Managing computing resources in intranets: an electronic commerce perspective

Ž .Decision Support Systems 24 1998 55–69

Managing computing resources in intranets: an electroniccommerce perspective

Alok Gupta a,), Dale O. Stahl b,1, Andrew B. Whinston c,2

a Department of OPIM, UniÕersity of Connecticut, 368 Fairfield Rd., Storrs, CT, USAb Department of Economics, The UniÕersity of Texas at Austin, Austin, TX, USA

c Department of MSIS, The UniÕersity of Texas at Austin, Austin, TX, USA

Abstract

Ž .Intra-organizational networks intranets are increasingly being developed for information sharing and collaborative workin geographically dispersed organizations. However, organizations are increasingly realizing that having an intranet in itselfmay not provide expected increase in productivity and benefits. Intranet resources have to be managed appropriately andwith organizational goals in mind for intranets to be a meaningful part of organizational environment. In this paper weprovide a framework to manage the resources in the intranets using the concepts of electronic commerce. Specifically, we

Ž .propose the creation of an electronic organizational unit, intranet Resource Management Unit iRMU , that manages userrequests using a dynamic priority pricing approach. The iRMU integrates a dynamic priority pricing approach with theconcepts of topology management, security management, and software-agents based service construction to create acomprehensive resource management environment. The contribution of this paper is to provide a framework that integratesexisting technological base with economic pricing approaches to create an economics-embedded intranet resource manage-ment approach. q 1998 Elsevier Science B.V. All rights reserved.

Keywords: Intranet; Resource management; Economic pricing; Network management; Electronic commerce; Data security; Data integrity

1. Introduction

The growing trend toward global intranets pre-sents an opportunity and means to achieve unprece-dented flexibility, accuracy, and productivity. How-ever, this proliferation also brings new challengesand difficulties in managing the corporate computingand networking resources, while ensuring that thecorporate goals are fulfilled. The current approach to

) Corresponding author. E-mail: [email protected] E-mail: [email protected] E-mail: [email protected]

network management is quite limited and does notconsider business issues in the management of net-work resources. These highly centralized approachesreflect the bottom-up growth, based on atechnology-driven bureaucratic view of computerequipment acquisition. Wide Area Network manage-ment applications such as IBM’s NetViewe andHewlett Packard’s OpenViewe are dedicated tomaintaining the current status of the network. Theytypically monitor the traffic and make periodicchanges in the routing tables whenever necessaryand possible, for example, when a trunk fails orbecomes excessively congested. In sum, the currentrole of network management applications is passive

0167-9236r98r$ - see front matter q 1998 Elsevier Science B.V. All rights reserved.Ž .PII: S0167-9236 98 00063-3

( )A. Gupta et al.rDecision Support Systems 24 1998 55–6956

management of the equipment rather than a proactiveacquisition and management of a valuable resource—a necessity for effective intranet management.

Network management for the intranets needs to beproactive where the network management perspec-tive includes: allocation of resources, secure commu-nications, replication of business processes with nat-ural priorities, and consideration of organizationalobjectives. Companies using intranets are increas-ingly concerned with the appropriate usage and costsharing of their networks. Network managementsoftware is adapting to this concern by developingtools that can monitor and record the network traffic.For example, Sequel Technology is introducing a

Ž .network management tool in November 1997 thatw xcan monitor the traffic at each node in an intranet 6 .

However, such solutions are barely scratching thesurface of the real issue, i.e., the appropriate usageand allocation of resources. None-the-less, there isclearly a need for integration of technology withbusiness objectives in managing intranet resources.

Economists and MIS academics have argued thateconomic pricing can be used for effective network

w xresource management 2,5,10,12 that can providethe required capabilities of proactive network man-

w xagement. However, as Shenker et al. 11 point out, itis not clear how these economic pricing models canbe implemented and integrated with networkingtechnology and tools. Furthermore, there has been nodiscussion on the technological or informationalneeds to implement economic pricing strategies.

In this paper we propose framework for intranetŽ .Resource Management Unit iRMU that creates an

electronic commerce environment. This frameworkuses an economic pricing approach to ensure that theoverall objective of iRMU is to maximize the organi-zation-wide benefits from the intranet operations and

w xservices while trying to satisfy the myopic objec-tives of all the organizational units, that use theintranet services. The iRMU also handles need-basedor bureaucracy based urgent needs by providingmultiple level of service priorities that are based onthe value associated with a service at a given time.This framework encompasses a complete set of busi-ness and network management transactions including

Žthe search for services, service construction using.smart agents , network management, payment and

accounting services, and security and data integrity.

The central objective of this paper is to bridge thegap that exists between economic pricing approachesand networking technology by proposing an eco-nomic mechanism 3 to facilitate resource manage-ment from a business perspective. Design of such amechanism requires careful consideration of avail-able tools, technology, and information. The mecha-nism presented in this paper is described by present-ing the technological components of iRMU and dis-cussing its transaction flows. The iRMU utilizesexisting technology for network management, datasecurity and integrity, and integrates it with an eco-nomic priority-pricing approach.

The paper is organized as follows. Section 2provides the background on the core concepts which

Ž .form the basis of an iRMU, namely: i networkresource allocation using a dynamic priority pricing

Ž .scheme; ii third-party authentication mechanismssuch as Kerberos or SESAME for ensuring transac-

Ž .tion security and integrity; and iii Topology Man-Ž .agement Application TMA for monitoring the net-

work performance and providing the necessary datameasures for the implementation of pricing scheme.Section 3 presents an organizational view of iRMUto illustrate the functionality requirements of such asystem. Section 4 discusses the transaction flows iniRMU. Section 5 discusses the network resourcemanagement via iRMU including the description ofpricing scheme and some simulation results. Finally,Section 6 provides a summary with the discussion onimpact of real-time pricing mechanism on systemperformance, facilitation of appropriate discrimina-tory levels of services and investment in networkresources and services.

2. Core components of iRMU

There has been quite an explosion in the numberof commercial organizations joining the Internetcommunity through WWW and many have gone tocreate services for their customers andror employ-ees. Organizations which already have a substantialinvestment in proprietary data networks are trying to

3 An economic mechanism can be viewed as an implementationof an economic approach.

( )A. Gupta et al.rDecision Support Systems 24 1998 55–69 57

migrate to more open standards in order to provide agreater cross functionality and information sharingwithin functionally andror geographically dis-tributed organizational units. Essentially, Internettechnologies can bring the ultimate tool of reengi-neering to life to provide easier redefinition of work-flows for organizational units through greater inter-action and information sharing. The goal of intranetsis to facilitate the interaction efficiently in order toprovide greater flexibility in organizational opera-tions and workflows and, thus, making it more re-sponsive to its ever changing marketplace.

However, the competitive advantage that organi-zations are hoping to achieve via the use of intranetswill be difficult to achieve simply by technologicalsolutions since anyone can implement these tech-nologies by using off-the-shelf networking solutions—it is the management of technology and effectiveuse of resources that will provide competitive edge.Intranets provide infrastructure for internal elec-tronic commerce where organizational units maycooperate in achieving organizational goals but com-pete in terms of computational resources to reachtheir expected performance goals. Therefore, fromthe perspective of efficient usage of intranets, it isnecessary to create an organizational unit that hasorganizational goals as its paramount objective.

Following are the salient features of intranet Re-Ž .source Management Unit iRMU presented in this

paper:Ø since it is natural for an organization to desire the

maximal benefit out of their intranet operations,that is also the objective of the iRMU;

Ø security and integrity of information, especiallywhen information has to travel in clear, i.e., onunsecured parts of the intranets such as publicnetworks;

Ø availability of information regarding the status ofservices and servers;

Ø appropriate replication of ‘traditional’ businessprocesses, including differential data handling,providing the prioritization of organizational tasks;and

Ø flexible implementation with open standards tomake it amenable to refinement withimprovedrnew technology.In Sections 2.1, 2.2 and 2.3 we present some

background on the required components, that form

the basis of iRMU, such as network resource alloca-tion, security, and network management.

2.1. Network resource allocation using priority prices

Managing the data communication network is avery complex task. These networks operate in acompletely distributed environment with little or noprecedence or inheritance relationships, i.e., the per-formance of a node in a data communication net-work does not depend upon the performance of thenodes it receives information from or the perfor-mance of the node it passes the information to.Furthermore, the demand for services is quite irregu-lar, and even with a central governing body, which ispossible in intranets, it would be impossible to man-ually manage and allocate computing resources insuch a setting. Another important dimension of man-aging the network traffic is the necessity to performthis task in real-time, since by definition the datacommunication services are time constrained, andthe demand structure is quite dynamic.

A model for priority pricing for Internet traffic isw xpresented in Ref. 2 . Simply put, the essential idea

there is to charge a user an amount that is propor-tional to hisrher usage of the network. Specifically,the paper argues that a user should pay charges equalto the amount that other users suffer as a loss due todegradation in their service. Priority pricing provideseconomic rationale for providing higher quality ofservice to the users who need it.

In this model a rental price, a priority premium,and an expected waiting time are associated witheach processor. The prices are dependent upon thesize of services desired. Service requests from a userdepend on the service benefits to the user and thecosts. Given the prices and the anticipated waitingtimes, a user evaluates and selects cost-minimizing

Ž .service schemes a server or service provider . Opti-mal service demands are then translated into de-mands on individual processors. They prove a gener-ically unique welfare-maximizing allocation exists,and derived the rental prices that support this opti-

Ž .mum as a ‘stochastic equilibrium’. That is, i userflow rates are optimal for each user given the rental

Ž .prices and anticipated waiting times, ii the antici-pated waiting times are the correct ex ante expected

Ž .waiting times given the flow rates, and iii theaggregate average flow rates are equal to welfare-


maximizing rates. The advantage of this characteriza-tion resides in the fact that this pricing mechanismcan be implemented in a decentralized manner with

Žrelatively smaller information overhead as com-pared to traditional fixed-point price computation

.approaches in economics since price calculationscan be decentralized to each server and user deci-sions can be decentralized to their client machines.Additionally, priority pricing can take urgent needsinto account and provide a rationale for providingfaster access to some users.

Another important benefit of using dynamic prior-ity pricing is the ability of the pricing mechanism toappropriately replicate the characteristics of tradi-tional business processes. Ideally, intranet applica-tions should functionally provide same flexibilityŽ .and sometimes restrictions as provided by the usualbusiness protocol it is replacing. For example, one ofthe most important dimension of information dissem-ination in an organization is the ability of humanoperatives to provide differential data handling—some tasks are more important than the others andneed their informational requirements met first, i.e.,prioritization of tasks. A mechanism that eliminates atraditional business transaction should be able toreplicate the important characteristics of that busi-ness transaction, such as appropriate priority han-dling of some information. With current Internettechnologies some of the desired qualities of busi-ness transactions, such as differential data handling,can not be replicated. 4 Clearly, appropriate layers ofdata handling have to be constructed on top of theexisting communication protocols besides the devel-opment of the applications which support differentialdata treatment instead of democratic best-efforttreatment of present.

This priority pricing mechanism can be used ininternal electronic commerce environment for auto-mated resource management. Furthermore, since thispricing mechanism maximizes the net benefits de-rived from the system, it is consistent with the

4 Ž . w xThe next generation Internet Protocol IPv6 1 may havepriority handling, however, the discussion seems to be gearedtowards providing application based priority levels rather than

Ž .usage or user-need based priority assignments. An appropriatepricing mechanism, thus, will still be needed to provide needbased priority access.

corporate goal of maximizing the benefits from in-tranet operations.

2.2. Security and data integrity

An intranet may operate in an environment whereparts of the network infrastructure are beyond thecontrol of the organization managing the intranet.For example, geographically dispersed organizationalnetworks may be linked via public data networkssuch as the Internet; even if the transmission linesare leased, the routers may be in public domain. Thiscreates significant danger of unauthorized access tocorporate servers and possibility of tampering withintra-organizational communications. Thus, it is nec-essary to provide mechanisms for the security ofcorporate servers and integrity of data communica-tions in such networks.

Typically, organizations have set up firewalls torestrict unauthorized access and several encryptionschemes using cryptography exist to provide com-munication integrity, examples of encryption schemesinclude Data Encryption Standard, RSA, etc. Typi-cally, encryption schemes use keys to encrypt anddecrypt the information in such a way that onlyparties having the knowledge of a particular key candecipher an encrypted document. The key to success-ful data encryption is a good key managementscheme.

We think that third party encryption systems suchw x Žas Kerberos 4 or SESAME Secure European Sys-

.tem for Applications in Multi-vendor Environmentw x9 are better suited for the security and integrity ofintranet transactions because they provide severaldesirable features as described later in this subsec-tion. In third party authentication schemes securetransactions can take place among the entities whichare registered with the authentication system. Forexample, Kerberos system keeps a database of regis-tered users, servers, and services along with theirpriÕate keys, i.e., encryption schemes. When an userneeds access to a server Kerberos system sends aticket to the user encoded with the users private keyand a session key which can be used to communicatewith the server; this ticket contains the followinginformation:Ø authorization to access the server encoded in the

server’s private key;


Ø a session key; andØ other fields which can be filled by the user to

characterize specifics of their request andror ad-ditional security features such as time stamps tothwart replay. 5

The user then sends the ticket to the server withappropriate fields filled and encrypted with the ses-sion key. When the server receives the ticket itdeciphers the parts encrypted with its private key,obtains the session key, and then decrypts the partsencrypted by the session key. Since only authorizeduser has access to session key, the process of com-plete decryption of the ticket verifies the integrity ofthe message and identity of the user. Once the serveris assured of the integrity of the ticket and identity ofthe user the communication can take place using thesession key or the server and user can exchange

w xanother key securely and use that for further com-munication. SESAME has in part adapted some ofKerberos’ protocols but, in general, SESAME ex-tends the capability and the functionality of Ker-beros. For example, SESAME can also use public-key cryptography while Kerberos is designed to usesecret-key cryptography; SESAME also has mecha-nisms to keep track of origination of transactions foraccountingrauditing purposes.

We favor using a third party authentication mech-anism in iRMU for the following reasons:Ø scalability, especially with public-key cryptogra-

phy;Ø in public networks providing trusted third party

servers is a problem, in intranets trusted serverscan easily be constructed;

Ø third party mechanisms can readily provide sev-eral desirable features such as capability of check-ing authorization and capability, which can, forexample, be used in providing priority access; and

Ø third party mechanisms can integrate on-line pay-w xment services, in fact Netcash 7 and NetCheque

w x8 are based on Kerberos.

2.3. Topology management applications

Network management applications for Wide AreaŽ .Networks WAN , such as IBM’s NetView and Hp’s

5 Replay refers to the act when a hostile entity copies thecommunication and sends it again at a later time.

OpenView, are typically used to maintain an updatedŽ .status of network links transmission trunks , routers,

and servers; these applications are usually referred toŽ .as the Topology Management Applications TMA .

They maintain the current status of the network,monitor traffic, and make changes in the routingtables whenever it is necessary and possible. TivoliSystems’ Tivoli Management Environment goes astep further by providing all-in-one environment thatintegrates the management of databases, systems,and network devices.

TMA are passive management tools and do notinvolve or manipulate the user demand process forresource allocation purposes, rather the networkmanagement tries to reroute and balance the loads ifa trunk fails or becomes excessively congested. Also,since TMA play a passive role, they, themselves, donot have any role in differential data handling andprioritization of tasks. However, TMA forms anintegral part of iRMU since information regardingthe expected performance of the network nodes isrequired to compute dynamic priority prices.

The design of iRMU is based on the core con-cepts presented in Sections 2.1, 2.2 and 2.3. Section3 presents justification for using these componentsby examining iRMU from an organizational perspec-tive and its functionality requirements.

3. An organizational view of iRMU

In our view, intranets may consist of several,geographically dispersed, secured networks con-nected via unsecured networks. Whenever a userneeds a service or information that is not availableon their own regional network, they may have toexplore other parts of the corporate intranet. Obvi-ously, the communication through the unsecured partof the connection is prone to hostile attacks such astampering with the information, stealing proprietaryinformation, and replay. Fig. 1 depicts such a net-work.

The iRMU tries to maintain corporate goals ofmaximizing organizational value from intranet usage,maintaining data integrity and security, and provid-ing best possible service to its users. In an organiza-tional setting, these goals can be achieved by dis-tributing the task of resource management to differ-ent departments, where each department is responsi-


Fig. 1. Intranet resource management.

ble for a specific set of activities such as providingdata integrity, searching for required information,and estimating and predicting performance measures.We can view iRMU as a collection of various func-tional departments that facilitate an environment inwhich users buy and sell information and servicesusing a secure data communication environment.

Fig. 2 presents the organizational view of iRMUand depicts the interaction among different depart-ments during routine operations. As the Fig. 2 de-picts, iRMU consists of six departments: customerservice, security management, accounting and pay-ment, information service management, networkmanagement, and market management. In the rest ofthis section we describe the objectives of these dif-ferent departments.

3.1. Customer serÕice

Customer service acts as a liaison between usersand information services that an intranet provides.The primary objective of customer service is toprovide intranet users with easy to use access and toprovide the other departments of iRMU with neces-sary information for satisfactory delivery. Eventhough customer service may not directly communi-cate with all the departments of the iRMU, theinformation they obtain is critical for creating asatisfactory service environment for user queries. Forexample, customer service does not interact withinformation service management directly, however,

Žthe information regarding the service description that.is obtained from users by customer service is passed

on to information service management by securitymanagement department. Customer service repre-sents a vital part of iRMU and requires careful

planning and design; this usually will entail designof a user-friendly interface that will provide variousoptions to a user to characterize their service requestand preferences. We will describe some specificfunctionality in Section 4 when we examine transac-tion flows resulting from user request process.

3.2. Security management

Security management deals with all the securityand data integrity constraints on organizational infor-mation and services that will be delivered via anintranet. Along with accounting and payment, andinformation service departments, security manage-ment forms the core facilitator of secure businesstransactions in an electronic commerce environment.Security management interacts with information ser-vice and performs the task of checking authorizationand availability of servers and services. It interactswith the accounting and payment department to facil-itate secure on-line payment procedures. All the

Žintranet servers and users which may be a functional.unit as a whole or individuals need to be registered

with the security management department. Depend-ing upon the granularity required in limiting theaccess, individual services, databases, etc., on aserver can be registered independently. Securitymanagement assigns private keys to servers and users

Fig. 2. Departments of iRMU.


by using a third party authentication mechanism. Ifaccess can be granted in several priorities, securitymanagement may assign each priority for a serviceits own secret key. We discuss the role of securitymanagement department in facilitating user servicerequest in Section 4.

3.3. Accounting and payment

Accounting and payment department will verifythat the user has enough resources to pay for theservices rendered. Accounting and payment depart-ment interacts with security management to providesecure payment mechanism and with market man-agement to get information regarding the price andcost of a service. It also interacts with informationservice management regarding the successrfailure ofa payment-related transaction.

Accounting and payment will employ tools suchas electronic and traditional payment mechanism.Fig. 3 shows the details of accounting and paymentframework in iRMU.

3.4. Information serÕice management

Information service management is responsiblefor completing the user service requests. For a partic-ular service, this department develops the schemes tofacilitate user service requests. It has the knowledgebase to interpret the user service request and break itdown to basic elements of informationrcomputationrequired. Information service management can beviewed as a manufacturer of information services,providing mass customization to intranet users. Itinteracts with security management to check for

Ž .appropriate security authorization s and accountingfor payment verifications before delivering the re-

Fig. 3. Details of payment process.

quested service. Information service management willemploy tools such as relational databases, searchengines, and mobile smart agents.

3.5. Market management

The market management department’s involve-ment in user service delivery process is small; itprovides the prices and subsumes the task of opti-mizing the client costs given a service scheme. 6

However, this department plays an important role inthe underlying process of determining prices andexpected system performance. Market managementworks closely with network management departmentto obtain the necessary information regarding thesystem’s state at different points in time. It maintainsprice and performance databases and uses this infor-mation to compute the prices and expectations re-garding system performance. It is also their responsi-bility to check whether system performance matches

Žwith expected performance and to refine or trou-.bleshoot its methods when necessary.

3.6. Network management

Network management plays no direct role in cus-tomer service process, except in the case of nodefailures when it contacts the information servicesmanagement and informs them about the failure. Itsnormal operations consist of monitoring networktraffic and sampling of network performance statis-tics. It interacts with market management and catersto their information needs regarding the networkperformance. It also maintains the integrity con-straints on the network nodes it controls, for exam-ple, ensuring that the appropriate priority structure ismaintained at all nodes. Network management em-ploys sophisticated Network Management Applica-tions and smart agents. We provide more details onnetwork management operations in Section 5.

4. Transaction flows for user service requests

Fig. 4 provides an overview of user service re-quest process and identifies different steps in this

6 We refer interested readers to Gupta, Stahl, and Whinstonw x2,3 for details of pricing approach, and user cost optimizationand decision process.


Fig. 4. Service request process.

process. When a user needs a service it sends arequest to the customer service department. Thecustomer service obtains following information fromthe user.

Ž .i User identification—this is used to determinewhether user is an authorized user of iRMU.

Ž .ii Service specifications or service type—thismay be a specific, well defined, service or a usermay choose to describe what information they wantor what operations they want performed. Informationservices management department will handle the taskof identifying the type of service request.

Ž .iii Delay specifications—users will specify thedegree of delay they can suffer in having their

request completed. Again, customer service can pro-vide relevant fields, via a user-friendly interface,which when appropriately marked will convey users’delay specifications. For example, user can specify:.a that service should be performed in real-time, i.e.,

.no delay is tolerable; b a hard or non-negotiabledeadline, i.e., the request have to be completed by

.the deadline; c a soft or negotiable deadline, i.e., ifthe request is not completed by the deadline, user

Žmay be able to negotiate another deadline perhaps at. . Ž .a lower cost ; or d no delay restriction best effort .

The granularity of this specification depends uponspecific implementations, desired functionality, andorganizational goals.


Ž .iv Spending limits—depending upon how mucha user values a particular service, 7 each servicerequest will be associated with a maximum amount auser is willing to pay. Note that, this amount is notthe amount which a users will be charged, rather it isan upper limit; if the service can not be delivered inthe specified spending limit then the delivery of theservice, via intranet, can not be economically justi-fied.

The customer service department then interactswith security management department and providesit with user’s request. Security management uses theuser-data database and verifies the identity of the

Žuser. It may also obtain user profile department,.functionality, etc. for use in further processing. Once

a user’s identity is verified, information service man-agement department tries to identify the service and

Ž .the server s it is available on. In the case of astandard service, such as price lists, manuals, proce-dures, and other well defined computing modules,the information can be obtained from a servicedatabase. On the other hand, if a user has provided a

Žgeneric description of service for example, a historicanalysis and frequency distribution of company xyz’s

.stock price , the query is submitted to a serviceconstruction module which may consist of smart

Žagents working with specific expertise knowledge.base matching user request with available informa-

tion. These service construction modules are essen-tially service brokers which may pool the informa-tion from intra-organizational resources, freely avail-able information, and external information from otherorganizations or external information brokers; weview these smart agents as manufacturing the cus-tomized information products to match a user’s spec-ifications. Note that, we have described a genericservice construction module and its desired capabili-ties. Information from external sources or brokerscan be viewed as outsourcing of the computationaltask and a specific implementation of service con-struction module may generate these options only

7 We assume that users are using network services because theyderive value from these services and the organization benefitsbecause of increased efficiency and productivity. Thus, our valuefunctions implicitly consider the positive externalities of net-worked computing.

when in-house resources do not meet user require-ments or budget.

In some cases a user’s specifications may not bematched with desired precision, in those cases cus-tomer service may be directed to solicit further in-structions. In response, a user may choose to furthernarrowrbroaden the specifications or abort the re-quest. The service identification process determinesall the possible avenues of completing a service andreturns the identification of all the serversrschemes—a scheme may involve using more than one serverto complete the service request, for example gather-ing the daily sales information from all the differentretail outlets of an organization at the end of eachday.

The information regarding these schemes is re-layed back to accounting and payment department,which contacts the market management departmentfor cost optimization. The cost optimizing modulecontacts the performance database and obtains theinformation regarding prices and expected wait forall the servers which either individually or as a partof a scheme can provide a user’s desired service.Then, the optimizer computes the minimum costalternative—this cost includes price and user’s esti-mated cost of delay—since user delay characteristicsare taken into account and are presumed to containthe user’s desired service quality, a user will alwaysprefer the lowest cost alternative. If a lowest costalternative meets user delay requirements and costconstraint, the result is forwarded to the securitymanagement for authentication purposes. If user’sdesired service can not be delivered with the re-quired delay requirements and cost constraints, useris notified and is provided with the best alternativeŽ .closest to user specifications . If the user accepts thealternative, the results are forwarded to the securitymanagement, otherwise user is informed that therequest is being terminated.

If the security management gets a valid ‘optimal’result, it contacts the accessibility database thatchecks whether the user has authorization to access

Ž . Žthe specified server s access to some corporateservers may be restricted, for example a user inmarketing may not have ‘direct’ access to servers of

.finance department . If the user has appropriate au-thorizations accessibility database returns a ‘goahead’ signal. However, if the user does not have an


Ž .authorization to access the server s , user is notifiedand is sent a request-for-authorization form whichcontains the information regarding user’s request,user’s profile, and results from optimizing module.Upon receiving the request-for-authorization formthe user sends this form to an authorization agentŽfor example, the Ticket-Granting-Ticket server of

.Kerberos system that grants the authorization if it isspecifically prohibited during a given period or dueto corporate policy. If the authorization is granted‘go ahead’ signal is generated via the accessibilitydatabase, otherwise the cost optimizing module isasked for another alternative.

Once a ‘go ahead’ signal is generated, the ac-counting and payment department is contacted forauthorization of the required payment. In the autho-rization process, the specified amount is verified tobe in the user’s account and is reserved for the

Ž .servers by the user or her bank . At this moment themoney is not transferred to the system and theservice is not delivered. Both the user and the serverhave a key that needs to be submitted to the accountin order to release the money either to the server or

Žback to the user in case of failure to deliver required.services . Once user receives the services she re-

leases the money to the server. Note that in the casewhere a user does not want to pay after receiving theservices, the server can still prevent the money frombeing spent and can submit a claim directly to thepayment system providing the proof of services ren-dered consistent with the contract. Similarly, a usercan get her money released if services are not pro-vided and server refuses to release the money.

Once the payment is verified information servicedepartment accesses the server database to access the

Ž .key of the server s and to find out any specialrequirements a server has. For example, some serverswith restrictive access may require the system toprovide them with the authorization to verify user’s

Židentity independently as opposed to the identity. 8provided by the ticket . Once the required informa-

tion is obtained the user service request is granted aŽ .ticket to access the server s for specified service in

8 Here we assume that a secret-key cryptographic system isused; the extension to public-key cryptography can be describedin similar terms.

Fig. 5. Process to obtain a secure service.

desired service class. The ticket usually containsauthorization encoded in server’s key, a session key,

Žand some fields to be filled by the user such as a.time stamp , the whole ticket is encoded in user’s

key before transmitting it to the user. When userreceives the key, she decodes the ticket, fills out thefields, encodes the parts filled by her in the session

Ž .key and then sends it to the server s to obtain thedesired service. After a server receives the ticket, itdecodes the parts encoded with its key, obtains theauthorization and session key and then decodes theparts encoded by a user using the session key. Thisprocess identifies the user and time stamp that can beused to mitigate the possibility of a replay. Once aserver identifies a user and checks the authorization,the service can be provided to the user using thesession key or the server and the user can decide to

Ž .use other key s for encryption. Fig. 5 summarizesthe process of obtaining the ticket and the delivery ofservices.

5. Network resource management and price com-putation

The market management department and the net-work management department in iRMU facilitate thedynamic resource allocation in real-time by interact-ing with an adaptive and self adjusting priority pric-ing scheme. Fig. 6 provides the sketch of a networkresource management scheme. The network manage-ment department uses a Topology Management Ap-

Ž .plication TMA to gather the information regardingthe operational status of the intranet nodes which


Fig. 6. Network management operations.

includes the information regarding the load and wait-ing times.

We envision that the TMA will operate both in anevent driven mode and on a time based pollingmode. Let us explain. An event driven mode refersto the situation when TMA updates the network’soperational status when a significant event takesplace, e.g., failure of a network trunk or router.Polling refers to the situation where after fixed inter-val of times all the network devices are polled tocheck for their status and any change in status isnoted and reflected in new operational status of thenetwork. Obviously, event driven methods are morelikely to reflect the network true operational status atany given point in time. However, even though it iseasier to implement event driven methods for catas-trophic changes such as failures and resurrection ofservices since these events define a significant event,it is considerably harder to use event driven methodswhen, for example, a significant event is simplyexcessive demand. Therefore, we suggest using aconjunction of event driven operations for significantevents and a time based polling for obtaining regularfeedback on the status of network operations.

Whenever an event based update is made or atime based polling is conducted, the TMA collectsthe information regarding the waiting times and loadon the network devices. In case of an event-basedupdate, such as a node failure, the TMA updates theinformation in performance database—for example,

in case of a failure an infinite waiting time can beput andror an infinitely large price to access thenode. In case of polled information the networkmanagement department furnishes the information tomarket management department that uses the infor-mation for its performance prediction mechanismand price-computing module.

New set of performance predictions and prices arecomputed whenever the TMA updates the informa-tion. However, in some cases where the networkmanagement feels it is disruptive to change pricesand performance prediction every time there is asmall change in these parameters, a statistical inter-val can be constructed to provide further stability inprices and performance predictions. Whenever anewly computed price is within the statistical inter-

Ž .val i.e., there is no statistically significant deviationthe prices andror performance predictions are notchanged and vice versa.

The performance prediction mechanism will in-clude a collection of forecasting tools. Different

Ž .forecasting tools may have to be used for: i differ-Ž . Ž .ent devices; ii different locations; iii during dif-

Ž .ferent time intervals; and iv with different loadconditions. The choice of appropriate forecastingtool is made based on historical evidence and soundstatistical practices. Appropriate forecasting is thekey to successful management of resources by pro-viding expectedrpromised performance.

As mentioned in Section 2.1, we favor using apriority pricing mechanism that computes the pricesin real-time, such as the one presented in Refs.w x 92,3 . Such a mechanism achieves real-time alloca-tion of resources while the system operates in thevicinity of stochastic equilibrium. This equilibriumconcept allows the decentralization of the resourceallocation process to the user level and reduces theinformation required for the user’s decision problemto current rental prices and current expected delays.The administrative and communication costs of dis-tributing this information pales in comparison to the

9 However, this mechanism is generic enough to allow theusage of any pricing scheme that has potential to manage thenetwork resources, such as the pricing schemes presented in Refs.w x5,10 .


Fig. 7. Benefits with different pricing scheme.

associated costs of a large number of Arrow–DebreuŽ .contingency markets or even spot auction markets .

The objective function in this model maximizescollective benefits of the system and its users. This isa natural objective function for the intranet environ-ment where it is rational to assume that organiza-tional objective is to maximize the benefits derivedfrom intranet usage.

From the theoretical standpoint these results havesignificant importance. The rental prices at the in-tranet nodes decentralize the management and ac-counting problems. It gives users or their clientsaccess to an evaluation mechanism to decide whenand what kind of service they want and at whatpriority. 10 At the server level it will allow themanagement to assess the queues and delays moreaccurately and design their systems accordingly. Fi-nally, at the network level it will allow for a betterload distribution because users will avoid exces-sively loaded and thus highly priced servers.

To illustrate the role of TMA and performanceprediction mechanism we briefly provide the require-ments for price computations. In the model discussedabove, the price at a particular server for a particular

10 By a priority class we mean that jobs in the highest priorityclass are processed before all the other jobs. At any time if a

Ž .higher priority job than the rest in the queue arrives it is put firstin the queue. Thus, jobs in the highest priority class impose delayson the jobs in all other priority classes, whereas the jobs in lowestpriority classes do not impose any delay on the jobs in otherpriority classes.

priority class can be represented by the followingŽ .system of Eq. 2 :

P q sS EV rEx S S d x 1Ž . Ž .m k h h m k q i j i j i jhm

Ž .where: P q is the price of a job sized q at serverm k

m for priority class k; x is the arrival rate of jobsm k q

sized q at machine m in priority class k; V is ah

continuously differentiable, strictly increasing func-tion of arrival rate x and capacity Õ ; it providesm k q m

the waiting time at a server m for priority class h;d is the delay cost parameter of consumer i fori j

service j; and x is the flow rate of service j fori jhm

consumer i with priority h at server m.Let us briefly interpret this equation. The first

w xterm on the right side EV rEx is the derivativeh m k q

of waiting time with respect to the arrival rate ofjobs sized q. Since the waiting time is a strictlyincreasing function of this arrival rate, an increase inthe arrival rate of a certain priority class increasesthe prices for that priority class. The second S S di j i j

x can be interpreted as the accumulated delayi jhm

cost of the system; an increase in this cost increasesthe price. Since the jobs in the highest priority classimpose delays on the jobs in all other priority classes,whereas the jobs in lowest priority classes imposevery little delay on the jobs in other priority classes,the prices for higher priority classes are higher thanthat of lower priority classes.

However, these prices can not be optimally com-puted since that requires the knowledge of optimaldemand. However, the approximate prices can becomputed in real-time by an iterative mechanism,where the parameter estimates are based on the


Table 1Monetary savings by using usage based pricing

Demand Benefits per Benefits per Delay cost per Delay cost per Savings for anscaling server with server with server with server with intranet withfactor usage pricing no usage pricing usage pricing no usage pricing 50 servers

50 $1917 $1339 $31 $639 $59,32410 $3224 $631 $74 $1732 $212,54525 $5980 $516 $204 $2042 $365,09250 $8693 $484 $387 $2146 $498,419

information obtained from the TMA’s time basedŽ .polling. Suppose t, tq1 is the time interval be-

tween TMA’s polling. The following iterative equa-tion can be used to update the prices at any given

Ž .time tq1 :

ptq1 sa ptq1 q 1ya pt 2Ž . Ž .ˆm k m k m k

Ž . tq1where: a is a number between 0,1 ; p is theˆm kŽ . Ž .estimated new price at time tq1 using Eq. 1 ;

t Žp is the implemented price during the time t,m k.tq1 .

The idea behind updating the price this way is toprovide a shield against local fluctuations in demandand in the stochastic nature of the process. A lowervalue of the parameter a means that the price adjust-ment will be gradual in time, whereas a higher a

will result in potentially large changes in the pricesfrom period to period. TMA’s polling provides thenecessary data required to compute new prices at a

Ž .given time tq1 .Fig. 7 provides evidence of the effectiveness of

this pricing approach as compared to no pricing andfixed pricing approaches. These results are obtainedfrom the simulation testing of this pricing scheme. 11

ŽThese results present the system benefits net bene-. Ž .fits and private benefits user benefits . Net benefits

are the benefits to the system as a whole and areequal to the aggregated users’ value of the servicesrendered less the loss of value due to the delay,whereas the customer benefits are the net benefitsless the price charged by the system. 12 Clearly, thebenefits derived from using our pricing scheme arefar superior to those obtained by flat prices or free

11 The details of this simulation study and a variety of otherw xresults related to this pricing mechanism are presented in Ref. 3 .

12 Note that in the free access case net benefitsscustomerbenefits.

access. Flat prices do provide higher net benefitsthan free access but the user benefits are almostidentical. More surprisingly, results in Fig. 7 suggestthat using the pricing mechanism may be a win–winsituation on the aggregate level, i.e., both users and

Ž .the intranet service providers MIS department maybenefit from using appropriate prices. Users benefitbecause their requests are delayed less resulting inthe availability of timely and therefore useful infor-mation. The intranet benefits because of the revenuesgenerated and the optimal usage of the network.

To illustrate the potential dollar savings, we con-verted these simulation benefits to dollar values byconservatively assuming that users value the servicesat least as much as it costs them to be connected tothe network. 13 Then we used the current approxi-mate value of using a T1 leased line of $1500 permonth to convert the benefit values to dollar values.As the Table 1 shows, we estimate that an intranetwith 50 servers and average capacity of 2.15 megabitsper second may save nearly half a million dollars

Žannually if the network is under heavy load at the.demand scaling factor of 500 . Even when network

Žis not under heavy load at the demand scaling factor.of 50 there are substantial savings of approximately

sixty thousand dollars. For larger networks a simplescaling will reflect the potential savings.

The revenues generated and saved iRMU can beŽused to sustain the intranet operations perhaps with

.appropriate scaling and can provide a rationale basisfor infrastructure investment by monitoring the rev-enue generated at each server. For example, if rev-enues generated by pricing in iRMU fall far short ofrevenues needed to support the intranet operationsthen it indicates that the organization has made an

13 Otherwise their is no incentive for using the network services.


over-investment in its intranet. On the other hand, ifrevenues generated far exceed the revenues neededto support intranet operations then it indicates thatthe organization needs to invest more in intranetoperations.

6. Summary

In this paper we provide a framework for intranetŽ .resource management unit iRMU . An iRMU is

capable of allocating the network resources in real-time based on the relative valuation of organizationaltasks while maximizing the benefits of intranet us-age. The iRMU can be viewed as an organizationalunit which maintains an intranet’s operational statusto satisfy organizational objectives by managingcompeting demands from independent functionalunits of the organization. We discuss the organiza-tional design of iRMU and explain how it can pro-vide secure communications, differential data han-dling to prioritize the tasks, and manage networkresources. We also present transaction flows in asystematic fashion for a user service request and inthe process we discuss the interaction among variousdepartments of iRMU.

The real-time management of resources can beachieved by using an adaptive pricing scheme fordata transfer. In fact, iRMU can be viewed as amechanism to implement usage based pricing ondata communication networks for electronic com-merce. The pricing scheme in conjunction with per-

Ž .formance prediction forecasting tools update a in-tranet performance database in real-time to facilitatethe optimal decision for the user service requests.The pricing scheme also provides the differentialdata handling by using priority classes. The simula-tion testing of the pricing approach has shown thatsignificant benefits can be derived for both users andintranet operations by using the pricing approach ascompared to free access or a flat pricing approach.

The prices can be also used to guide the invest-ment issues by monitoring the revenue generated byparticular servers and the demand for particular ser-vice, for example profits at a server can be used tomake the decision regarding the capacity expansion.The revenue generated can further be used to makeMIS investment decisions and infrastructure devel-opment.

There are several research issues that need to beaddressed, for example: what is the basis for allocat-ing budget to different organizational units for in-tranet expenditure? In our current research we aretackling the problem of estimating underlying delaycosts of users in various classes based on networkperformance, prices, and user choice. We also areexploring the issues related to outsourcing whenintranet can not meet user requirements, specifically,we are trying to address the problem of whether to

Žoutsource just the computational cycles or commu-.nication needs or to outsource the whole task.

In summary, the iRMU proposed in this paper haspotential to make significant improvement in net-work performance from the perspective of the orga-nizational value. We integrate a payment mechanismwith the iRMU to create an internal electronic com-merce environment where different users from dif-ferent functional and geographical areas compete forresources while maximizing the benefits derived fromintranet operations. Furthermore, it also satisfies userexpectations in terms of service quality and dataintegrity.

Acknowledgements

This research was funded in part by NationalScience Foundation grant aIRI-9225010, but doesnot necessarily reflect the views of the NSF. Partialsupport was also provided by Hewlett Packard.

References

w x Ž .1 S. Deerin, R. Hinden, Internet protocol, version 6 IPv6specification. Technical Report, IETF, 1995. Available from:http:rrwww.globecom.netrietfrrfcrrfc1883.shtml.

w x2 A. Gupta, D.O. Stahl, A.B. Whinston, A stochastic equilib-rium model of Internet pricing, Journal of Economic Dynam-

Ž .ics and Control 21 1997 697–722.w x3 A. Gupta, D.O. Stahl, A.B. Whinston, Priority pricing of

integrated services networks, in: L. McKnight, J. BaileyŽ .Eds. , Internet Economics, MIT Press, Cambridge, 1997,323–352.

w x4 J. Kohl, B.C. Neuman, The Kerberos Network Authentica-Ž .tion Service V5 , Internet RFC 1510, 1993. Available from:

http:rrwww.cis.ohio-state.edurhtbinrrfcrrfc1510.html.w x5 J. MacKie-Mason, H. Varian, Pricing the Internet, in: B.

Ž .Kahin, J. Keller Ed. , Public Access to the Internet, Engle-wood Cliffs, Prentice-Hall, 1995.


w x6 J. MacGarvey, Sequel tool monitors net usage, InteractiveŽ .Week 3 1997 9.

w x7 G. Medvinsky, B.C. Neuman, Netcash: A design for practicalelectronic currency on the Internet. Proceedings of the FirstACM Conference on Computer and Communication Secu-rity, 1993.

w x8 B.C. Neuman, G. Medvinsky, Requirements for networkpayment: The NetCheque perspective. Proceedings of IEEECOMPCON’95, 1995.

w x Ž .9 T. Parker, D. Pinkas, Overview: SESAME technology V4 ,Technical Report, 1995. Available from: http:rrwww.esat.kuleuven.ac.bercosicrsesamerdoc-ps.html.

w x10 S. Shenker, Service models and pricing policies for anŽ .integrated services Internet, in: B. Kahin, J. Keller Eds. ,

Public Access to the Internet, Prentice-Hall, EnglewoodCliffs, 1995.

w x11 S. Shenker, D. Clark, D. Estrin, S. Herzog, Pricing incomputer networks: reshaping the research agenda, Journal

Ž . Ž .of Telecommunications Policy 20 3 1996 183–201.w x12 Q. Wang, J. Peha, M. Sirbu, The design of an optimal pricing

scheme for ATM integrated-services networks, in: L. McK-Ž .night, J. Bailey Eds. , Internet Economics, MIT Press, Cam-

bridge, 1997, 353–376.

Alok Gupta, Assistant Professor, Dept. of OPIM, University ofConnecticut. Alok Gupta received his PhD in Management Sci-ence and Information Systems from The University of Texas atAustin in 1996. His areas of specialization include data communi-cation, electronic commerce, mathematical modeling of informa-tion systems, large-scale systems simulation, and economics ofinformation systems. His research has been published in CACM,Journal of Economic Dynamics and Control, Decision SupportSystems, Journal of Organizational Control and Electronic Com-merce, International Journal of Flexible Manufacturing Systems,and IEEE Internet Computing. In addition, his articles have beenpublished in several leading books in the area of economicsof electronic commerce. His current research and teachinginterest are in the area of economic modeling and analysis ofelectronic commerce. He can be reached via E-mail [email protected].

Dale O. Stahl, Malcolm Forsman Professor of Economics, Dept,of Economics, The University of Texas at Austin. Dale O. Stahlreceived his B.S. and M.S. degrees in the field of ElectricalEngineering from Massachusetts Institute of Technology in 1969and 1970 respectively. In 1982 he received his PhD from theUniversity of California at Berkeley in the Field of Economicswith a focus on mathematical economics. Since then he has helppositions at Duke University, M.I.T., Boston University, andTilburg University in the Netherlands. He has published over 35articles in the top economics journals in the areas of generalequilibrium theory, dynamics and stability theory, game-theoreticapproaches to price determination, and experimental game theory.He can be reached via E-mail at [email protected].

Andrew B. Whinston, Director of Cancer for Research in Elec-tronic Commerce, The University of Texas. Andrew B. Whinstonreceived his PhD at Carnegie Mellon University and is currentlyHugh Roy Cullen Professor of Information Systems, Economics,and Computer Science at the University of Texas at Austin. Hehas published extensively on research allocation issues and iscurrently working on modeling Internet to determine pricingstrategies for both end user services and infrastructure. He hascompleted numerous research project that integrate economics andoperations research in the study of information systems issues. Hehas published over 250 articles in professional journals including:Management Science, Operations Research, American EconomicReview, Journal of Political Economy, International EconomicReview, Journal of Public Economics, Bell Journal of Economicsand Management, IEEE Computer, IEEE Expert, Southern Eco-nomic Journal, Accounting Review, Decision Support Systems,ACM Transaction on Database Systems, Journal of EconomicTheory, Water Resources Research, Economitrica, S.I.A.M. Jour-nal of Mathematics, Journal of Combinatorics, and InformationSystems Research. He is Editor-in-chief of Decision SupportSystems and Journal of Organizational Computing and ElectronicC om m erce . H e can be reached via E-m ail at:[email protected].

Managing computing resources in intranets: an electronic commerce perspective

Documents

Transcript of Managing computing resources in intranets: an electronic commerce perspective