Abstract: A method is implemented by one or more network devices to identify an originating point of failure in a composite service executed in a cloud computing environment. The execution of the composite service includes execution of a plurality of atomic services in an ordered sequence, where for each atomic service that is executed, an execution trace for that atomic service is stored in a blockchain to form an ordered sequence of execution traces, where the execution trace for a given atomic service is signed using the private key associated with that atomic service and analyzing one or more of the ordered sequence of execution traces to determine which of the plurality of atomic services originated the failure, where each execution trace that is analyzed is authenticated using the public key that corresponds to the private key associated with the atomic service that generated that execution trace.

Abstract: A method in a network node is provided for mitigating disruption during maintenance of an edge gateway node of a communication network. The edge gateway node connects devices to services(s) of the communication network. First device(s) are capable of connecting to a cloud environment in the absence of the edge gateway node, and second device(s) are incapable of connecting to the cloud environment in the absence of the edge gateway node. The method comprises: establishing respective virtual devices for the second device(s), the virtual devices comprising predictive models trained to replicate data output by the respective second device(s); and, during a time interval in which the maintenance of the edge gateway node is performed: configuring the virtual device(s) to connect to a virtual edge gateway node established in the cloud environment; and configuring at least one of the first device(s) to connect to the virtual edge gateway node.

Abstract: A method for managing provenance information associated to one or more interconnected provenance entities in a provenance system for data processing pipelines in a distributed cloud environment over a network interface, wherein each of the data processing pipelines is configured to read in data, transform the data, and output transformed data is disclosed.

Abstract: A method for providing data streams to a client over a network interface wherein the data streams comprise message data streams which form provenance views based on provenance information is disclosed. The method comprises, by a routing component; receiving (101), from a client, a request comprising a query for a provenance view submitted, obtaining (104) provenance information from a provenance information database based on the query of the received request, wherein the provenance information database comprises provenance relationships between provenance entities, obtaining (105) message data from a message data database based on the query of the received request, wherein the message data database comprises data corresponding to the provenance entities, deriving (106) correlated data based on the obtained provenance information and the obtained message data, and providing (109), to the client, the derived correlated data as a provenance view in message data streams.

Abstract: A method for providing data streams to a consuming client over a network interface wherein the data streams comprise message data streams based on streaming nodes indicative of message topics configured for storing and streaming message data, wherein each of the streaming nodes represents a data source device, and wherein interconnections between the streaming nodes define relationships between the streaming nodes is disclosed.

Abstract: A method and a network node for managing access, by a device, to a blockchain. The network node receives, a first request for creation of a first account. The first request includes information relating to a user of the device and a first hash value. The network node creates, based on the information and the first hash value, the first account on the blockchain, whereby a first address is obtained. The network node receives, a second request for recovering account information of the first account. The second request includes the first address of the first account, a source value from which the first hash value is derived and a second address of a second account. The network node generates a second hash value based on the source value. The network node initiates transfer of the account information of the first account to the second account.

Abstract: A method and a network device in a cloud computing system, including a first blockchain component that is one of a plurality of blockchain components forming a blockchain system, of dynamic discovery of another blockchain component of the blockchain system are described. A multicast address including a multicast group identifier is generated. The multicast group identifier is generated at least in part based on a genesis block identifier that uniquely identifies a blockchain serviced by the blockchain system. The network device joins a multicast group identified by the multicast group identifier; and transmits a message destined to the multicast address, where the message includes a request for a unicast address of another component of the blockchain system.

Abstract: A method in a network node is provided for mitigating disruption during maintenance of an edge gateway node of a communication network. The edge gateway node connects devices to services(s) of the communication network. First device(s) are capable of connecting to a cloud environment in the absence of the edge gateway node, and second device(s) are incapable of connecting to the cloud environment in the absence of the edge gateway node. The method comprises: establishing respective virtual devices for the second device(s), the virtual devices comprising predictive models trained to replicate data output by the respective second device(s); and, during a time interval in which the maintenance of the edge gateway node is performed: configuring the virtual device(s) to connect to a virtual edge gateway node established in the cloud environment; and configuring at least one of the first device(s) to connect to the virtual edge gateway node.

Abstract: Methods and systems for authorizing the access of a service are described. A server is operative to receive a request to subscribe to a service. The server is to receive from the requestor a selected service offer from the set of service offers, where the selected service offer is cryptographically signed with the private key of the requestor and the private key of the service. The server is further to record a delegation contract into a blockchain database, where the delegation contract includes an identification of the service, an identification of the requestor, and the service offer that is cryptographically signed with the private keys of the requestor and the service. The server is to transmit, to the requestor, a confirmation that the service can be accessed based on the selected service offer; and transmit to the service the delegation contract causing the service to provide access to the requestor.

Abstract: Methods and systems are disclosed for managing cloud services using smart contracts to facilitate various functions, such as tenant login, tenant enrollment, service registration, tenant usage charging, tenant usage tracking, tenant quota management, and tenant rights revocation. The proposed techniques allow tenant and service accounts to be represented as smart contracts, and for services to delegate authorization for bundles of service attributes to tenants and other services, for which the tenants and services are then charged. The business logic is implemented on a permissioned, distributed ledger (e.g., a private blockchain) and therefore is easily customized for specific classes of tenants and services.

Abstract: A method is implemented by one or more network devices to identify an originating point of failure in a composite service executed in a cloud computing environment. The execution of the composite service includes execution of a plurality of atomic services in an ordered sequence, where for each atomic service that is executed, an execution trace for that atomic service is stored in a blockchain to form an ordered sequence of execution traces, where the execution trace for a given atomic service is signed using the private key associated with that atomic service and analyzing one or more of the ordered sequence of execution traces to determine which of the plurality of atomic services originated the failure, where each execution trace that is analyzed is authenticated using the public key that corresponds to the private key associated with the atomic service that generated that execution trace.

Abstract: It is provided a method for managing a smart contract in real-time. The method is performed in a contract manager and comprises the steps of: obtaining a base version of the smart contract between the supplier and a first purchaser; recommending amendments to the base version of the smart contract, based on historic contract compliance data of the supplier, wherein the historic contract compliance data is based on smart contracts with the supplier and a plurality of purchasers; receiving a signal indicating an agreed smart contract between the first purchaser and the supplier; receiving a real-time monitoring signal relating to a compliance of the supplier in relation to at least one condition of a smart contract between the supplier and a second purchaser; and recommending amendments to the agreed smart contract, based on the monitoring signal.

Abstract: A method and a network node for managing access, by a device, to a blockchain. The network node receives, a first request for creation of a first account. The first request includes information relating to a user of the device and a first hash value. The network node creates, based on the information and the first hash value, the first account on the blockchain, whereby a first address is obtained. The network node receives, a second request for recovering account information of the first account. The second request includes the first address of the first account, a source value from which the first hash value is derived and a second address of a second account. The network node generates a second hash value based on the source value. The network node initiates transfer of the account information of the first account to the second account.

Abstract: It is provided a method for providing device data from a source device to a data requester. The method is performed in a data provider and comprises the steps of: determining operating mode being either a pass-through mode or a cache mode, based on estimated resource usage for each of the pass-through mode and the cache mode; receiving a read request from the data requester; when the data provider is in the pass-through mode, transmitting a corresponding read request to the source device and forwarding a read response from the source device to the data requester; when the data provider is in the cache mode, retrieving device data from storage of the data provider and transmitting a read response to the data requester, the read response comprising the device data from storage; and populating the storage of the data provider with device data received from the source device.

Abstract: A method is provided including receiving a first and second registration requests transmitted by a first and second smart containers, including first and second information identifying a first and second capabilities; and receiving a first request transmitted by the first smart container as a result of a failure experienced by the first smart container, identifying a temporary capability. The method further includes, as a result of receiving the first request, determining that the second smart container can perform the temporary capability.

Abstract: Methods and systems are disclosed for managing cloud services using smart contracts to facilitate various functions, such as tenant login, tenant enrollment, service registration, tenant usage charging, tenant usage tracking, tenant quota management, and tenant rights revocation. The proposed techniques allow tenant and service accounts to be represented as smart contracts, and for services to delegate authorization for bundles of service attributes to tenants and other services, for which the tenants and services are then charged. The business logic is implemented on a permissioned, distributed ledger (e.g., a private blockchain) and therefore is easily customized for specific classes of tenants and services.

Abstract: Methods and systems for authorizing the access of a service are described. A server is operative to receive a request to subscribe to a service. The server is to receive from the requestor a selected service offer from the set of service offers, where the selected service offer is cryptographically signed with the private key of the requestor and the private key of the service. The server is further to record a delegation contract into a blockchain database, where the delegation contract includes an identification of the service, an identification of the requestor, and the service offer that is cryptographically signed with the private keys of the requestor and the service. The server is to transmit, to the requestor, a confirmation that the service can be accessed based on the selected service offer; and transmit to the service the delegation contract causing the service to provide access to the requestor.

Abstract: A method and a network device in a cloud computing system, including a first blockchain component that is one of a plurality of blockchain components forming a blockchain system, of dynamic discovery of another blockchain component of the blockchain system are described. A multicast address including a multicast group identifier is generated. The multicast group identifier is generated at least in part based on a genesis block identifier that uniquely identifies a blockchain serviced by the blockchain system. The network device joins a multicast group identified by the multicast group identifier; and transmits a message destined to the multicast address, where the message includes a request for a unicast address of another component of the blockchain system.

Abstract: It is provided a method for providing device data from a source device to a data requester. The method is performed in a data provider and comprises the steps of: determining operating mode being either a passthrough mode or a cache mode, based on estimated resource usage for each of the pass-through mode and the cache mode; receiving a read request from the data requester; when the data provider is in the pass-through mode, transmitting a corresponding read request to the source device and forwarding a read response from the source device to the data requester; when the data provider is in the cache mode, retrieving device data from storage of the data provider and transmitting a read response to the data requester, the read response comprising the device data from storage; and populating the storage of the data provider with device data received from the source device.

Abstract: An aspect of the present invention provides a corresponding exclusive communication stack (e.g., TCP/IP stack) for each zone entity of a server system. In an embodiment, multiple server systems together implement a zone cluster containing such zone entities provided on corresponding server systems. As a result, when an application executing on a first zone entity of a first server is moved to a second zone entity of a zone cluster on a second server, the application continues to communicate using exclusive communication stack provided for the second zone entity. In view of the dedicated resources for network communication, applications executing in any zone entity of such a zone cluster, may have a desired level of predictable throughput performance and security for the communicated data packets.