx.
$100
Indirect
Costs
Internet Charges Variable Variable $ 200 $ 200
Telephone and
calling charges
Variable Variable $100 $100
Other hidden
costs
Variable Variable $100 $200
Total Cost : $2000 $1000
There is a huge collection of good quality, well supported open source software solutions
available in the market and most of the companies today are turning to these cost effective
solutions. We would like to make use of this revolution by using open source software for
this project as far as possible. So, there would be no cost associated with Software
17
Licensing. In case there is a need for a software or tool which is not available as open
source, the budget would be revisited.
The equipment needed for project design and coding, for example laptops/ desktops, and
other devices are already available. So, that doesn’t contribute to the budget. Tablets and/or
Android phones required for testing the prototype would have to be purchased (if not
available otherwise) and hence, would add to the budget during the second part of the
project. Other costs like stationary and printouts, indirect costs like Internet and Telephone
charges, and a few hidden costs are considered in the budget.
Since no salary is paid as this is a Masters project, we have not included that cost in the
budget. However, the Cost Analysis in terms of Effort in hours is provided in Section 4.2.3
below.
Overall, the budget for the Part A of the project comes to an amount of about $2000, and
the budget for Part B is about $1000.
4.2.2 Resources
The resources required for this project are -
1. Laptops
2. Android Emulator
3. Tablet and Android Phone for testing
4. A team of 3 people would be working on this project, and they would assume roles of
Design Engineers, Developers and Testers as and when required.
18
4.2.3 Cost Analysis
Following is a cost analysis of the resources required in terms of effort hours required
during each phase. Here we have assumed that each person would be spending
approximately 4 hours each project day. Since this is Master’s project and there is no salary
being paid, the cost analysis is only done in terms of Effort Hours.
Phase # of Resources Duration Effort per
person per day
Total effort (in
hours)
Conception and
Planning
3 67 4 804 hours
Requirement
Gathering
3 7 4 84 hours
Design 3 30 4 360 hours
Development 3 63 4 756 hours
Testing 3 35 4 420 hours
Validation 3 30 4 360 hours
Total Effort for the entire project 2784 person
hours
19
References
[1] J. Christensen, “How will we secure the Mobile Cloud? part 1: Mobile Cloud authentication
and authorization”, Cloud Computing Journal, Jun. 14, 2010 [cited Sep. 30,2011], available
from World Wide Web: http://cloudcomputing.sys-con.com/node/1419017
[2] X.Zhang, A. Kunjithapatham, S. Jeong, and S. Gibbs, “Towards an Elastic Application
Model for Augmenting the Computing Capabilities of Mobile Devices with Cloud Computing”,
Mobile Networks and Applications, vol. 16, Issue 3, June 2011, pp. 270-284,
doi: 10.1007/s11036-011-0305-7.
[3] D. Huang; Z. Zhou; L.Xu, T.Xing, and Y. Zhong, "Secure data processing framework for
mobile cloud computing," Computer Communications Workshops (INFOCOM WKSHPS), 2011
IEEE Conference, pp.614-618, April 10-15 2011, doi: 10.1109/INFCOMW.2011.5928886
[4] M. Spinola, “A pragmatic, effective and hpye-free approach for strategic enterprise decision
making” [online], June 2009, [cited Oct. 19, 2011], available from World Wide Web:
<http://www.gtsi.com/eblast/corporate/cn/09_09_2009/PDFs/Essential%20Guide%20for%20Clo
ud%20Computing.pdf>
[5] E. McLoughlin, D. O'Sullivan, M. Bertolotto, and D.C. Wilson, “MEDIC: MobilE Diagnosis
for Improved Care”, In Proceedings of the 2006 ACM symposium on Applied computing (SAC
'06). ACM New York, 2006, pp. 204-208, doi:10.1145/1141277.1141325.
[6] M. Torrieri, “Appliance deployment report: Enterprise mobile cloud computing market to
grow to $5.2 billion by 2015”[online], TMCnet, January 12, 2010[ Cited Oct 14, 2011], available
from World Wide Web: <http://www.tmcnet.com/channels/appliance-
deployment/articles/72476-appliance-deployment-report-enterprise-mobile-cloud-computing-
market.htm>
[7] M. Satyanarayanan, P. Bahl, R. Caceres, and N. Davies, “The Case for VM-Based Cloudlets
in Mobile Computing,” IEEE Pervasive Computing, vol. 8, no. 4, pp. 14-23, October 2009.
[8] M. T. Nkosi and F. Mekuria, Cloud computing for enhanced mobile health applications,
presented at Cloud Computing Technology and Science (CloudCom), 2010 IEEE Second
International Conference, Nov. 30 -Dec. 3, 2010, pp. 629 – 633, doi:
10.1109/CloudCom.2010.31 .
[9] H.T. Dinh, C. Lee, D. Niyato, and P. Wang, “A Survey of Mobile Cloud Computing:
Architecture, Applications, and Approaches”, Wireless Communications and Mobile Computing,
to appear.
[10] Jason H. Christensen, “Using RESTful web-services and cloud computing to create next
generation mobile applications,” in Proceedings of the 24th ACM SIGPLAN conference
20
companion on Object oriented programming systems languages and applications (OOPSLA),
pp. 627-634, October 2009.
[11] Cloud Security Alliance, Top threats to cloud computing, version 1.0, March 2010,
available from World Wide Web:
<https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf>
[12] Cloud Security Alliance, Security Guidance for Critical Areas of Focus in Cloud
Computing, version 2.1, December 2009, available from World Wide Web:
<https://cloudsecurityalliance.org/csaguide.pdf>