RADIOELECTRONIC AND COMPUTER SYSTEMS

The article is devoted to the analysis of a variant of two-version multi-module web application using cloud services. As the design and development of web applications are increasingly active, there is a need to increase their reliability in the face of the increasing complexity of the applications themselves and the infrastructure on which they are based. One of the key solutions to this problem is the use of cloud services, which can greatly simplify the task of ensuring the reliability and security of various applications. At the same time, cloud providers cannot fully guarantee the fault tolerance of applications that run in their environment. Therefore, users should worry about this themselves. One of the most promising approaches is the use of diversity to increase the security and reliability of web applications hosted in the clouds. The object of research and analysis of this work is a multi-module web application designed using cloud services. The study of this work aims to compare modern solutions and technologies that allow implementing sabotage for a web application. Since many companies are moving their infrastructure to the clouds, it becomes necessary to consider the possibility of using diversity by cloud services. They allow you to create and deploy web applications developed in various programming languages on the servers of cloud providers. Thus, part of the responsibility for ensuring reliability is transferred to them. However, it is still necessary to ensure the resiliency of your programs, which may fail due to defects in the program code. One of the main solutions to this problem is N-version programming, which allows you to create an application from several independent versions. Each version can be written in different programming languages and using various technologies by separate development teams, thereby increasing the reliability of the final software product. As a result, in this paper, we conclude that leading cloud providers provide the opportunity to implement diversity using services of various presentation models, such as IaaS and PaaS. Using the principle of diversity, you can design a reliable web application that will avoid its failure in case of an error in the program code.

cloud services; multi-cloud strategy; cloud security approach; diversity; cloud providers; cloud service delivery model; cloud deployment model; common cause failure; cloud security threats

AWS security best practices. Available at: https://aws.amazon.com/whitepapers/aws-security-best-practices/ (accessed 22.02.2020).

Microsoft Azure security best practices. Available at: https://docs.microsoft.com/en-us/azure/security/security-best-practices-and-patterns (accessed 22.02.2020).

Google cloud platform security best practices. Available at: https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations (accessed 22.02.2020).

Gorbenko, A. Analiz osobennostei sozdaniya i ekspluatatsii garantosposobnykh servis-orientirovannykh sistem [Analysis of dependable service-oriented systems development features]. Radioelektronni i komp'uterni sistemi – Radioelectronic and computer systems, 2013, no. 5(64), pp. 237-242.

Yastrebenetsky, M., Kharchenko, V. Nuclear Power Plant Instrumentation and Control Systems for Safety and Security. IGI Global, USA, 2014. 450 p.

Frolov, V., Frolov, O., Kharchenko, V. Classification of Diversity for Dependable and Safe Computing. COLINS, 2019. Available at: http://ceur-ws.org/Vol-2362/paper32.pdf (accessed 22.12.2019).

Randles, M., Lamb, D., Taleb-Bendiab, A. A Comparative Study into Distributed Load Balancing Algorithms for Cloud Computing. 24th IEEE International Conference on Advanced Information Networking and Applications Workshops, Perth, WA, 2010, pp. 551-556. DOI: 10.1109/WAINA.2010.85.

Zhao, Q., Tan, Y. A Load Balancing Based Model for Dynamic Web Service Selection. Second International Symposium on Computational Intelligence and Design, Changsha, 2009, pp. 501-505. DOI: 10.1109/ISCID.2009.132.

Hong, Y. S., No, J. H., Kim, S. Y. DNS-based load balancing in distributed Web-server systems. The Fourth IEEE Workshop on Software Technologies for Future Embedded and Ubiquitous Systems, and the Second International Workshop on Collaborative Computing, Integration, and Assurance (SEUS-WCCIA'06), Gyeongju, 2006, pp. 4. DOI: 10.1109/SEUS-WCCIA.2006.23.

Khwaja, S., Alshayeb, M. A framework for evaluating software design pattern specification languages. IEEE/ACIS 12th International Conference on Computer and Information Science (ICIS), Niigata, 2013, pp. 41-45. DOI: 10.1109/ICIS.2013.6607814.

Alrouh, B., Ghinea, G. A Performance Evaluation of Security Mechanisms for Web Services. Fifth International Conference on Information Assurance and Security, Xi'an, 2009, pp. 715-718. DOI: 10.1109/IAS.2009.252.

You, Yu., Yuanyuan, Yang., Jian, Gu., Liang, Shen. Analysis and suggestions for the security of web applications. Proceedings of 2011 International Conference on Computer Science and Network Technology, Harbin, 2011, pp. 236-240. DOI: 10.1109/ICCSNT.2011.6181948.

Yadav, D., Gupta, D., Singh, D., Kumar, D., Sharma, U. Vulnerabilities and Security of Web Applications. 4th International Conference on Computing Communication and Automation (ICCCA), Greater Noida, India, 2018, pp. 1-5. DOI: 10.1109/CCAA.2018.8777558.

What Is Load Balancing. Available at: https://www.nginx.com/resources/glossary/load-balancing/ (accessed 20.02.2020).

Using nginx as HTTP load balancer Balancing. Available at: http://nginx.org/en/docs/http/load_balancing.html (accessed 21.02.2020).

Understanding software design patterns. Available at: https://opensource.com/article/19/7/understanding-software-design-patterns (accessed 24.02.2020).

Design Patterns. Available at: https://www.geeksforgeeks.org/design-patterns-set-1-introduction/ (accessed 21.02.2020).

Frolov, V. Analiz podkhodov k obespecheniyu bezopasnosti oblachnykh servisov [Analysis of approaches providing security of cloud services]. Radioelektronni i komp'uterni sistemi – Radioelectronic and computer systems, 2020, no.1(93), pp. 70-82. DOI: 10.32620/reks.2020.1.07.

Microsoft Azure marketplace. Available at: https://azuremarketplace.microsoft.com (accessed 22.02.2020).