ICWS 2009

The SCIFC Model for Information Flow Control in Web Service Composition

Wei She, I-Ling Yen, Bhavani Thuraisingham, Elisa Bertino — 12/08/2009 22:26

Existing web service access control models focus on individual web services, and do not consider service composition. In composite services, a major issue is information flow control. Critical information may flow from one service to another in a service chain through requests and responses and there is no mechanism for verifying that the flow complies with the access control policies. In this paper, we propose an innovative access control model to empower the services in a service chain to control the flow of their sensitive information. Our modelsupports information flow control through a back-check procedure and pass-on certificates. We also introduce additional factors such as the carry-along policy, security class, and transformation factor, to improve the protocol efficiency. A formal analysis is also presented to show the power and complexity of our protocol.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Cloud Computing for the Enterprise

Maria Azua — 8/05/2009 01:53

In this talk, some strategic directions on the implementation, deployment and operations of internal cloud computing offerings as well as external development clouds will be presented. This talk will also cover the creation of a vibrant and engaged community of ISVs, Business Partners, and technical community to foster cloud computing IT methodologies and programming models.

Networked Games & Services at Sony PlayStation

Ken Miyaki — 8/05/2009 01:54

In 2002, the launch of the PlayStation network adapter changed the face of console games forever. This paradigm shift shook the very foundation of the business, and was responsible for the re-evaluation of fundamental operating processes. Little did we know just how much the change would impact the future of disc-based games. See and learn about the journey that online games have had within Sony, and get a glimpse in to the technologies driving the online experience in PlayStation.

The Impacts of Cloud Computing in the Real World

Ming-Chien Shan,Paul Hofmann, Ph.D. — 3/02/2010 22:14

The emerging cloud computing seems to become one of the mainstream of underlying infrastructure supporting business IT operations. It presents new business opportunities as well as technical challenges not only for new Web applications but also for traditional business applications like ERP. In this talk, we will discuss what is needed to run enterprise applications in a cloud computing environment. We will start with the tradeoffs of the different classes of cloud computing for biz applications. What are the advantages of hardware virtualization ala Amazon at the one end and framework virtualization ala Google and Salesforce at the other end? We will highlight the challenges on the enterprise software stack for on-demand operations. Finally, we will discuss what role the web services will play in this new era.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Back to the Future: Challenges in Cloud-Based Service Computing

Calton Pu — 8/05/2009 01:59

Computing clouds offer information technology infrastructure as services with promises of economy of scale and low start-up costs. However, the management of modern N-tier applications contains significant challenges due to several factors that include growing and evolving complexity of applications, non-stationary workloads, virtualization and consolidated environments, and dynamic service composition. Furthermore, paramount to mission-critical service applications are extra-functional quality of service (QoS) properties such as predictable performance, continuous availability, end-to-end dependability, power consumption, privacy and security. These challenges far exceed the capability of current analytical models for capacity planning and system management. As a starting point towards cloud-based service computing, we describe an observational large-scale performance study of N-tier application benchmarks in the Elba project. More generally, we advocate an experimental approach to help N-tier applications achieve desired QoS, for example, performance goals specified in service level agreements. Meeting the challenges of QoS is an important and necessary step in the co-evolution of both Cloud Computing and Service Computing.

From SaaS to XaaS: Evolution and Outlook of Software Cloud

Tony Shan,Paul Hofmann,Ephraim Feig,Jia Zhang — 8/05/2009 02:01

As Software-as-a-Service (SaaS) has evolved to other cloud computing solutions such as Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) over the last few years, a question is raised as to how it will further expand and what will constitute the cloud computing model. It can be foreseen that the engineering practices will be adopted and enabled in the strategization and operationalization of cloud computing in the enterprise environments. Now, is the engineering of cloud computing a disruptive innovation? In other words, is the discipline of cloud engineering a convergence of the traditional IT-related engineering practices, such as software engineering, systems engineering, web engineering, service engineering, and platform engineering? Or is the cloud engineering in its own domain, dealing with the unique challenges faced by the cloud computing, like multitenancy as an example? The purpose of this panel is to present a set of perspectives to position the technologies in cloud computing in relation to established solutions and disciplines. The session will be focused on identifying the synergy and interlocks as well as interoperations, including topics on, for instance, SOA versus cloud, SQL versus Dynamo/BigTables, taxonomy, interoperability, and other relevant subjects.

Application Clouds: Deployment, Testbeds, Benchmarking, and Practices

Dejan Milojicic — 8/05/2009 02:03

Cloud Computing is changing the data centers and computing models paradigm. However, most of the Cloud Computing discussions today revolve around defining it at the high level. In this panel, we will discuss the use of today’s examples of Cloud Computing infrastructure and services. In particular, we will focus on the deployments of Cloud Computing, the testbeds, and the benchmarking. This panel will address some real deployment issues, such as cost, return on investment, supporting clouds, developing and using cloud software stack, etc. We will also discuss and compare clouds deployments among themselves as well with other technologies in the past, such as clusters, Grids, and high performance computing.

Business and Enterprise Cloud

Calton Pu — 8/05/2009 02:06

Cloud computing has evolved from data centers and grid computing to fill the entire spectrum ranging from raw physical infrastructure to end-user software as a service. For example, one class of applications that run well on clouds is the parallel processing of large data sets such as MapReduce on BigTable or Hadoop for web search and time series analysis. These applications fall into the “embarrassingly parallel” category, achieving scalable resource scheduling with ease. Similarly, the non-mission-critical nature of these applications requires modest recovery facilities. In contrast, business and enterprise applications (e.g., N-tier e-commerce applications involving web servers, application servers, and database servers) are characterized by interdependencies among the system components, non-stationary workloads, and extra-functional requirements such as service level agreements on performance and business continuity on availability. Many research and practical challenges arise due to these enterprise application requirements. For example, the interdependencies and asymmetry among the various servers of N-tier applications make their performance prediction much more difficult than achievable by typical assumptions made in queuing theory models. This is a serious challenge when strict response time requirements are imposed by service level agreements. Similarly, typical enterprises require business continuity availability, which cannot be easily achieved by virtual machine movement facilities alone. This panel will discuss the research and practical challenges in the development of cloud computing environments to support business and enterprise applications in service computing. Topics of discussion start at the base level with the complexity due to business application requirements beyond the embarrassingly parallel, scalability and evolution of business applications on clouds, and accountability due to legal and mission-critical constraints. At the second level, the automation of business application resource management through growth and evolution add to the base level complexity. At the third level, the guarantees offered by a cloud for executing automated and complex business applications require significant progress in static and dynamic validation of service-based system properties. At the fourth level, the integration of interoperation of automated, complex, and guaranteed business applications in a cloud environment present both challenges and opportunities for services computing.

Modernizing Civil Aviation Services with Services Computing

Casey Fung — 8/05/2009 02:10

The civil aviation system is a global enterprise that includes airframe, engine and component manufacturers, airlines, maintenance organizations, regulatory agencies, airports, air traffic control authorities and millions of service providers that must work together effectively to ensure cargo and passengers get to their destinations as scheduled, while traveling safely and efficiently. The system includes a bewildering array of commercial and custom developed systems for monitoring and controlling the operations of the participant. The news has been filled with examples of operations not working as smoothly as we all hope. Passengers have been stranded on taxi-ways, flights cancelled for weather and maintenance inspections and crowds of passengers complaining of lost baggage have become common as civil aviation grows. The growth has been rapid and shows no signs of abating. To cater the new decade of this competitive Web 2.0 world, we need to find ways to: • Improve communications between manufacturers, airlines and regulatory agencies to defend the civil aviation industry’s unmatched safety records in the face of increasing traffic. • Orchestrate and streamline workflow among the hundreds of collaborating organizations that keep civil aviation functioning. • Improve the services the civil aviation industry provides a diverse flying public to increase their enjoyment of the travel experience. Services Computing is believed to provide a means of enhancing communications between heterogeneous systems that make up the civil aviation transportation systems. A Web service is a software component that supports interoperable component- to-component interaction over a network. Each service makes its functionality available through well-defined or standardized XML interfaces. Web services do not work together by coincidence. Smoothly interacting systems in a network of the scale described here will require initial investment in building an enabling platform. Crafting a services computing architecture is the first step towards this infrastructure. Openness and standardization are key ways to accumulate resources and spread the risk of capitalization. This panel will focus on finding a vision and roadmap for initiating an interoperable and scalable civil aviation with services computing that is sustainable and self actuating in the long run.

Cloud Computing: Architecture, Business Value, and Innovation Opportunitie

Liang-Jie Zhang — 8/05/2009 02:13

As an innovative services delivery platform in the field of Services Computing, Cloud Computing has been evolved as a major enabling environment to support resource sharing. Everything As A Service has confused the business and technical professionals in the industry. There are so many questions asked by the members in the community. For example, what is Cloud Computing? Why do we need to leverage Cloud Computing? When do we need to use it? How to leverage Cloud Computing? How to build my private Cloud Computing platform? How to enable interactions between clouds? How to design, develop, deploy, and manage applications for Cloud Computing? Yes, there is no clear definition and scope about Cloud Computing today! This tutorial will help address all those questions you may have and share with you the technical challenges and business value of Cloud Computing in a systematic way. Specifically, the resource sharing scenarios have been categorized at levels of infrastructure sharing, software sharing, application sharing, and business process sharing in this tutorial. I will share with you the technical challenges of building, operating, and managing a scalable and extensible Cloud Computing platform first. Then this tutorial will present “architectural thinking” of the Cloud Computing and its value-added services. Major architectural principles and architectural modules will be presented to guide business leaders and practitioners to explore the business value of Cloud Computing in a disciplined approach. Strategic planning and entry points will be illustrated to lead Cloud Computing transformation initiatives based on the service-oriented consulting methodologies and enterprise modeling methods in the field of Services Computing. Case studies on infrastructure cloud offering, business cloud offering, social network cloud offering based on a unified Cloud Computing architecture will be presented in the tutorial as well. After the introduction of the technical vision and business value analysis, this tutorial will summarize a set of innovation opportunities that address technical challenges and business value exploration by integrating the power of service-oriented architecture (SOA) and virtualization of hardware and software. Are you ready to lead the weaves of Cloud Computing in the industry? “Change we can lead” is the expected outcome of this tutorial.

Mashups: From HostedWeb Content to the Edge, Peer-to-Peer, and Beyond

Krzysztof Ostrowski — 8/05/2009 02:13

In the past few years, the Web has been revolutionized by technologies such as Web Services, AJAX, and Rich Internet Application frameworks such as Adobe Flex/AIR, JavaFX, and Microsoft Silverlight; what all these technologies have in common is that they facilitate mashups, composition, and reuse of different types of content or services. The ability to easily mix and juxtapose, share and collaborate, combine and replace components, documents, and media has been the essential factor responsible for this success. Underlying these developments were the same object-oriented design principles that revolutionized programming desktop applications a few decades earlier: the idea that different types of content, services, and resources could be embedded and treated uniformly within the same programming environment. Today, the Web is on the verge of another major evolutionary step: the need for scalability will stimulate convergence between existing client-server platforms and technologies such as edge or peer-to-peer computing. This will give rise to entirely new types of Web applications that can take advantage of direct peer-to-peer connectivity and enable tens of thousands of users to share their interactive experience. Object-oriented principles are again at the core of this process. The convergence requires new kinds of tools that allow hosted and peer-to-peer content to be handled uniformly and composed within the same integrated environment. Technologies that can facilitate this have already started emerging. In this tutorial, we offer an integrated perspective on the state of the art and emerging mashup and component integration technologies for the Web. At the end of this tutorial, the audience should have a grasp of the relative strengths and weaknesses of the existing platforms, and a solid understanding of how edge and peer-to-peer technologies can be used to build scalable Web applications. The tutorial doesn’t require familiarity with any existing platforms or languages. The first part of the tutorial focuses on surveying and comparing state of the art web development technology, including WS-* and SOA standards, JavaScript/AJAX, and Rich Internet Application toolkits such as Microsoft Silverlight. We contrast these technologies with object-oriented technologies such as .NET, Java/J2EE, OLE/COM/ActiveX, and Jini. We discuss the issues that arise when applying current technologies in the context of edge and peer-to-peer computing. The second part of the tutorial introduces Live Distributed Objects, an emerging programming model and platform for the Web that applies a uniform object-oriented perspective across hosted and peer-to-peer content, and allows different types of content to be seamlessly combined into rich interactive applications. Rather than on a platform itself, we focus on the architectural principles, design methodology, and programming patterns; hence, the lessons learned should be applicable to other emerging technologies in this space. In particular, we explain how peer-to-peer techniques such as replication, multicast, publish-subscribe, and gossip can fit into the established Web architecture and WS-* standards. The discussion will be illustrated with examples and case studies based on our practical experiences and user feedback.

Serviceability, State of the Art and Trends

Dejan Milojicic — 8/05/2009 02:16

In this tutorial, we present the state of the art of the serviceability for commercial computing systems. We use HP support organization, tools and technologies as an example of how industry today supports enterprise grade systems. In particular, we evaluate support automation, call centers, field engineers, and parts supplies. We then analyze opportunities for improvement through more extensive use of approaches, such as self-healing, unified serviceability, automated learning, and analysis engines. We dissect how improvements can be achieved by moving between reactive, deferred, and proactive service delivery. As a case study, we evaluate how serviceability will evolve in Cloud Computing environments. We explore Cloud providers perspective, as well as transition path for traditional enterprise organizations. We evaluate the trends of average incident cost for value, volume, and Cloud systems; we compare “break-fix”, software, applications, and services. Finally, we compare industrial support organizations and the way they deliver service of incidents. We also draw some analogies with other industries, such as automotive, railroad, and aircrafts. We derive some directions for serviceability of the future and what it means for end-users as well as serviceability providers

Towards More Secure Web Services

Tomáš Knap, Irena Mlýnková — 2/03/2010 01:20

A Web Service The goal of this paper is to formalize various processing approaches to the process of verification of the web services integrity and to show its vulnerability to many attacks. After introducing the necessary terminology, several processing approaches are particularized and its security drawbacks concerning notably XML Signature W3C Recommendation are divided into several areas, analyzed, and the solutions are described and compared. If the solution of the particular problem does not exist, or is not yet fully standardized, it is marked as an open problem and the solution is proposed.

A Web Service Architecture for Decentralised Identity- and Attribute-based Access Control

8/05/2009 04:09

The loosely coupled nature of Service-oriented Architectures raises the question how information for access control can be managed in an efficient way. Several specifications for Web Services exist to describe security requirements and to facilitate a provision of identity information. However, the integration of different standards regarding the expression of identity information in policies, claims and assertions comes along with an increased complexity. In order to identify and address the problems occurring with the combined use of standards as XACML, SAML and WS-Trust, we designed and implemented an architecture for identity- and attribute-based access control in decentralised environments. Our implementation provides an automated generation of access control policies in a format called XACML, a way to communicate required user attributes as claims across different domains based on the standards WS-Trust and WS-Policy, and a consistent mapping of retrieved attribute assertions to the XACML attributes in the access control policy.

Markov-HTN Planning Approach to Enhance Flexibility of Automatic Web Services Composition

Kun Chen, Jiuyun Xu, Stephan Reiff-Marganiec — 3/02/2010 20:42

Automatic Web services composition can be achieved by using AI planning techniques. HTN planning has been adopted to handle the OWL-S Web service composition problem. However, existing composition methods based on HTN planning have not considered the choice of decompositions available to a problem which can lead to a variety of valid solutions.In this paper, we propose a model of combining a Markov decision process model and HTN planning to address Web services composition. In the model, HTN planning is enhanced to decompose a task in multiple ways and hence be able to find more than one plan, taking both functional and non-functional propertiesinto account. Furthermore, an evaluation method to choose the optimal plan and some experimental results illustrate that the proposed approach works effectively.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Control Flow Requirements for Automated Service Composition

3/02/2010 21:13

Automated composition of services is a key functionality for the adoption of the service-oriented development paradigm. Solving this problem in practice requires the ability to consider asynchronous stateful services and to express complex composition requirements which may span different phases of the life-cycle of component services. In this paper we present a novel automated service composition approach which addresses these challenges by associating so-called objects to services, and by introducing a simple yet powerful notation to express composition requirements on them. We recast this view of the problem as a specific form of planning; our experiments ona prototype implementation witness the ability of our approach to deal with realistic scenarios and requirements that cannot be tackled by other current approaches.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

WS-OBJECTS: Extending Service-Oriented Architecture with Hierarchical Composition of Client-Side Asynchronous Event-Processing Logic

Krzysztof Ostrowski, Ken Birman — 8/14/2009 02:16

There is a growing need for a new type ofWS-*/SOAnv standards that could facilitate hierarchical, object-oriented composition of client-side executable code. This is especially true for the sorts of client-side logic embedded in AJAX and rich Internet applications, virtual worlds and MMORPGs; code that deals with issuing requests toservers, processing their responses, rendering UI, interacting with users, and processing asynchronous events from other client nodes. The paper offers an analysis of client-side composition patterns, a brief explanation why they lack adequate support from the existing web technologies, and design guidelines for client-side component integration environments to follow. The proposed guidelines have been successfully implemented in a prototype system [16]. Our analysis is thus strongly rooted in reality; it is based on real experiences with concrete application scenarios. The paper concludes by highlighting the key architectural aspects of our implementation with respect to the principles listed earlier.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

A Plug-in Architecture for Self-Adaptive Web Service Compositions

Anis Charfi, Tom Dinkelaker, Mira Mezini — 8/14/2009 02:13

Several approaches have been proposed to introduce self-management capabilities for web service compositions. However, most of these works are limited as they are not extensible, i.e., new self-adaptation features cannot be supported, and even if that is possible then still this cannot be done dynamically while the composite services are running. In addition, many of these works are not based on the servicecomposition standard WS-BPEL. In this paper, we propose a plug-in architecture for self-adaptive web service composition, in which self-adaptation features are well-modularized in aspect based plug-ins. Our approach supports applicationspecificadaptation scenarios, is easily extensible, and allows self-adaptation logic to be hot-deployed on running process instances. We have implemented this architecture and several plug-ins using the dynamic aspect-oriented workflow language AO4BPEL.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Selective Querying for Adapting Hierarchical Web Service Compositions Using Aggregate Volatility

John Harney, Prashant Doshi — 8/14/2009 02:18

Environments in which Web service compositions (WSC) operate are often dynamic. We address the problem of which service to query for up-to-date information in order to adapt a hierarchical WSC, given that queries are not free. Previously, the value of changed information (VOC) has been proposed to select those services for querying whose revised non-functional information is expected to bring about the most change in the composition. In this paper, we present an approach for utilizing VOC in the context of a WSC composed of services and lower level WSCs, which induces a natural hierarchy over the composition.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

What are the Problem Makers: Ranking Activities According to their Relevance for Process Changes

Chen Li, Manfred Reichert, Andreas Wombacher — 3/02/2010 22:39

Recently, a new generation of adaptive process management technology has emerged, which enables dynamic changes of composite services and process models respectively.This, in turn, results in a large number of processvariants derived from the same process model, but differing in structure due to the applied changes. Since such process variants are expensive to maintain, the process model should be evolved accordingly. In this context, we need to know which activities have been more often involved in process adaptations than others, such that we can focus on them when reconfiguring the process model. This paper provides two approaches for ranking activities according to their involvement in process adaptations. The first one allows to precisely rank the activities, but is expensive to perform since the algorithm is at NP level. We therefore provide as alternative an approximation ranking algorithm which computes in polynomial time. The performance of the approximation algorithm is evaluated and compared through a simulation of 3600 process models. Statistical significance tests indicate that the performance of the approximation ranking algorithm does not depend on the size of process models, i.e., our algorithm can scale up.

Distributed Cross-Domain Change Management

Bruno Wassermann, Heiko Ludwig, Jim Laredo, Kamal Bhattacharya, Liliana Pasquale — 3/02/2010 22:45

Distributed systems increasingly span organizational boundaries and, with this, system and service management domains. Web services are the primary means of exposing services to clients, be it in electronic commerce, Softwareas-a-Service (SaaS) or on cloud platforms and are being used and integrated with customer-managed applications as well as in complex mashups. Maturing cross-domain relationships and an increase in loose coupling and ad-hocness makes managing configuration changes, e.g., changes in interfaces or endpoints, increasingly relevant. Traditional service management processes within organizations, in particular change management, relies on a central configuration management database (CMDB) to assess the impact a change has on other components of the system. However,this approach does not work in a cross-domain environment, due to the lack of a central CMDB, centralized management processes, and knowledge by service providers which clients depends on their respective services. This paper proposes the Change 2.0 approach to cross-domain change management based on an inversion of responsibility for impact assessment and the facilitation of cross-domain service process integration. We present the requirements imposed by cross-domain change management, the Change2.0 architecture, and a brief evaluation of its benefits.

Applying Sanitizable Signature to Web-Service-Enabled Business Processes: Going Beyond Integrity Protection

Kar Way Tan, Robert H. Deng — 3/02/2010 22:47

This paper studies the scenario where data in business documents is aggregated by different entities via the use of web services in streamlined business processes. The documents are transported within the Simple Object AccessProtocol (SOAP) messages and travel through multiple intermediary entities, each potentially makes changes to the data in the documents. The WS-Security provides integrity protection by allowing portions of a SOAP message to be signed using eXtensible Markup Language (XML) signature scheme. This method however, has not considered the situation where a portion of data may be modified byanother entity, therefore a need to allow the originating system to control which intermediary entity is authorized to change which portion of the data. The XML signature scheme also does not provide the final recipient the trust for the intermediary entity that makes the changes. In our paper, we study the security requirements for a streamlined business process, and proposes a novel scheme using sanitizable signature on SOAP messages to complement the XML signature to address not only integrity protection but also control of change as well as establishment of trust for intermediary entities. We show how the proposed scheme can be incorporated into the existing standards and be customizable to achieve flexible use of both the vanilla and sanitizable signatures as required in a business scenario.With the proposed technique, IT systems can be more loosely coupled and reap the benefits of distributed systems, such as delegation of work and encapsulation of business logic.

MACE: A Dynamic Caching Framework for Mashups

Osama Al-Haj Hassan, Lakshmish Ramaswamy, John A. Miller — 8/14/2009 02:55

The recent surge of popularity has established Mashups as an important category of Web 2.0 applications. Mashups are essentially Web services that are often created by end-users. They aggregate and manipulate data from sources around the World Wide Web. Surprisingly, there are very few studies on the scalability and performance of mashups. In this paper, we study caching as a vehicle for enhancing the scalability and the efficiency of mashups. Although caching has long been used to improve the performance of Web services, mashups pose some unique challenges that necessitate a more dynamic approach to caching. Towards this end, we present MACE - a cache specifically designed for mashups. In designing the MACE framework this paper makes three technical contributions. First, we present a model for representing mashups and analyzing their performance. Second, we propose an indexing scheme that enables efficient reuse of cached data for newly created mashups. Finally, this paper also describes a novel caching policy that analyzes the costs and benefits of caching data at various stages of different mashups and selectively stores data that is most effective in improving system scalability. We report experiments studying the performance of the MACE system.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Wrap Scientific Applications as WSRF Grid Services using gRAVI

Kyle Chard, Wei Tan, Joshua Boverhof, Ravi Madduri, Ian Foster — 8/14/2009 04:32

Web service models are increasingly being used in the Grid community as way to create distributed applications exposing data and/or applications through self describing interfaces. Scientific research is one key field in which the benefits are apparent as individual services can be orchestrated into experimental workflows that model the research process and facilitate verification and extension. However, many applications are not web enabled and the task of creating services from scratch is cumbersome in part due to the range of complex technologies, tools, standards and languages involved. In this paper we present gRAVI, a WSRF Web service wrapping tool that allows scientists to rapidly expose applications, scripts and workflows as Web services. gRAVI generated services include GSI security, Grid scheduling, state notifications, persistence and data staging. All service code, scripts and definition files are created automatically without any developer input. gRAVI services are created in standard Grid Archive files and are able to be moved and deployed to any compliant container with no requirement for any gRAVI or Grid infrastructure on the target machine. gRAVI supports deployment to the open science cloud Nimbus, whilst also being able to parse Taverna workflow definition files to create strongly typed services.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Web Service Mashup Middleware with Partitioning of XML Pipelines

Eric Wohlstadter, Peng Li, Brett Cannon — 8/14/2009 04:36

Traditionally, the composition of Web services to create mashups has been achieved by using an application server as a mediator between a client browser and services. To avoid this bottleneck, mashups are sometimes implemented so that Web service composition takes place directly from the end user’s browser. Creating such implementations is difficult because developers must manage the separation of software into various distributable pieces, in different languages,and coordinate their communication. In this paper we describe a middleware for managing Web service mashups in a disciplined, and flexible way. We build upon the established abstraction of XML pipelines, but describe a new approach for selectively partitioning pipeline components between a browser client and application server. We provide a performance evaluation for a common mashup application scenario.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Towards Probabilistic Estimation of Quality of Online Services

Le-Hung Vu, Karl Aberer — 3/02/2010 21:36

Accurate estimation of quality of online services is both an important and difficult problem, since a service has many interdependent quality attributes influenced by several contextual factors. It is even more challenging as quality ratings come from sources with unknown reliability, each source may rate a service on different quality aspects. Although several solutions have been proposed, there is little work addressing all these issues thoroughly. In this paper,we show that domain knowledge on service structure and related constraints, such as causal dependencies among quality attributes and contextual factors, while widely available,can be exploited to effectively address the above issues in a theoretically-sound framework. Theoretical analysis shows that computational cost of the approach is acceptable,and accurate evaluation of service quality requires a reasonable number of user feedback, provided services have a small number of quality attributes and contextual factors.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Towards Scalability of Quality Driven Semantic Web Service Composition

Freddy Lécué, Nikolay Mehandjiev — 3/02/2010 21:52

Optimizating semantic web service compositions is known to be NP-hard, so most approaches restrict the number of services and offer poor scalability. We address the scalability issue by selecting compositions which satisfy a set of constraints rather than attempting to produce an optimal composition. Firstly, we define constraints within an innovative and extensible quality model designed to balance semantic fit (or functional quality) with quality of service (QoS) metrics. The semantic fit criterion evaluates the quality of semantic links between the semantic description of Web services parameters, whilst QoS focuses on nonfunctional criteria of services. Coupling these criteria allows us to further constrain and select valid compositions. To allow the use of this model in the context of millions of services as foreseen by the strategic EC-funded project SOA4All, we i) formulate the selection problem as a Constraint Satisfaction Problem and ii) test the use of a stochastic search method. Finally we compare the latter with stateof-the-art approaches.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Flexible Probabilistic QoS Management of Transaction based Web services Orchestrations

Sidney Rosario, Albert Benveniste, Claude Jard — 8/05/2009 02:44

In this paper we extend our previous work on soft probabilistic contracts for QoS management, from the particular case of “response time”, to general QoS parameters. Our study covers composite QoS parameters dealing not only with time aspects but also with Quality of Data. We also study contract composition (how to derive QoS contracts for an orchestration from the QoS contracts with its called services), and contract monitoring. Our approach supports comprehensive and flexible QoS management within a probabilistic framework.

Scenario-Driven Approach for Business Process Modeling

Anna Ruokonen, Lasse Pajunen, Tarja Systä — 8/21/2009 03:56

The development of services-based systems starts from defining goals for business processes to be implemented,e.g., as a Web service orchestrations specified in WS-BPEL.In this paper, we propose a scenario-driven approach for modeling business processes. We aim for simplicity in the notation and leverage example-like modeling principles in order to improve process sketching. The first step in our approach is to identify the essential business requirements and model them using a simple scenario notation. The scenarios, given as UML sequence diagrams, are synthesized into a state machine, which is translated into a WS-BPEL flavored process skeleton given as UML activity diagram.The process skeleton can be further refined into executable process model.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Behavioral Attestation for Business Processes

Masoom Alam, Mohammad Nauman, Xinwen Zhang, Tamleek Ali, Patrick C.K. Hung — 8/05/2009 02:47

Service Oriented Architecture (SOA) is an architectural paradigm that enables dynamic composition of heterogeneous, independent, multi-vendor business services. A prerequisite for such inter-organizational workflows is the establishment of trustworthiness, which is mostly achieved through non-technical measures such as legislation, and/or social consent that businesses, or organizations simply pledge themselves to adhere. In our viewpoint, a business process can only be trustworthy if the behavior of all services in it is trustworthy. Trusted Computing Group (TCG) has defined an open set of specifications for the establishment of trustworthiness through a hardware rootof- trust. This paper has three objectives: firstly, the behavior of individual services in a business process is formally specified. Secondly, in order to overcome the inherent weaknesses of trust management through software alone, a hardware root of-trust devised by the TCG, is used for the measurement of the behavior of individual services in a business process. Finally, a verification mechanism is detailed through which the trustworthiness of a business process can be verified.

Discovery of Optimized Web Service Configurations Using a Hybrid Semantic and Statistical Approach

Maciej Zaremba, Jacek Migdal, Manfred Hauswirth — 3/10/2010 20:27

We present a Semantic Optimized Service Discovery (SemOSD)approach capable of handling Web service search requests on a fine-grained level of detail where we augment semantic service descriptions with statistically built predictor functions. Our approach combines ontologies and mathematical functions built using statistical regression over previous Web service interactions. In the search requests we allow for arbitrary, independent and dependent constraints and user preferences expressed using objective functions. Our approach maps to standard Operational Research global optimization problem where algorithms of Simulated Annealing and Differential Evolution are used. It is capable of finding the optimal combination of service input and output parameters (a configuration) to a user request with rich preferences. Our approach is applied to an international package shipment scenario where real (Web)services are used and mined to create price prediction models.We show that the chosen regression method provides price prediction models of high accuracy and our approach supports expressive and complex search requests.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

An Efficient Service Discovery Algorithm for Counting Bloom Filter-Based Service Registry

Shuxing Cheng, Carl K. Chang, Liang-Jie Zhang — 3/02/2010 22:05

The Service registry, the yellow pages of Service-Oriented Architecture (SOA), plays a central role in SOAbased service systems. The service registry has to be scalable to manage large number of services along with theirrequirements on storage and discovery. Based on our previous work on feature-based services quantification, we characterize services according to their diverse functional and non-functional requirements, and represent them as string formats which can be stored, probed, and indexed by efficient data structures, such as hash table and Bloom filter.Then, we propose a comprehensive service-storage solution using the counting Bloom filter (CBF). The application of CBF enables us to structure candidate services into separate groups, resulting in an accelerated services discovery process. The contributions of this research work include a new approach to manage large number of services based on quantified service features, and a storage architecture design to support service discovery. Experimental results strongly support these claims.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Exploiting Metrics for Similarity-based Semantic Web Service Discovery

Stefan Dietze, Alessio Gugliotta, John Domingue — 3/02/2010 22:10

Semantic Web Services (SWS) aim at the automated discovery and orchestration of Web services on the basis of comprehensive, machine-interpretable semantic descriptions. However, heterogeneities between distinct SWS representations pose strong limitations w.r.t. interoperability and reusability. Hence, semantic level mediation, i.e. mediation between concurrent semantic representations, is a key requirement to allow SWS matchmaking algorithms to compare capabilities of distinct SWS. In that, semantic level mediation requires to identify similarities across distinct SWS representations. Since current approaches to mediate between distinct service annotations rely either on manual one-to-one mappings or on semi-automatic mappings based on the exploitation of linguistic or structural similarities, these are perceived to be costly and error-prone. We propose a mediation approach enabling the implicit representation of similarities across distinct SWS by grounding these in socalled Mediation Spaces (MS). Given a set of SWS and their respective MS grounding, a general-purpose mediator automatically computes similarities to identify the most appropriate SWS for a given request. A prototypical application illustrates our approach

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Towards a Model Driven Process for Designing ReSTful Web Services

Markku Laitkorpi, Petri Selonen, Tarja Systä — 8/23/2009 22:02

Representational State Transfer (ReST) architecture provides a set of constraints that drive design decisions towards architectural properties such as interoperability, evolvability and scalability. Designing a ReSTful service API involves finding resources and their relationships, selecting uniform operations for each resource, and defining data formats for them. It is often a non-trivial exercise to refine a functional specification, expressed in terms of arbitrary actions, to a resource-oriented, descriptive state information content. We argue that this process can be described as a series of model transformations, starting from service functionality and gradually refining the phase products until a ReSTful service API is reached. This paper outlines the process phases, transformations and intermediate models based on our experiences in developing ReSTful services and service APIs at Nokia Research Center. The process captures our understanding on how to systematically transform functional specifications into ReSTful Web service interfaces.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Analysis of Signature Wrapping Attacks and Countermeasures

Sebastian Gajek, Meiko Jensen, Lijun Liao, Jörg Schwenk — 8/05/2009 04:12

In recent research it turned out that Boolean verification of digital signatures in the context of WSSecurity is likely to fail: If parts of a SOAP message are signed and the signature verification applied to the whole document returns true, then nevertheless the document may have been significantly altered. In this paper, we provide a detailed analysis on the possible scenarios that enable these signature wrapping attacks. Derived from this analysis, we propose a new solution that uses a subset of XPath instead of ID attributes to point to the signed subtree, and show that this solution is both efficient and secure

Discovery and On-Demand Provisioning of Real-World Web Services

8/05/2009 04:14

The increasing usage of smart embedded devices is blurring the line between the virtual and real worlds. This creates new opportunities for applications to better integrate the real-world, providing services that are more diverse, highly dynamic and efficient. Service Oriented Architecture is on the verge of extending its applicability from the standard, corporate IT domain to the real-world devices. In such infrastructures, composed of a large number of resource-limited devices, the discovery of services and on demand provisioning of missing functionality is a challenge. This work proposes a process, its architecture and an implementatiothat enables developers and process designers to dynamically discover, use, and create running instances of real-world services in composite applications.

RETRO: A Consistent and Recoverable RESTful Transaction Model

Alexandros Marinos, Amir Razavi, Sotiris Moschoyiannis, Paul Krause — 8/23/2009 22:07

With REST becoming a popular paradigm for web services, more and more use cases are applied to it, including some that require transactional guarantees.We propose a RESTful transaction model that satisfies both the constraints of transactions as well as those of the REST architectural style. We provide formal proof of consistency and recoverability in the proposed framework and show the robustness of its properties in the presence of concurrent transactions.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Towards Automated RESTful Web Service Composition

Haibo Zhao, Prashant Doshi — 8/05/2009 02:55

Emerging as the popular choice for leading Internet companies to expose internal data and resources, RESTful Web services are attracting increasing attention in the industry.While automating WSDL/SOAP based Web servicecomposition has been extensively studied in the research community, automated RESTful Web service composition in the context of service-oriented architecture (SOA), to the best of our knowledge, is less explored. As an early paper addressing this problem, this paper discusses the challenges of composing RESTful Web services and proposes a formal model for describing individual Web services and automating the composition. It demonstrates our approach by applying it to a real-world RESTful Web service composition problem. This paper represents our initial efforts towards the problem of automated RESTful Web service composition.We are hoping that it will draw interests from the research community on Web services, and engage more researchers in this challenge.

Efficient Testing of Service-Oriented Applications Using Semantic Service Stubs

3/02/2010 22:56

Service-oriented applications can be expensive to test because services are hosted remotely, are potentially shared among many users, and may have costs associated with their invocation. In this paper, we present an approach for reducing the costs of testing such applications. The key observation underlying our approach is that certain aspects of an application can be tested using locally deployed semantic service stubs, instead of actual remote services.A semantic service stub incorporates some of the service functionality, such as verifying preconditions and generating output messages based on postconditions. We illustrate how semantic stubs can enable the client test suite to be partitioned into subsets, some of which need not be executed using remote services. We also present a case study that demonstrates the feasibility of the approach, and potential cost savings for testing. The main benefits of our approach are that it can (1) reduce the number of test cases that need to be run to invoke remote services, (2) ensure that certain aspects of application functionality are well-tested before service integration occurs.

An Abstract GFSM Model for Optimal and Incremental Conformance Testing of Web Services

Li Li, Wu Chou — 3/02/2010 22:57

Web service conformance testing checks the correctness of a black box service implementation, and it is the basis of other testings. An efficient formal method for conformance testing is the Chinese Postman traversal algorithm [2] that can find minimum-cost test sequences.However, the applicability of this algorithm is in question if data dependences are present in the protocol specification. Also, it suffers from the limited observability problem which is not uncommon in web services. Despite its optimality, the traversal algorithm does not take advantages of the special patterns in web service interfaces observed by developers. To address these issues, we propose an abstract GFSM (Guarded Finite-State Machine) model that unifies and augments the commonly used Moore and Mealy machines with data flows. Using this abstract model, we formalize the conditions under which the tours with complete data and control coverage are guaranteed, and address the limited observability problem using the equivalence of Moore and Mealy machines. Furthermore, we propose a Recursive Descent traversal algorithm that explores the inverse operation pattern of web services to facilitate incremental development of web services

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Timed Model Checking Based Approach for Web Services Analysis

Nawal Guermouche, Claude Godart — 3/02/2010 22:49

Web services are the main pillar of the Service Oriented Computing (SOC) paradigm which enables the application integration within and across business organizations. One of the important features of the Web services is the choreography aspect which allows to capture collaborative processes involving multiple services. In this context, one of the important investigations is the choreography compatibility analysis. We mean by the choreography compatibility the capability of a set of Web services of actually interacting by exchanging messages in a proper manner. Whether a set of services are compatible depends not only on their sequences of messages but also on quantitative properties such as timed properties. In this paper, we investigate a model checking based approach that deals with checking the compatibility of a choreography in which the Web services support asynchronous timed communications. Particularly,in this paper we are using the model checker UPPAAL.We propose a set of required abstractions that allow to use the model checker UPPAAL to deal with timed asynchronous communicating services.

BPEL’n’Aspects: Adapting Service Orchestration Logic

Dimka Karastoyanova, Frank Leymann — 8/13/2009 01:46

The need for flexibility in process-based applications, in particular during their execution, places the demand forenabling adaptability of processes. AOP is considered to be one of the approaches to flexibly switch on and offfunctionality on per-instance basis in applications during their execution; analogously, this paradigm can be applied in a BPEL environment to enable adaptation of running orchestrations. In the presented approach we strive towards reuse of as much concepts and technology already available in a Web service (WS) environment as possible. We combine standard BPEL, the publish/subscribe paradigm and WS-Policy so that WS operations play the role of aspects with respect to BPEL processes. We present the syntax for such aspects as an extension of the WS-Policy framework. We introduce the architecture of the supporting infrastructure and a prototypical implementation. The approach draws on the combined benefits of service orientation and the AOP paradigm to improve the state-of-the-art techniques for flexibility of service orchestrations in a non-intrusive manner.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Dynamo + Astro: An Integrated Approach for BPEL Monitoring

Luciano Baresi, Sam Guinea, Marco Pistore, Michele Trainotti — 9/16/2009 02:07

In the literature, there exist several approaches for monitoring the execution of BPEL processes. They concentrate on different properties, adopt different languages, work at different levels of abstraction, and assume different perspectives. Even if the field is rather new, we do not think that this diversity is a limitation of current solutions; rather it is intrinsic in the problem itself. We claim that, instead of working on the definition of the ultimate approach for BPEL monitoring, we should push a cooperative approach based on the integration of differentsolutions.In this paper, we present a first step in this direction,and describe a monitoring framework which is obtained by integrating two well-known approaches, namely Dynamo and Astro. This integration, which happens both for the language used for expressing the properties to be monitored, and for the architecture of the monitoring framework, allows to combine the advantages of the two approaches and to obtain a general, comprehensive solutions for BPEL monitoring.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Service Supervision: Coordinating Web Services in Open Environment

Masahiro Tanaka, Toru Ishida, Yohei Murakami, Satoshi Morimoto — 9/16/2009 03:13

A composite Web service designed based on abstract Web services, which define only interfaces, allows an application developer to select services required for his application only by setting endpoints for the atomic Web services.In open environment, however, the composite Web service configured in this manner may fail due to unique behaviors of the selected services. It is difficult for the designer of the composite Web service to prevent the failure because he does not know which services are selected and how they behave.On the other hand, the application developer is not authorized to modify the composite Web service due to the need to protect intellectual rights. Our solution is Service Supervision, which monitors and controls execution of composite Web services. Service Supervision makes the followings possible. 1) An application developer can control the behavior of a composite Web service by changing the executionstate, even if the he is not authorized to modify the composite Web services. 2) A control pattern for coordinating Web services can be applied to various composite Web services in order to reduce the load imposed by designing control processes. In order to realize Service Supervision,we introduce meta-level control of a composite Web service. Moreover we then use the choreography to define the interaction protocols for the controls. The proposed framework is based on existing standard languages, WS-BPEL and WSCDL.Therefore we can exploit existing tools and expertise of SOA engineers.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Domain-Specific Processing of Policies or: WS-Policy Intersection Revisited

Bernhard Hollunder — 8/27/2009 05:52

We present a new approach for checking the compatibility of policy descriptions. At present, policies are widely used for explicitly expressing non-functional properties, capabilities, constraints and requirements of Web services. Policies are crucial in the negotiation phase of service discovery and selection. Typically, a potential service consumer has its own policy that specifies the conditions the service has to fulfil. Ideally,an automatic negotiation process identifies a mutually agreeable policy for both the Web service consumer and provider. WS-Policy defines policy intersection as a “first approximation” for determining the compatibility of policies. However, policy intersection has a major weakness: It is a purely syntactic approach neglecting the semantics of the involved policy assertions. In addition, it is unspecific on how to include domain-specific processing. In this paper we present a new solution that overcomes these deficits by introducing an entailment relation that reflects the semantics of assertions and policies. This paper not only discusses the formal foundations but also introduces the required algorithms such as “semantic policy differencing”.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Integrating Abductive Logic Programming and Description Logics in a Dynamic Contracting Architecture

8/05/2009 03:07

In Semantic Web technologies, searching for a service means to identify components that can potentially satisfy the user needs in terms of outputs and effects (discovery),and that, when invoked by the customer, can fruitfully interact with her (contracting). In this paper, we present an application framework that encompasses both the discovery and the contracting steps, in a unified search process. In particular, we accommodate service discovery by ontologybased reasoning, and contracting by automated reasoning about policies published in a formal language. To this purpose,we consider a formal approach grounded on Computational Logic, and Abductive Logic Programming in particular.We propose a framework, called SCIFF Reasoning Engine, able to establish, by ontological and abductive reasoning, if a semantic web service and a requester can fruitfully inter-operate, taking as input the behavioural interfaces of both the participants, and producing as output a sort of a contract.

An Automated Method for Web Service Orchestration based on Reusable Building Blocks

Frank Alexander Kraemer, Haldor Samset, Rolv Bræk — 8/05/2009 03:08

We describe a complete and largely automated method for the development of systems from web services, which comprises the encapsulation of services, as well as their composition, verification and subsequent implementation in a model-driven manner. The paper follows the steps of the method: In a first phase, we import WSDL descriptions automatically as UML 2.x activities and provide them as building blocks, with some optional, manual adaptations. In a second phase, these building blocks can be used to compose an application that orchestrates web services.The building blocks have behavioral contracts that enable automated, incremental verification based on compositional model checking. We demonstrate the approach by a subscription-based service to receive SMS messages.

From Workflow Models to Executable Web Service Interfaces

8/25/2009 05:06

Workflow models have been used and refined for years to execute processes within organisations. To deal with collaborative processes (choreographies) these internal workflow models have to be aligned with the external behaviour advertised through Web service interfaces. However, traditional workflow management systems (WfMS) do not offer this functionality. Simply sharing and merging process models is often not possible, because workflow management lacks a widely accepted standard theory for workflow models.Multiple research and standardisation efforts to integrate different workflow theories have been proposed over the years. XPDL is the most widely used standard for process model interchange and supported by over 80 systems.However, XPDL also lacks the possibility to relate a workflow model to its possible choreography interface abstractions.To remedy this situation, we propose to abstract the XPDL model to a higher-level model, perform the integration and the compaction algorithms at that level and then ground it back to the desired choreography models. We develop and use an integrated ontology which is based on the XPDL standard for this purpose. To facilitate the abstraction and grounding, we present a mapping procedure to automatically translate XPDL and BPMN workflow models into this ontology. After translation, these models are annotated with a parameterised role model and other collaborative properties. We present a compaction procedure that automatically maps the annotated models into external choreography interfaces that expose only the relevant information for a particular partner collaboration. Our procedure is agnostic with respect to the target choreography model. We demonstrate our approach using WSMO choreographies which enables us to automatically generate interface models from any WfMSs that supports XPDL export.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

QoS-Driven Adaptation of BPEL Scenario Execution

Kareliotis Christos, Costas Vassilakis, Efstathios Rouvas, Panayiotis Georgiad — 8/25/2009 05:15

BPEL/WSBPEL is the predominant approach for combining individual web services into integrated business processes, allowing for the specification of their sequence, control flow and data exchanges. BPEL however does not include mechanisms for considering the invoked services Quality of Service (QoS) parameters and thus BPEL scenarios can neither tailor their execution to the individual user’s needs or adapt to the highly dynamic environment of the WEB, where new services may be deployed, old ones withdrawn or existing ones changing their QoS parameters. Moreover, infrastructure failures in the distributed environment of the web introduce an additional source of failures that must be considered in the context of QoS-aware service execution. In this work we propose a framework for addressing the issues identified above; the framework allows the users to specify the QoS parameters that they require and it undertakes the task of locating and invoking suitable services. Finally, the proposed framework intercepts and resolves faults occurring during service invocation, respecting the QoS restrictions specified by the consumer.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Interoperability Changes in an Adaptive Service Orchestration

Marcel Hiel, Hans Weigand — 8/05/2009 03:14

Business Processes realized by services rely on the functionality of these services. Maintaining the interoperability when services evolve independently is therefore an important and challenging problem. If adaptation is to happen automatically, then determining and categorizing changes and their solutions is crucial. In this paper, we make the following contributions: (1) We provide an overview of previously defined mismatches and provide a common representation based on model management operators. (2) We present a categorization of changes with the categories non-effective, solvable and problematic and validate our categorization. (3) We provide solutions for changes that fall under the solvable category in terms of adaptation operators and describe the process of (self-)adaptation.

Reputation Propagation in Composite Services

Surya Nepal, Zaki Malik, Athman Bouguettaya — 3/03/2010 01:05

This paper investigates the problem of reputation management in composite services. Our focus is on developing a method of distribution of reputation received by a composite service to its component services. The proposed method enables the composite service to provide a fair distribution of reputation values so that a component service is neither penalized nor awarded for the bad and good performances respectively, of other component services. Experiment results show that the proposed technique propagates the “fair share” of reputation from the composite service to its component services.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

An Approach to Incentive-based Reputation for Communities of Web Services

Babak Khosravifar, Jamal Bentahar, Philippe Thiran, Ahmad Moazin, Adrien Guiot — 3/03/2010 01:03

Community of web services (CWS) is a society composed by a number of functionally identical web services. The communities always aim to increase their reputation level in order to obtain more requests. In this paper, we propose an effective mechanism dealing with reputation assessment for communities of web services. The proposed mechanism is based on after-service feedbacks provided by the users to a run-time logging system. The proposed method defines the evaluation metrics involved in reputation assessment of a community, and supervises the logging system in order to verify the validity and soundness of the feedbacks provided by the users. In this paper, the proposed framework is described, a theoretical analysis of its assessment and its implementation along with empirical result discussions are provided. We also show how our model is efficient, particularly in very dynamic environments.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Applying Knowledge Sharing for Business Intelligence Collaboration

Bo Yang, Hao Wang, Fred Douglis — 8/05/2009 03:19

IT services need an automatic and flexible ability to react to dynamic changes in their environment. Managing change effectively and reducing the negative effects of day-today operations has become one of the most important tasks in IT service management, which require hiring highly skilled IT professionals with correspondingly high labor costs. There is a challenge to select, implement and integrate the right resources quickly and effectively. Although there is a growing body of research into IT management, many techniques are either too narrow (focusing on a single component rather than the entire system), or they address only configuration data collection and integration. Instead, one needs to scale or respond to special domain knowledge, collaboration and the right data for helping IT professionals to improve their work. In this paper, we propose a knowledge-sharing based collaborating management system for IT service management. It aims to bridge the gap between domain experts’ knowledge and manageable systems. We developed a proof-of-concept of an impact analysis service based on knowledge-sharing; it establishes an IT service management collaboration paradigm and ecosystem, leveraging the expert’s rich knowledge and experience to improve the management quality and reduce the cost. A case study driven by customers demonstrates that collaboration with knowledge sharing is effective both at constructing useful system analysis services and in using those services to improve system management.

Discovery of Semantic Web Service Flow Based on Computation

Fangfang Liu, Yuliang Shi, Xiangfeng Luo, Guoning Liang, Zheng Xu — 9/16/2009 04:02

Key-word based researches of service discovery focus on direct match of user’s requirements and often neglect relations between services. While techniques based on conventional semantic offer many kinds of relations, considerable time is spent on reasoning. In this paper, we utilizes E-FCM (Element Fuzzy Cognitive Map) to describe services for the reason that E-FCM can keep the semantic information as much as possible and E-FCMs can be automatically created for web services. Furthermore, instead of reasoning, the semantic relations among E-FCM are built based on computation, therefore semantic relations among services can be found out quickly. We focus on the associated semantic relations among services because complex applications always comprise of services with associated functions. The associated link network (ALN) is constructed upon associated relations to generate associated web service flows, which can be used to create complex applications, thus to facilitate discovery efficiency and improve utilization of services.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Efficient Discovery of Collision-Free Service Combinations

Roman Vaculín, Katia Sycara — 9/16/2009 04:40

Majority of service discovery research considers only primitive services as a suitable match for a given query while service combinations are not allowed. However,many realistic queries cannot be matched by individual services and only a combination of several services can satisfy such queries. Allowing service combinations or proper compositions of primitive services as a valid match introduces problems such as unwanted side-effects (i.e., producing an effect that is not requested), effect duplications (i.e.,producing some effect more than once) and contradictory effects (i.e., producing both an effect and its negation). Also the ranking of matched services has to be reconsidered for service combinations. In this paper, we address all the mentioned issues and present a matchmaking algorithm for retrieval of the best top k collision-free service combinations satisfying a given query.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

SAWSDL-MX2: A Machine-learning Approach for Integrating Semantic Web Service Matchmaking Variants

Matthias Klusch, Patrick Kapahnke, Ingo Zinnikus — 8/05/2009 03:23

In this paper, we present SAWSDL-MX2, a hyprid semantic Web service matchmaker for SAWSDL services. Building on our initial work in [11], we adopt logic-based as well as text similarity service selection for model references and add a structural approach from [14], which operates on the pure syntactic description of WSDL elements. The integration of these matching variants is accomplished using a Support VectorMachine (SVM) with non-linear kernel, thus automatically adapting an aggregation function based on previously experienced training data. Results of our performance evaluation based on the standard measures recall and precision over the SAWSDL-TC1 test collection as well as an exhaustive example for all basic matching variants are also given.

An Adaptive Tradeoff Model for Service Performance and Security in Service-based Systems

Stephen S. Yau, Yin Yin, Ho G. An — 3/03/2010 02:22

The message-based communication among services in Service Oriented Architecture (SOA) is vulnerable to various security attacks, and has to be well protected by security mechanisms, which may sacrifice service performance due to limited system resources. In this paper, an adaptive tradeoff model for service performance and security in servicebased systems is presented. This model can be used to adjust security configurations of services to provide sufficient protection and satisfy service performance requirements for SOA-based systems simultaneously. The construction of this model includes the development of a set of metrics to quantitatively measure the performance and security of services, the development of a tradeoff objective function incorporating service performance and security, and the parameter estimation through experiments. An example of service-based secure voice communication system is used to illustrate the construction of this model.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Towards Adaptation of Service Interface Semantics

Li Kuang, Shuiguang Deng, Jian Wu, Ying Li — 3/03/2010 02:04

Interoperability promised by Web service makes it a most promising technology for the development of next generation distributed heterogeneous software systems. Services should be compliant at signature, behavioral and semantic level to make the interoperation successful and correct. Service adaptation provides an effective approach to bridge the incompatibility of services to make them interoperate as well as possible. In this paper, we aim to contribute to the definition of a methodology to develop adaptors that are capable of making two incompatible services interoperate not only successfully but also correctly at semantic level. To achieve this goal, we proposed service specifications for both atomic and composite services with semantic dependency between outputs and inputs specified; then we proposed adaptor specification consisting of three parts, which are message mapping, action mapping and treatment for non-mapping messages. Based on service and adaptor specifications, an incremental derivation approach of a concrete adaptor is given.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

A Dependency Impact Analysis Model for Web Services Evolution

Shuying Wang, Miriam A. M. Capretz — 3/03/2010 01:07

As many software systems have been turned as Web services, the evolutionary changes of Web services are becoming an important issue. To understand the way in which the change affects the services, we must ascertain parts of the system that will be effected by the change and examine them for additional impacts. In this paper, we propose an impact analysis model based on service dependency. In particular, the service dependency graph model, service dependency and the relation matrix are examined. Based on the shift and calculation of the matrix, the dependency and impact of the service evolution can be analyzed and its quantity can be ascertained. Furthermore, we also represent an approach for service change annotation and for service evolution process. Overall, these works provide a foundation for the automatic management, control, and evaluation of service evolution.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Reducing User Perceived Latency with a Middleware for Mobile SOA Access

Andreas Göb, Daniel Schreiber, Louenas Hamdi, Erwin Aitenbichler, Max Mühlhäuser — 9/16/2009 21:37

Network latency is one of the most critical factors for the usability of mobile SOA applications. This paper introduces prefetching and caching enhancements for an existing SOA framework for mobile applications to reduce the user perceived latency. Latency reduction is achieved by proactively sending data to the mobile device that could most likely be requested at a later time. This additional data is piggybacked onto responses to actual requests and injected into a client side cache, so that it can be used without an additional connection. The prefetching is done automatically using a sequence prediction algorithm. The benefit of prefetching and caching enhancements were evaluated for different network settings and a reduction of user perceived latency of up to 31% was found in a typical scenario. In contrast to other prefetching solutions, our piggybacking approach also allows to significantly increase battery lifetime of the mobile device.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

A Mobility-based Clustering and Discovery of Web Services in Mobile Ad-hoc Networks

Yoo-Seok Shim, Yeon-Seok Kim, Kyong-Ho Lee — 9/16/2009 22:32

Web services allow devices running on different platforms to communicate with one another using standardized definitions and access ways. Due to recent developments in mobile networks and devices, many researches are on going to apply Web services to mobile network environments. In this paper, we propose an efficient method that discovers services based on a proposed mobility-based clustering in mobile ad-hoc networks. In order to maintain stable clusters and select a proper service discovery architecture, the proposed method uses the mobility of nodes including direction. Experimental results under different mobility models show that the proposed method outperforms a conventional clustering and service discovery method.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Efficient Access to Composite M-services

Xu Yang, Athman Bouguettaya, Xumin Liu — 8/25/2009 04:30

Wireless Web services, also called Mobile services or M-services, provide access to Web services through wireless networks. In this paper, we propose novel access methods and multi-channel organization for mobile users to effectively access composite M-services in wireless broadcast networks. We define a few semantics for accessing broadcast based M-services and study their impact on access efficiency.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Scalable Optimized Composition of Web Services with Complexity Analysis

Rattikorn Hewett, Phongphun Kijsanayothin, Bach Nguyen — 8/05/2009 03:37

This paper addresses a fundamental issue of web service composition. We present a simple but powerful conceptual model that leads to a scalable approach to automatically constructing a composite web service to meet its requirements by using as few services as possible. Our approach is based on a state space model that has a monotone property to allow efficient search along with efficient algorithms for pruning and simple parallelization. We provide both empirical and theoretical analyses of O(n^2), for a repository with n services. However, the approach takes linear time for sequential compositions when service applicability is performed by service discovery and thus, it is shown to give asymptotically optimal performance. Although optimality in the number of service deployed is not guaranteed, our experiments on public benchmark data sets show correct optimized solutions 100% of the time, with a reduction in the average running time, compared to a well-performed planning-based system, of better than 35% over 207 composition problems.

Improving Web Services Robustness

Nuno Laranjeiro, Marco Vieira, Henrique Madeira — 3/02/2010 22:31

Developing robust web services is a difficult task. Field studies show that a large number of web services are deployed with robustness problems (i.e., presenting unexpected behaviors in the presence of invalid in-puts). Several techniques for the identification of ro-bustness problems have been proposed in the past. This paper proposes a mechanism that automatically fixes the problems detected. The approach consists of using robustness testing to detect robustness issues and then mitigate those issues by applying inputs verifica-tion based on well-defined parameter domains, includ-ing domain dependencies between different parame-ters. This integrated and fully automatable methodolo-gy has been used to improve three different implemen-tations of the TPC-App web services. Results show that this tool can be easily used by developers to improve the robustness of web services implementations.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Enforcement from the Inside: Improving Quality of Business in Process Management

3/02/2010 22:36

In this paper we introduce a new modeling tool for constraint handling in the area of workflow technology. The constraint handlers can be used to improve the quality of business processes but without changing already existing business logic. Todays workflow languages provide no possibility to model constraints and the actions in case the constraints get violated explicitly. Fault and event handling mechanisms to react to events not expected in normal executions are only provided by the BPEL language. Using BPEL as workflow language we integrate the constraint handling extension without changing any existing semantics in a smart way. In our approach we use this fault and event handling mechanisms to extend the BPEL language with a constraint handling mechanism. By integrating this constraint handling tool into the BPEL language we provide an approach for quality driven process modeling with the BPEL language.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Scientific Workflows as Services in caGrid: a Taverna and gRAVI Approach

12/08/2009 21:36

In scientific collaboration platforms such as caGrid, workflow-as-a-service is a useful concept for various reasons, such as easy reuse of workflows, access to remote resources, security concerns, and improved execution performance. We propose a solution for facilitating workflow-as-a-service based on Taverna as the workflow engine and gRAVI as a service wrapping tool. We provide both a generic service to execute all Taverna workflows, and an easy-to-use tool (gRAVI-t) for users to wrap their workflows as workflow-specific services, without developing service code. The signature of the specific service is identical to the corresponding workflow’s input/output definition and is therefore more self-explained to workflow users. These two categories of services are useful in different scenarios, respectively. We use a tumor analysis workflow as an example to demonstrate how the workflow-as-a-service approach benefits the execution performance. Finally a conclusion is drawn and future research opportunities are discussed.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

SPA: A Comprehensive Framework for Hybrid Solution Provisioning

Yuhui Wu, ZhiLe Zou, Ying Chen, Yang Zhao, Qingbo Wang — 12/08/2009 21:41

With the emerging technologies like cloud computing and internet scale data centers, radically simplified deployment approaches are critical for the success of the even more complicated solutions. Although there have been many traditional solution deployment approaches, each of them mainly focuses on particular software type or product. In this paper, we propose the next generation solution deployment paradigm as hybrid solution deployment, which enables fast solution deployment from bare metal mode to production mode based on today’s state-of-the-art provisioning tools. Solution Provisioning Automation (SPA) framework is our practice of such deployment paradigm. In SPA, we use solution template to capture the solution components and their dependencies, which exposes only the necessary parameters for users to customize. Provisioning Requests are placed through reservations and scheduled globally for execution. The SPA engine receives provisioning requests from scheduler, interprets the solution template, manages provisioning tasks and performs runtime logging. We also present a real world case to demonstrate the effectiveness of our approach

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

DIALOG: Distributed Auditing Logs

Christoph Ringelstein, Steffen Staab — 12/08/2009 03:00

Service-oriented systems facilitate business workflows to span multiple organizations (e.g. by means ofWeb ervices). As a side effect, data may be more easily transferred over organizational boundaries. Thus, privacy issues arise. At the same time, there are personal, business and legal requirements for protecting privacy and IPR an llowinustomers to request information about how and by whom their data was handled. Managing these requirements constitutes an unsolved technical and organizational problem. We propose to solve the information request problem by attaching meta-knowledge about how data was handled to the data itself. We present our solution, in form of an architecture, a formalization and an implemented prototype for logging and collecting logs in service riented andcrossorganizational systems.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

WSRec: A Collaborative Filtering Based Web Service Recommender System

Zibin Zheng, Hao Ma, Michael R. Lyu, Irwin King — 3/03/2010 02:29

As the abundance of Web services on the World Wide Web increase, designing effective approaches for Web service selection and recommendation has become more and more important. In this paper, we present WSRec, a Web service recommender system, to attack this crucial problem. WSRec includes a user-contribution mechanism for Web service QoS information collection and an effective and novel hybrid collaborative filtering algorithm for Web service QoS value prediction. WSRec is implemented by Java language and deployed to the real-world environment. To study the prediction performance, A total of 21,197 public Web services are obtained from the Internet and a largescale real-world experiment is conducted, where more than 1.5 millions test results are collected from 150 service users in different countries on 100 publicly availableWeb services located all over the world. The comprehensive experimental analysis shows that WSRec achieves better prediction accuracy than other approaches.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Personalized Web Service Ranking via User Group Combining Association Rule

3/03/2010 02:33

Architecture (SOA) for achieving dynamic business process. With the increased number of web services advertised in public repository, it is becoming vital to provide an efficient web service discovery and selection mechanism with respect to a user’s requirement. Considerable efforts have been made to solve this problem among which semantic based web service discovery has been attained much importance by researchers in academic and industry community. However, there is a challenge in the semantic based web service discovery process, that is, among the retrieved set of semantically equivalent web service candidates, how to discern which one is the best? In this paper, inspired by collaborative filtering idea, a web service ranking framework is proposed in which a set of users with similar interest will be firstly identified. Afterwards, association rules will be found out by analyzing all web service composition transactions related to that set of users. By combining user group and association rule mined from that group,a personalized web service ranking mechanism is achieved and the experiment shows the promising result.

Integrating Behavioral Trust in Web Service Compositions

Sharon Paradesi, Prashant Doshi, Sonu Swaika — 3/03/2010 02:35

Algorithms for composing Web services (WS) traditionally utilize the functional and quality-of-service parameters of candidate services to decide which services to include in the composition. Users often have differing experiences with a WS. While trust in a WS is multi-faceted and consists of security and behavioral aspects, our focus in this paper is on the latter. We adopt a formal model for trust in a WS, which meets many of our intuitions about trustworthy WSs. We hypothesize predictors of a positive experience with a WS and conduct a small pilot study to explore correlations between subjects’ experiences with WSs in a composition and the predictor values for those WSs. Furthermore, we show how we may derive trust for compositions from trust models of individual services. We conclude by presenting and evaluating a novel framework, called Wisp, that utilizes the trust models and, in combination with any WS composition tool, chooses compositions to deploy that are deemed most trustworth

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Modeling Cost-Aware Web Services Composition Using PTCCS

Fangxiong Xiao, Zhiqiu Huang, Zining Cao, Jun Hu, and LinYuan Liu — 8/05/2009 03:49

Process algebra are a set of formal languages that are suitable to describe concurrent and communication systems including web services. Nowadays, although process algebra have been effectively exploited for modeling and verifying functional aspects of web services composition, non-functional aspects have been ignored due to process algebra lack of capability of modeling them. Since execution of web services need to consume resource (and energy, time, fee, etc), we propose an abstract concept, that is, cost, to model this non-functional aspect. We introduce this abstract concept into TCCS(Temporal Calculus of Communicating Systems) that is a classical process algebra and propose a new process algebra called PTCCS(Priced Temporal Calculus of Communicating Systems). We present syntax and semantics of PTCCS, and prove that PTCCS extends TCCS with cost modeling capability. And an algorithm is proposed to construct cost state space that is used to select web services composition with optimal cost. Experiment results show that PTCCS can model both functional aspects and non-functional aspects of web services composition.

DHT-Based Range Query Processing for Web Service Discovery

Yiming Zhang, Ling Liu, Dongsheng Li, Feng Liu, Xicheng Lu — 8/05/2009 03:50

DHTs are scalable, self-organizing, and adaptive to underlying topology changes, thus being a promising infrastructure for realizing efficient Web service discovery. Range queries play an important role in service discovery, and in recent years a number of DHT-based range query schemes have been proposed. However, most of them suffer from high query delay and high processing cost. This paper presents ERQ, an Efficient scheme for delaybounded Range Query processing over DHTs. We first emulate the PHT structure and design a balanced Kautz (BK) tree to uniformly map the m-dimensional data space onto DHT nodes, and then present a novel algorithm that processes range queries in a parallel fashion, where an on-the-fly space pruning mechanism is adopted to reduce the processing cost. In a DHT with N nodes, ERQ can answer any range query in less than logN(2loglogN+1) hops with low processing cost, irrespective of the queried range, the whole space size, or the number of queried attributes. The effectiveness of ERQ is demonstrated through extensive experiments.

Service Provenance in QoS-Aware Web Service Runtimes

Anton Michlmayr, Florian Rosenberg, Philipp Leitner, Schahram Dustdar — 8/05/2009 03:53

In general, provenance of electronic data represents an important issue in information systems. So far, Serviceoriented Computing research has mainly focused on provenance of data. However, service provenance also plays a central role since service providers and consumers want to be aware of the service’s origin and history. In this paper,we present an approach for service provenance that builds on service metadata and various service runtime events. In addition, access control mechanisms are implemented to restrict access to this information. Besides being able to query and subscribe to provenance information,provenance graphs can be used to illustrate the history of services. We give some usage examples of service provenance and show how our approach was integrated into the VRESCo Web service runtime environment.

Gradual Removal of QoS Constraint Violations by Employing Recursive Bargaining Strategy for Optimizing Service Composition Execution Path

Kaijun Ren, Nong Xiao, Junqiang Song, Chi Yang, Min Zhu, Jinjun Chen — 8/05/2009 03:55

A critical issue in service composition area is how to achieve an optimized overall end-to-end quality of service(QoS) requirements by effectively coordinating QoS constraints for individual service. However, this issue has not yet been well addressed. In this paper, we propose a novel method by employing a recursive bargaining Strategy to gradually remove QoS constraint violations for Optimizing service composition execution Path. Our method mainly exploits the hidden market competitive relationships which widely exist in real business world for developing a novel bargaining strategy. Based on this strategy, concessions can be made by service providers to offer better QoS values. By recursively using bargaining strategy, an initial execution path built by a local optimization policy for service composition, can be continually updated to be close to the optimal one by reselecting better service providers for meeting overall end-to-end QoS requirements. An experiment and evaluation have been made to demonstrate the feasibility and effectiveness of our proposed method.

A Framework for Optimal Decentralized Service-Choreography

Saayan Mitra, Ratnesh Kumar, Samik Basu — 8/05/2009 03:57

We address the problem of optimizing mediator-based service composition where the services and the desired composition (goal) functionality are represented as i/oautomata with loops. The objective of optimization is to minimize the costs of communications and computations necessary to realize the goal from the existing services. We develop an algorithm to compute the minimum cost of an automaton representing the choreographed behavior of services realizing the goal. This forms the central theme of our technique for developing automatically a strategy of decentralized mediation that will result in the optimized composition of services.

Equivalence of Web Services in Process-Aware Service Compositions

Stefanie Rinderle-Ma, Manfred Reichert, Martin Jurisch — 8/05/2009 03:59

Deciding on web service equivalence in process-aware service compositions is a crucial challenge throughout the composition life cycle. Restricting such decisions to (activity) label equivalence constitutes a simplification for many practical applications: if two web services have equivalent labels, does this necessarily mean they are equivalent as well? In many scenarios other factors play an important role. Examples include context information (e.g., input and output messages) and information on the position of web services within compositions. In this paper, we introduce the composition life cycle and discuss specific requirements for web service equivalence along its different phases. We define adequate equivalence notions for design, execution, analysis, and evolution of service compositions. Main focus is put on attribute and position equivalence. Altogether this paper is a first step towards a new understanding and treatment of equivalence notions in service compositions.

Building Collaboration Applications That Mix Web Services Hosted Content with P2P Protocols

8/05/2009 04:00

The most commonly deployed web service applications employ client-server communication patterns, with clients running remotely and services hosted in data centers. In this paper, we make the case for Service-Oriented Collaboration applications that combine service-hosted data with collaboration features implemented using peer-to-peer protocols. Collaboration features are awkward to support solely based on the existing web services technologies. Indirection through the data center introduces high latencies and limits scalability, and precludes collaboration between clients connected to one-another but lacking connectivity to the data center. Cornell’s Live Distributed Objects platform combines web services with direct peer-to-peer communication to eliminate these issues.

Collaborative Scientific Workflows

Shiyong Lu, Jia Zhang — 8/05/2009 04:02

In recent years, a number of scientific workflow management systems (SWFMSs) have been developed to help domain scientists synergistically integrate distributed computations, datasets, and analysis tools to enable and accelerate scientific discoveries. As more scientific research projects become collaborative in nature, there is a compelling need of dedicated services to support collaborative scientific workflows on the Internet.This paper reviews the state of the art of the field of scientific workflows towards the support of collaborative scientific workflows, identifies critical research challenges, and presents our ongoing research work aiming to study how to create services supporting collaborative scientific workflows.

Application of Management Frameworks to Manage Workflow-based Systems: A Case Study on a Large Scale E-Science Project

Srinath Perera, Suresh Marru, Thilina Gunarathne, Dennis Gannon, Beth Plale — 8/05/2009 04:03

Management architectures are well discussed in the literature, but their application in real life settings has notbeen as well covered. Automatic management of a system involves many more complexities than closing the controlloop by reacting to sensor data and executing corrective actions. In this paper, we discuss those complexities and propose solutions to those problems on top of Hasthi management framework, where Hasthi is a robust, scalable, and distributed management framework that enables users to manage a system by enforcing management logic authored by users themselves. Furthermore, we present in detail a real life case study, which uses Hasthi to manage a large, SOA based, E-Science Cyberinfrastructure.

Identity Attribute-based Role Provisioning for Human WS-BPEL processes

Federica Paci, Rodolfo Ferrini, Elisa Bertino — 8/05/2009 04:07

The WS-BPEL specification focuses on business processes the activities of which are assumed to be interactions with Web services. However, WS-BPEL processes go beyond the orchestration of activities exposed as Web services. There are cases in which people must be considered as additional participants to the execution of a process. The inclusion of humans, in turn, requires solutions to support the specification and enforcement of authorizations to users for the execution of human activities while enforcing authorization constraints. In this paper, we extend RBAC-WSBPEL, a role-based authorization framework for WS-BPEL processes with an identity attribute-based role provisioning approach that preserves the privacy of the users who claim the execution of human activities. Such approach is based on the notion of identity records and role provisioning policies, and uses Pedersen commitments, aggregated zero knowledge proof of knowledge, and Oblivious Commitment-Based Envelope protocols to achieve privacy of user identity information.

Aspect-Oriented Quality of Service for Web Services: a Model-Driven Approach

Guadalupe Ortiz, Behzad Bordbar — 8/05/2009 04:10

Implementing and maintaining non-functional properties related to the monitoring of Quality of Service (QoS) can be expensive and complex tasks; with this paper, we present a model-based approach to the implementation of QoS monitors. Our approach uses platform-independent models in order to describe the system and its related QoS constraints. Then, we conduct Model-Driven Development (MDD) transformations for the implementation of both the system and its QoS constraints. Following the Aspect-Oriented Programming (AOP) paradigm, QoS constraints are implemented as aspects, which are weaved into the system implementation. Finally, we present a case study in order to support the evaluation of our approach.

Design of SOA Based Web Service Systems Using QFD for Satisfaction of Quality of Service Requirements

Xiaoqing (Frank) Liu, Lianzhang Zhu — 8/05/2009 04:11

Service-Oriented Architecture (SOA) is a loosely-coupled architecture designed to meet business needs of an organization. It is becoming a trend for system development and integration where systems group functionality around business processes. Although SOA does not require Web services, Web services are based on accepted standards and drive SOA to the mainstream. There are at least two challenges with quality management of SOA based Web service systems. One of them is how to link explicitly its technical capabilities with customers’ needs to satisfy customers’ functional and nonfunctional requirements. The second is how to determine targets of Web service technical attributes. The first issue is not addressed at all and the second issue is dealt with subjectively in the current practice of development of SOA based web service systems. Quality Function Deployment (QFD) is a major quality management system used to determine product development characteristics from customer requirements. It has found its success in improving quality of complex products, such as automobiles, aircrafts, and consumer electronics, although it has not been used in the development of SOA based Web service systems. In this paper, we analyze a number of quality of Web service requirements and their related technical attributes, and apply the QFD for developing SOA based Web service systems by linking quality of service requirements to Web service design attributes. An impact based linear regression method is used to determine technical targets of design features of SOA based Web service systems for the satisfaction of quality of service requirements.

Contract-First Design Techniques for Building Enterprise Web Services

Youliang Zhong, Jian Yang — 2/03/2010 01:17

Based on real development experience, the paper presents a collection of design techniques for building enterprise web services. By applying the techniques to web services development, not only the development increases reusability and productivity, but also the web services improve agility and compatibility.Enterprise web services require high grade of competency in designing web service contracts. A contract of web service formalizes an agreement between web service provider and consumer, in the forms of WSDLs, service schemas and policies. Though contract-first method provides great potential of directly dealing with the contracts, and a number of articles have been published regarding designing WS and XML schemas, however it is still hard for developers to find cookbooks or guidelines concentrated on designing web service contracts with contract-first method. To fill the gap,a set of design techniques are introduced and deployed in practice, incorporating some best practices scattered over the web services community. These techniques cover most of the key aspects of web service, including consolidating service schemas in line with business entities, constructing coarsegrained namespaces, applying versioning over WSDLs and service schemas, and writing fine-grained filters with contracts.

Rapid Identification Approach for Reusable SOA Assets Using Component Business Maps

Islam Elgedawy, Lakshmish Ramaswamy — 2/03/2010 01:16

Substantial savings from asset reuse result when the right assets are identi_ed in the very early stages of a client engagement. Unfortunately, advanced identification approaches (known by having high precision and recall, such as behavior-based approaches) cannot be adopted in these early stages, because at these early stages, there is no many details nor much understanding about the client functional requirements. On the other hand, unstructured keyword based identi_cation approaches are known of having low precision and recall. To overcome this problem, we argue that assets descriptions should have explicit information about the business activities realized by the assets. To be able to capture this information in a machine understandable format, this paper proposes a model for describing reusable assets functional scopes using Component Business Maps (CBMs), in which the asset scope is represented as a hierarchy of CBM elements. Adopting this scope model, the paper proposes a rapid identi_cation approach for reusable assets that retrieves assets based on their CBM projections. We believe the proposed approach provides better precision and recall when compared to unstructured keyword-based approaches.

CCOA: Cloud Computing Open Architecture

Liang-Jie Zhang，Qun Zhou — 3/05/2010 01:45

Cloud Computing is evolving as a key computing platform for sharing resources that include infrastructures, software, applications, and business processes. Virtualization is a core technology for enabling cloud resource sharing. However, most existing Cloud Computing platforms have not formally adopted the service-oriented architecture (SOA) that would make them more flexible, extensible, and reusable. By bridging the power of SOA and virtualization in the context of Cloud Computing ecosystem, this paper presents seven architectural principles and derives ten interconnected architectural modules to form a reusable and customizable Cloud Computing Open Architecture (CCOA). Two case studies on Infrastructure and Business Cloud are used to deliver business and practical value of infrastructure and business process provisioning services over the Internet. We also present some potential valueadded services of the proposed CCOA to guide strategic planning and other consulting practices of Cloud Computing.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Virtualizing Services and Resources with ProBus: The WS-Policy-Aware Service and Resource Bus

3/05/2010 01:38

A fundamental principle of service oriented architectures is the decoupling of service requesters and service providers to enable late binding of services at deployment time or even dynamic binding of services at runtime. This is important in enterprise settings, where different services that implement business functions in critical business processes are dynamically chosen based on availability or price. The same problem also applies to dynamic Grid environments where resources need to be dynamically chosen based on availability and other non-functional properties. The WS-Policy framework describes how policies for both providers and requesters are specified to allow the selection of services based on these policies. Existing approaches, using WS-Policy, have drawbacks by placing the burden of the service selection partially on the client. In this paper we present an extended enterprise service bus that allows service clients to submit policies to which service providers need to comply with together in one message with the service invocation request. We show how these policies are evaluated in the bus and how policies are defined for not only stateless services, but also stateful resources.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Vulnerable Cloud: SOAP Message Security Validation Revisited

Nils Gruschka, Luigi Lo Iacono — 3/05/2010 01:35

The service-oriented architecture paradigm is influencing modern software systems remarkably and Web Services are a common technology to implement such systems. However, the numerous Web Service standard specifications and especially their ambiguity result in a high complexity which opens the door for security-critical mistakes. This paper aims on raising awareness of this issue while discussing a vulnerability in Amazon’s Elastic Compute Cloud (EC2) services to XML wrapping attacks, which has since been resolved as a result of our findings and disclosure. More importantly, this paper discusses the verification steps required to effectively validate an incoming SOAP request. It reviews the available work in the light of the discovered Amazon EC2 vulnerability and provides a practical guideline for achieving a robust and effective SOAP message security validation mechanism.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Scalable and Reliable Location Services through Decentralized Replication

Gong Zhang, Ling Liu, Sangeetha Seshadri, Bhuvan Bamba, Yuehua Wang — 8/05/2009 04:20

One of the critical challenges for service oriented computing systems is the capability to guarantee scalable and reliable service provision. This paper presents Reliable GeoGrid, a decentralized service computing architecture based on geographical location aware overlay network for supporting reliable and scalable mobile information delivery services. The reliable GeoGrid approach offers two distinct features. First, we develop a distributed replication scheme, aiming at providing scalable and reliable processing of location service requests in decentralized pervasive computing environments. Our replica management operates on a network of heterogeneous nodes and utilizes a shortcut-based optimization to increase the resilience of the system against node failures and network failures. Second, we devise a dynamic load balancing technique that exploits the service processing capabilities of replicas to scale the system in anticipation of unexpected workload changes and node failures by taking into account of node heterogeneity, network proximity, and changing workload at each node. Our experimental evaluation shows that the reliable GeoGrid architecture is highly scalable under changing service workloads with moving hotspots and highly reliable in the presence of both individual node failures and massive node failures.

A Contract-based Accountability Service Model

Chen Wang, Shiping Chen, John Zic — 2/04/2010 01:12

As growing number of real-world activities are performed through Internet connected services, there are increasing needs to make the behaviors of both service consumer and provider accountable. Many efforts attempting to regulate services and to guarantee service qualities lack sufficient accountability support. This paper treats accountability as a service and proposes a novel contractbased accountability service model to tackle this problem. The model uses federated accountability services to audit interactions between service consumers and service providers so that misbehaviors can be detected with undeniable evidences. We show how Internet data management services can be made accountable using this service model. We implemented the data management service and characterized its performance.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

WS-Policy: On Conditional and Custom Assertions

Bernhard Hollunder — 8/05/2009 04:23

Today, Web services play a dominant role in Enterprise Application Integration (EAI) and for realizing Service Oriented Architectures (SOA), which define the architectural foundation for various kinds of distributed applications. In many business domains, Web services must exhibit quality attributes such as robustness, security, and maintainability. As a consequence, there is a high demand to develop Web services with Quality of Service (QoS) properties. Several specifications of the WS-* family, e.g. WS-Security and WS-ReliableMessaging, aim at simplifying the development and deployment of QoS-aware Web services. Although these approaches cover some typical application scenarios, their expressivity and flexibility are limited by the underlying WSPolicy framework. This paper proposes the syntax and semantics of a new WS-Policy operator that enables the introduction of conditional assertions. Secondly, a framework for managing different types of custom assertions is presented. Finally, this paper describes a proof of concept implementation demonstrating the practical feasibility of both extensions.

A Dynamic Approach toward QoS-Aware Service Workflow Composition

David Chiu, Sagar Deshpande, Gagan Agrawal, Rongxing Li — 3/10/2010 20:15

Web service-based workflow management systems have garnered considerable attention for automating and scheduling dependent operations. Such systems often support user preferences, e.g., time of completion, but with the rebirth of distributed computing via the grid/cloud, new challenges are abound: multiple disparate data sources,networks, nodes, and the potential for moving very large datasets. In this paper, we present a framework for integrating QoS support in a service workflow composition system. The relationship between workflow execution time and accuracy is exploited through an automatic workflow composition scheme. The algorithm, equipped with a framework for defining cost models on service completion times and error propagation, composes service workflows which can adapt to user’s QoS preferences.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

A MapReduce-Enabled Scientific Workflow Composition Framework

Xubo Fei, Shiyong Lu, Cui Lin — 3/05/2010 01:40

MapReduce has recently gained a lot of attention as a parallel programming model for scalable data-intensive business and scientific analysis. In order to benefit from this powerful programming model in a scientific workflow environment, we propose a MapReduce-enabled scientific workflow composition framework consisting of: i) a dataflowbased scientific workflow model that separates the declaration of the workflow interface from the definition of its functional body; ii) a set of dataflow constructs, including Map, Reduce, Loop, and Conditional, and their composition semantics to enable MapReduce-style scientific workflows; iii) an XML-based scientific workflow specification language, called WSL, in which both Map and Reduce are fully composable with other dataflow constructs in both flat and hierarchical manners. Besides leveraging the power of MapReduce to the workflow level, our workflow composition framework is unique in that workflows are the only operands for composition; in this way, our approach elegantly solves the two-world problem of existing composition frameworks, in which composition needs to deal with both the world of tasks and the world of workflows. The proposed framework is implemented and a case study is conducted to validate our techniques.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

An Abstraction Framework for Service Composition in Event-driven SOA systems

Sourish Dasgupta, Satish Bhat, Yugyung Lee — 8/05/2009 04:27

In this paper, we propose an Internet public Web service matching approach that paves the way for (semi-)automatic service mashup. We will first provide the overview of the solution, which requires a detailed review of two fundamental models – schema/graph matching and semantic space. Based on the conceptual model and the literature study, the complete service matching approach is then provided with four essential steps – semantic space, parameter tree, similarity measures, and WSDL operation matching. The system demonstration that proves the concept proposed in this approach is finally presented. The solution has the potential to facilitate the Internet services mashup.

Using Model Customization for Variability Management in Service Compositions

Hadaytullah, Kai Koskimies, Tarja Systä — 2/04/2010 00:58

Service Oriented Architecture (SOA) is currently supported by an infrastructure that facilitates modeldriven development, but reuse issues have received less attention. A key problem in reuse is variability management: how to support the specification and usage of the variation points of the system. In this paper, we propose an approach for model-level variability management, assuming UML activity diagrams as the notation for service composition models in SOA. The approach is based on specifying variation points using so-called specialization patterns, which have been originally developed to support task-driven specialization of application frameworks. We demonstrate the approach with a prototype tool and an example. The approach leads to a guided model customization process focusing on the variation points, making it easy to produce a variant of a basic model.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Supporting Rebinding in BPEL Processes

Anja Strunk, Iris Braun, Sandro Reichert, Alexander Schill — 8/05/2009 04:30

The idea of the future internet of services is to combine several services of numerous service providers to new value-added services or applications. To sell these services on so-called service marketplaces the providers have to ensure a high quality of service execution. But how could a provider of a composed service ensure the quality of the whole application, if single services of other providers fail or do not reach the required level of quality? This article describes an approach for modeling adaptation in web service compositions to ensure a guaranteed quality of service for the whole composite service. A special adaptation mechanism is the rebinding of single services while the process is executed if the services fail or could not reach the needed QoS level. We will present a solution for modeling these rebinding concepts in BPEL processes and the infrastructure to support this adaptation mechanism at run-time.

A Conceptual Modeling Approach to Business Service Mashup Development

3/05/2010 01:58

Professional mashups that include complex choreographies, data mediation, and result publishing within Web pages are still affected by implementation and design practices that rely either on very simple models or on low-level scripting and programming skills of developers, thus hampering the use of mashups in business context as rapid solution to immediate problems. Indeed, industrialization of their development is still a hard objective to achieve. We propose a design methodology based on visual models to improve the quality and the productivity of service mashups and presentation of the results, thus increasing their acceptance as professional applications in the business scenario. Existing software engineering methods are combined together in an innovative mix, comprising standard business process modeling languages (namely, BPMN) to describe a high-level view of the mashup orchestration and on WebML (Web Modeling Language) to specify the detailed Web application model, including Web service interactions, hypertext navigation, event management, and rich user interfaces.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

A Novel Dynamic Priority Scheduling Algorithm of Process Engine in SOA

QiMing Tian, Li Li, Ling Jin, XinXin Bai — 8/05/2009 04:33

EAI and SOA are widely adopted in enterprise information systems with business processes being orchestrated by a process engine. An algorithm which schedules tasks of process instances to maximize overall customer satisfaction is proposed in this paper. This new algorithm maximizes the total value of all process instances by dynamically assigning different priority to each task based on the business value and time-left of the corresponding process instances. The value of each kind of process instance is modeled as a utility function of response time which reflects the inverse proportional relationship between the customer satisfaction and response time. Experiments show that the total value of utility function with the proposed algorithm is promoted a lot than traditional methods.

A Relational Approach for Efficient Service Selection

Qi Yu, Manjeet Rege — 3/05/2010 02:00

Web services are gaining momentum as a major vehicle to deliver business functionalities on the Web. More and more business organizations have begun to use Web service to facilitate user interactions and the collaboration among themselves. This essentially forms a large service space, which still keeps growing. Meanwhile, there may be functionality overlaps among different service providers. The concept of Quality of Web Serivce (QoWS) is emerging as a key feature in distinguishing between competing service providers. We present in this paper a systematic approach for efficiently service selection by using QoWS as the major criterion. In particular, we adopt a relational approach that enables to store QoWS information in a relational DBMS and leverage standard relational operators for efficient service selection. We perform a preliminary experiment to evaluate the proposed service selection algorithms.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Mobile In-Store Personalized Services

Jun Li, Ismail Ari, Jhilmil Jain, Alan H. Karp, Mohamed Dekhil — 2/04/2010 00:59

The Mobile Shopping Assistant (MSA) is a mobile application platform to deliver real-time, in-store, and personalized services, such as personalized product offerings and in-store customer advisory support, to improve the shopping experiences of in-store customers. The service delivery network that powers the MSA involves retail stores and their business partners such as manufacturers. This paper presents the core technologies that we developed in this crossorganizational service network to support the MSA and its personalized services, with focus on service delivery, customer behavior understanding and information sharing. Our eventbased techniques allow customers, stores and manufacturers to deliver and consume the services in a loosely coupled manner, thus solving a critical store-specific real-time engagement problem in a seamless way. Service response tracking enables the stores to construct a comprehensive view of a customer’s in-store shopping behavior. Finally, the cross-organizational authorization-based access control mechanism effectively enforces information sharing between the stores and their partners.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

A Service-Oriented System for Optimizing Residential Energy Use

Chen Wang, Martin de Groot, Peter Marendy — 2/04/2010 01:01

Significant consumption and cost savings can bev made by better managing energy usage within small commercial properties and individual dwellings. By combining Web services and off-the-shelf home automation equipment, it is now possible to build a cost-effective infrastructure to support the delivery of energy management services to small consumers. In this paper we treat residential energy management as a resource management problem in a distributed computing system. Energy consumers are able to delegate the energy management of smart-meter connected appliances to these energy service providers and specify their energy consumption preference through access policies. We give an optimal scenario in terms of energy cost and efficiency in this service model. We also design an algorithm that makes use of aggregated user information to achieve near optimal energy use among residential electricity users.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

The Web Service Browser: Automatic Client Generation and Efficient Data Transfer for Web Services

2/04/2010 01:03

Web services are supported by almost all major software vendors, but nevertheless there is still a certain barrier that prevents a broader user community to actually use them. The barrier is the lack of appropriate clients offered in conjunction with the services. This paper presents a Web Service Browser that automatically generates a dynamic user interface when the user browses to the location of the service description and additionally handles the invocation of the service. To ease the use of the service, the browser takes care of data management by using an implementation of the Flex-SwA architecture. Results are presented to the user in a human-readable manner. When the result contains multimedia data, an audio or video player is used to present the result. Use cases demonstrate the benefits of the browser. With the Web Service Browser, web services simply become a usable component offered in the WWW.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Infoset for Service Abstraction and Lightweight Message Processing

Li Li, Wu Chou — 3/05/2010 02:01

Web services technologies are undergoing some significant changes at several levels, ranging from architectural styles (REST vs. SOAP) to message formats. To cope with these changes, there is a need to design services in an abstract fashion that is less sensitive to these changes so that our technological and economic investments are protected. To address this issue, this paper proposes an abstract modeling framework, called Infoset, both as a design and analysis tool and a message processing architecture. The benefit of Infoset is demonstrated first on some dual web services that provide both REST and SOAP access. The Infoset analysis modeling reveals the commonality and differences between dual web services, making it feasible to design abstract web services. Infoset also leads to a rule based message processing architecture that avoids the problems in current static Object/XML SOAP engines. By dynamically computing the context of Infoset rules in message workflows, dependences between integrated web services are reduced and the reusability of services logic is increased. A prototype of this architecture is implemented and the preliminary experimental results indicate that the performance is satisfactory.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Intelligent Matching for Public Internet Web Services –Towards Semi-Automatic Internet Services Mashup

Chen Wu, Tharam Dillon, Elizabeth Chang — 8/05/2009 04:40

Service-Oriented Architecture for Privacy-Preserving Data Mashup

Thomas Trojer, Benjamin C. M. Fung, Patrick C.K. Hung — 3/10/2010 20:15

Mashup is a web technology that combines information from more than one source into a single web application. This technique provides a new platform for different data providers to flexibly integrate their expertise and deliver highly customizable services to their customers. Nonetheless, combining data from different sources could potentially reveal person-specific sensitive information. In this paper, we study and resolve a real-life privacy problem in a data mashup application for the financial industry in Sweden. Therefore we propose a service-oriented architecture for privacy-preserving data mashup together with a multiparty protocol to securely integrate private data from different data providers, whereas the integrated data still retains the essential information for supporting general data exploration or a specific data mining task, such as classification analysis. Experiments on real-life data suggest that our proposed method is effective for simultaneously preserving both privacy and information usefulness.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Composing Services for Third-party Service Delivery

Ingo Weber, Alistair Barros, Norman May, Jörg Hoffmann, Tomasz Kaczmarek — 2/04/2010 01:03

This paper proposes a model-based technique for lowering the entrance barrier for service providers to registerservices with a marketplace broker, such that the service is rapidly configured to utilize the broker’s local service delivery management components. Specifically, it uses process modeling for supporting the execution steps of a service and shows how service delivery functions (e.g. payment points) “local” to a service broker can be correctly configured into the process model. By formalizing the different operations in a service delivery function (like payment or settlement) and their allowable execution sequences (full payments must follow partial payments), including crossfunction dependencies, it shows how through tool support, the non-technical user can quickly configure service delivery functions in a consistent and complete way.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Establishing and Monitoring SLAs in Complex Service Based Systems

Marco Comuzzi, Constantinos Kotsokalis, George Spanoudakis, Ramin Yahyapour — 2/04/2010 01:05

In modern service economies, service provisioning needs to be regulated by complex SLA hierarchies among providers of heterogeneous services, defined at the business, software, and infrastructure layers. Starting from the SLA Management framework defined in the SLA@SOI EU FP7 Integrated Project, we focus on the relationship between establishment and monitoring of such SLAs, showing how the two processes become tightly interleaved in order to provide meaningful mechanisms for SLA management. We first describe the process for SLA establishment adopted within the framework; then, we propose an architecture for monitoring SLAs, which satisfies the two main requirements introduced by SLA establishment: the availability of historical data for evaluating SLA offers and the assessment of the capability to monitor the terms in a SLA offer.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Inferring Behavioural Models from Traces of Business Applications

Arnaud Dury, Hesham H. Hallal, Alexandre Petrenko — 2/04/2010 01:06

We present an approach to the inference of automata models of web-based business applications using only execution traces recording the externally observable behaviour of such applications. The proposed approach yields behavioural models representing both the control flow of an application and the data variations corresponding to different types of users. We also describe how the obtained models allow the use of verification techniques like model checking in the validation phase using a case study featuring a travel reservation agency.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

A Performance Evaluation Study for Web Services Attachments

3/10/2010 20:13

Web Services are a technology based on the Service Oriented Architecture that enables communication between applications through the Internet. Using Web Services, it is possible to send any type of information in any form of encryption. In this context, different techniques have been used to attach binary files in SOAP messages. However, there is no consensus on which technique has the best performance. This paper presents a performance evaluation study with three techniques for Web Service attachments: Pure Binary, MTOM and SwA. A testing environment was configured to verify the influence of the network and the size of files. Also, we present a tool called WSATPerf that supports the execution of the performance evaluation

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Analytic Architecture Assessment in SOA Solution Design and Its Engineering Application

Nianjun Zhou, Liang-Jie Zhang — 3/05/2010 01:43

In this paper, we present an architecture-centric assessment approach for model evaluation over reference architecture to quantitatively estimate architecture maturity and architecture quality. Such assessment is essential to support design-level refinement for an enterprise solution. To achieve this analytic goal, we select a nine-layer SOA solution stack (S3) as reference architecture, and introduce the necessary mathematical definitions and formulation. The baseline for such assessment is a model template composed by S3 solution patterns. A template is the starting point of creating a design model. The selection of such template will largely determine the architecture properties of final SOA solution. The maturity analysis is carried out at different granularity levels (architecture building block, architecture layer, and architecture model) to justify the ‘completeness’ of a design. The quality assessment is accomplished through a set of quality-indicators to justify the ‘goodness’ of an architecture based on the relationships of architecture building block instances. Finally, using UML 2.0 to capture the model of S3, we provide a real assessment prototype developed over IBM RSA platform.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

SOA Middleware Support for Service Process Reconfiguration with End-to-End QoS Constraints

Yanlong Zhai, Jing Zhang, Kwei-Jay Lin — 3/05/2010 01:50

In SOA, services may become volatile and fail to deliver the quality of service as requested by users. In this paper, we present an approach for repairing failed services by replacing them with new services and ensuring the new service process still meets the user specified end-to-end QoS constraints. An iterative structural inspection algorithm is designed to produce reconfiguration regions that include one or more failed service. By reconfiguring only services in the selected regions, the business process will not be affected significantly. The algorithm may also utilize those available QoS constraints to relax the original constraints of a reconfiguration region and to provide more effective reconfiguration solutions. We also present the middleware components to support the service reconfiguration in the LLAMA framework.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Reiki: Serviceability Architecture and Approach for Reduction and Management of Product Service Incidents

8/05/2009 04:49

Hong Wang There is a significant number of IT failures per year because parts fail, products are used in ways they were not designed for, and humans make errors in using products. These failures result in incidents that product vendors service as a part of the warranty or contracts. Incidents incur significant costs for servicing them, including call centers, parts, and field engineers. Some of the major problems include lack of coherent incident information, leading to inaccurate service diagnosis andinability to forecast failures. At the same time, technology has evolved. Hardware is generally more reliable, failures are moving from hardware to firmware, software, and applications. The scale effect limits human operator engagement, prevents centralized approaches, and expands automation. Traditional ways of handling incidents are not appropriate any more. In this paper we present a set of tools and approaches that enable unified serviceability with selfhealing, automated learning, and an analysis engine. Unified serviceability with self-healing results in clean incident data and it reduces criticality of incidents into deferred maintenance. Automated learning produces empirically proven actionable knowledge enabling cost reduction of automated incident resolution. Using clean data and actionable knowledge, the analysis engine helps predict failures and determine trends, resulting in preventive maintenance. Collectively, preventive and deferred maintenance and automated incident service significantly reduce the costs. This way we have aligned incidents cost with the technology trends.

An Extensible Abstract Service Orchestration Framework

Stéphanie Chollet, Philippe Lalanda — 2/04/2010 01:07

Service composition is complex. It has to reach a set of pre-defined non-functional qualities, like security for instance, which requires the production of complicated code. This code, often distributed between client and server sides, is highly error-prone and difficult to maintain. In this paper, we present a generative environment for the orchestration of abstract services and the separate specification of non-functional properties. This environment has been built within the European SODA project and validated on several industrial use cases. In this paper, we focus on an alarm management scenario with stringent security requirements.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Pat: A P2P based Publish/Subscribe System for QoS Information Dissemination of Web Services

Xiao Zheng, Junzhou Luo, Jiuxin Cao — 8/05/2009 04:51

A fundamental problem that confronts QoS-aware service selection and composition is the efficient and timely QoS information obtainment. Current research on this problem usually involves query-based or monitoring-based methods. However, in a dynamic and volatile service oriented computing (SOC) environment, these solutions suffer some or all of the limitations, such as cost, timeliness guarantee and salability. This paper presents Pat, a P2P based publish/subscribe system to disseminate new revised QoS information. Pat aims at reliable and efficient QoS information dissemination in large-scale SOC environments. It exploits specialized rendezvous points (RP) and a replicas mechanism to reduce the risk of subscriptions loss and consequently improve reliability. A reverse RP ring is designed to quicken subscription delivery and QoS information publication. In addition, an optimization mechanism for composite services is built into Pat, which helps to reduce notification traffic. Simulation results show that Pat is reliable, efficient and scalable.

A Flexible Approach for Automatic Process Decentralization using Dependency Tables

Walid Fdhila, Ustun Yildiz, Claude Godart — 8/05/2009 04:52

Web service paradigm and related technologies have provided favorable means for the realization of collaborative business processes. From both conceptual and implementation points of view, the business processes are based on a centralized management approach. Nevertheless, it is very well known that the enterprise-wide process management where processes may span multiple organizational units requires particular considerations on scalability, heterogeneity, availability and privacy issues, that in turn, require particular consideration on decentralization. In this paper, our aim is to reconcile the decentralization of processes as a step towards the enterprise-wide solutions. We propose a methodology for transforming a centralized process specification into a form that is amenable to a distributed execution and to incorporate the necessary synchronization between different processing entities. The proposed technique has the advantage of being flexible that it computes the abstract constructs and provides a generalized approach to the decentralization of processes.

A Tool for Choreography Analysis Using Collaboration Diagrams

Tevfik Bultan, Chris Ferguson, Xiang Fu — 8/05/2009 04:54

Analyzing interactions among peers that interact via messages is a crucial problem due to increasingly distributed nature of current software systems, especially the ones built using the service oriented computing paradigm. In service oriented computing, interactions among peers participating to a composite service involve message exchanges across organizational boundaries in a distributed computing environment. In order to build such systems in a reliable manner, it is necessary to develop techniques for analysis and verification of interactions among services. Collaboration diagrams provide a convenient visual model for modeling service interactions. In this paper, we present a tool that 1) checks the realizability of interactions specified by the given collaboration diagram, 2) verifies the LTL properties of the interactions specified by the given collaboration diagram by automatically converting it to a state machine model, and 3) synthesizes peer state machines that realize the set of interactions specified by the given collaboration diagram.

An Approach to Composing Web Services with Context Heterogeneity

Xitong Li, Stuart Madnick, Hongwei Zhu, Yushun Fan — 8/05/2009 04:54

The potential benefits of Web services composition heavily rely on semantic interoperability, i.e., the ability to exchange data meaningfully amongst Web services. Context heterogeneity, which refers to different implicit assumptions about interpreting the exchanged data, hampers the automatic composition of Web services. However, existing initiatives of Semantic Web Services (SWSs) often ignore context heterogeneity. In this paper, we introduce an approach to address this issue. The contexts of the involved Web services are defined in a lightweight ontology and their WSDL descriptions are annotated by an extension of a W3C standard, i.e., Semantic Annotation for WSDL and XML Schema (SAWSDL). The composition of Web services is described using BPEL specification. Given a BPEL file that ignores context heterogeneity, the approach automatically detects all context differences among the involved services, and reconciles them by producing a mediated BPEL file that incorporates necessary conversions using XPath functions and/or Web services.

User-Perceived Service Availability: A Metric and an Estimation Approach

Lingshuang Shao, Junfeng Zhao, Tao Xie, Lu Zhang, Bing Xie, Hong Mei — 2/04/2010 01:08

Web-service-related techniques have become popular to improve system integration and interaction. In distributed and dynamic environment, web services’ availability has been regarded as one of the key properties for (critical) service-oriented applications. Quality of Service (QoS), including availability, has been regarded by IEEE as a user perceived property. However, based on our investigation of monitoring invocation records of real web services, existing availability metrics, which were proposed in traditional domains, have not addressed the “user-perceived” characteristics. Based on analyzing the limitations of the existing availability metrics, we propose a status-based userperceived service availability metric and a corresponding estimation approach. Experiments on monitoring and analyzing the invocation records of real services demonstrate that the new metric and the corresponding estimation approach could lead to a feasible estimation on web services’ availability from the user side.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

A Unified Test Framework for Continuous Integration Testing of SOA solutions

Hehui Liu, Zhongjie Li, Jun Zhu, Huafang Tan, Heyuan Huang — 2/04/2010 01:09

The quality of Service Oriented Architecture (SOA) solutions is becoming more and more important along with the increasing adoption of SOA. Continuous Integration Testing (CIT) is an effective technology to discover bugs as early as possible. However, the diversity of programming models used in an SOA solution and the distribution nature of an SOA solution pose new challenges for CIT. Existing testing frameworks more focus on the integration testing of applications developed by a single programming model. In this paper, a unified test framework is proposed to overcome these limitations and enable the CIT of SOA solutions across the whole development lifecycle. This framework is designed following the Model Driven Architecture (MDA). The information of an executable test case is separated into two layers: the behavior layer and the configuration layer. The behavior layer represents the test logic of a test case and is platform independent. The configuration layer contains the platform specific information and is configurable for different programming models. An extensible and pluggable test execution engine is specially designed to execute the integration test cases. A global test case identifier instrumentation approach is used to merge the distributed test case execution traces captured by ITCAM – an IBM integrated management tool. A verification approach supporting Boolean expression and back-end service interaction verification is proposed to verify the test execution result. Initial experiments have shown the effectiveness of this unified test framework.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Service Composition as Generative Constraint Satisfaction

Wolfgang Mayer, Rajesh Thiagarajan, Markus Stumptner — 2/04/2010 01:11

The ability to build new (complex) services by composing existing services is one of the key benefits of the Service Oriented Architecture paradigm. Existing approaches to automate composition requires pre-planning or prediction of the number of required services, making them unsuitable in dynamic composition scenarios. To address this gap, we present a consistency-based service composition approach, where composition problems are modeled in a generative constraintbased formalism. We illustrate how the configuration of service processes differs from established constraint-based configuration techniques and develop an algorithm to synthesis valid service process compositions. We also show that our technique scales well to non-trivial problems

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

SOA-based Integration of the Internet of Things in Enterprise Services

2/04/2010 01:12

Advances in the areas of embedded systems, computing, and networking are leading to an infrastructure composed of millions of heterogeneous devices. These devices will not simply convey information but process it in transit, connect peer to peer, and form advanced collaborations. This “Internet of Things” infrastructure will be strongly integrated with the environment, and its integration with the enterprise systems will not only further blur the line between business IT systems and the real world, but will change the way we design, deploy, and use services. New opportunities can emerge for businesses, which can now closely collaborate with the real world. The work presented here proposes an architecture for an effective integration of the Internet of Things in enterprise services

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Collaborative Web Data Record Extraction

Gengxin Miao, Firat Kart, L.E. Moser, P. M. Melliar-Smith — 3/05/2010 01:05

This paper describes a Web Service that automatically parses and extracts data records from Web pages containing structured data. The Web Service allows multiple users to share and manage a Web data record extraction task to increase its utility. A recommendation system, based on the Probabilistic Latency Semantic Indexing algorithm, enables a user to find potentially interesting content or other users who share the same interests with the user. A distributed computing platform improves the scalability of theWeb Service in supporting multiple users by employing multiple server computers. A Web Service interface allows users to access the Web Service, and allows programmers to develop their own applications and, thus, extend the functionality of the Web Service. Index Terms—collaborative information extraction, data mining, Web Service

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Adaptive Prefetching Scheme Using Web Log Mining in Cluster-based Web Systems

Heung Ki Lee, Baik Song An, Eun Jung Kim — 3/05/2010 01:06

The main memory management has been a critical issue to provide high performance in web cluster systems. To overcome the speed gap between processors and disks, many prefetch schemes have been proposed as memory management in web cluster systems. However, inefficient prefetch schemes can degrade the performance of the web cluster system. Dynamic access patterns due to the web cache mechanism in proxy servers increase mispredictions to waste the I/O bandwidth and available memory. Too aggressive prefetch schemes incur the shortage of available memory and performance degradation. Furthermore, modern web frameworks including persistent HTTP make the problem more challenging by reducing the available memory space with multiple connections from a client and web processes management in a prefork mode. Therefore, we attempt to design an adaptive web prefetch scheme by predicting memory status more accurately and dynamically. First, we design Double Prediction-by-Partial-Match Scheme (DPS) that can be adapted to the modern web framework. Second, we propose Adaptive Rate Controller (ARC) to determine the prefetch rate depending on the memory status dynamically. Finally, we suggest Memory Aware Request Distribution (MARD) that distributes requests based on the available web processes and memory. For evaluating the prefetch gain in a server node, we implement an Apache module in Linux. In addition, we build a simulator for verifying our scheme with cluster environments. Simulation results show 10% performance improvement on average in various workloads.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

RDF Data-Centric Storage

Justin J. Levandoski, Mohamed F. Mokbel — 8/05/2009 05:01

The vision of the Semantic Web has brought about new challenges at the intersection of web research and data management. One fundamental research issue at this intersection is the storage of the Resource Description Framework (RDF) data: the model at the core of the Semantic Web. We present a data-centric approach for storage of RDF in relational databases. The intuition behind our approach is that each RDF dataset requires a tailored table schema that achieves efficient query processing by (1) reducing the need for joins in the query plan and (2) keeping null storage below a given threshold. Using a basic structure derived from the RDF data, we propose a two-phase algorithm involving clustering and partitioning. The clustering phase aims to reduce the need for joins in a query. The partitioning phase aims to optimize storage of extra (i.e., null) data in the underlying relational database. Our approach does not assume a particular query workload, relevant for RDF knowledge bases with a large number of ad-hoc queries. Extensive experimental evidence using three publicly available real-world RDF data sets (i.e., DBLP, DBPedia, and Uniprot) shows that our schema creation technique provides superior query processing performance compared to state-of-the art storage approaches. Further, our approach is easily implemented, and complements existing RDF-specific databases

Static vs. Dynamic Validation of BSP Conformance

2/03/2010 01:00

WS-I’s Basic Security Profile (BSP) defines best practice guidelines for secure web services communications, enabling interoperability between vendors. However it is difficult for developers to know if their SOA solutions are in fact compliant to these guidelines. In this paper, we discuss methods to assess compliance against BSP. We have implemented runtime validation of SOAP messages to check for compliance against BSP, a method implied by the BSP definition itself. Additionally, we have implemented a novel approach to statically validate WS Security policies against BSP using Schematron. From our experiments dynamic validation for BSP compliance offers greater coverage but results in a significant overhead, while static validation is limited in its scope but extremely valuable since under reasonable assumptions it provides assurances about compliance prior to deployment. We conclude with a summation of ourresults and lessons for SOA practitioners.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

A Process Modeling-based Approach for Web Service Management

Yan Liu — 2/02/2010 01:56

Quality of individual services is substantial to guarantee high performance and availability of overall composite service oriented systems. This requires the process of diagnosing service quality degradation and responding to it in a timely and non-stopping manner. This paper presents a modeling-based approach to coordinate the process of Web service management, configuring parameters or invoking other tasks. This approach uses executable process models to represent diagnosis logic and orchestrate the replacement. The process models can interact with the system and accept administrators’ instruction at the process level. As a result, a service can be automatically replaced by the best available strategy without any downtime of the overall system. Our approach is implemented on an architecture of Enterprise Service Bus (ESB) that allows intercepting services and redirecting messages with little performance penalty. The experiment demonstrates the efficiency of this approach using a loan-brokering Web service on ESB.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Web Service Ranking Using Semantic Profile Information

Umesh Bellur, Harin Vadodaria — 2/02/2010 03:25

The promise of dynamic binding and the ability to dynamically and seamlessly move between service providers can only be realized through the path of semantic expressibility. Once we describe the semantics of a service in it’s advertisement, a semantic matchmaker can match a query with the set of advertisements that satisfy the query conditions. The state of the art today uses the IOPE (Inputs Outputs Preconditions and Effects) form of advertisements with languages such as OWL-S being used to represent the semantics. Inputs and outputs usually refer to concepts in an ontology. Many semantic matchmakers exist today and hey focus on matching the IOPE form of the advertisement to the query. This may result in many matches and they return a set of matched advertisements without rank ordering them. We believe it’s important to rank the returned set of services in order to choose the best service. In this paper we present such a ranking algorithm that uses the IOPE information present in the each of the services relative to the query. Our algorithm can complement other approaches that use the history of issued queries and data mining. We have evaluated the effectiveness of the ranking algorithm against a benchmark ranking that is done manually and shown that our ranking scheme is close to the best ranking scheme possible.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Design Quality Analytics of Traceability Enablement in Service-Oriented Solution Design Environment

Liang-Jie Zhang, Zhi-Hong Mao, Nianjun Zhou — 8/05/2009 05:05

This paper provides an artifact-pattern-matching framework and mathematical model to analyze the dynamic behaviors of the SOA solution design in modeldriven fashion and provide recommendations for optimal solution pattern enablement for solution artifacts. The artifact-pattern-matching system can be dynamically tuned based on the practitioners’ final selections of the recommendations. Specifically, we propose a set of Solution patterns to guide SOA solution architects through the process of consuming and configuring SOA artifacts for composing SOA solutions. The resulting multi-dimensional cascading flagging method is also presented in this paper. As an example, impact analysis patterns are used as solution patterns to support traceability enablement. We present some future directions of leveraging reinforcement learning algorithms to enrich the design quality analytics of SOA solution.

A Petri Net Siphon Based Solution to Protocol-level Service Composition Mismatches

Pengcheng Xiong, Mengchu Zhou, Calton Pu — 8/05/2009 05:05

Protocol-level mismatch is one of the most important problems in service composition. The commonly used reachability exploration method focuses on verifying deadlock-freeness. When this property is violated, the states and traces in the reachability graph only give clues to re-design the composition. The process must then repeat itself until no deadlock is found. In this paper, multiple web service interaction is modeled with a Petri net called Composition net (C-net). The protocol-level mismatch problem is transformed into the deadlock structure problem of a C-net. If mismatches are found, a solution based on Petri net siphons is proposed. The proposed method is shown to achieve higher efficiency for resolving protocol-level mismatching issues than traditional ones do.

Dynamic Collaborative Business Process Formulation via Ontologised Hierarchical Task Network (HTN) Planning

Ryan K.L. Ko, Stephen S.G. Lee, E.W. Lee, and Andre Jusuf — 3/05/2010 01:08

Increased trade and globalisation has created an increasing need for the dynamic formulation and integration of cross-enterprise collaborative business processes (cBP’s). However, current systems and methodologies, being static in nature, are unable to dynamically formulate cBP’s based on business goals and selection criteria. Much of this stems from the current inability to bridge high level strategic business goals to low-level operational tasks, and the inability to dynamically decompose compound business process tasks into primitive operational tasks for direct Web service execution. In this paper, we demonstrate how the concepts from hierarchical task network (HTN) planning are feasible fordynamically creating cBP task sequences ideal for direct Web service execution. We also establish the rationale behind modelling business-to-business (B2B) collaboration tasks as hierarchical Web ontologies. To demonstrate the achievability of dynamic cBP formulation, we developed the Genesis methodology, which consists of (1) Business-OWL (BOWL) - a B2B hierarchical task Web ontology, and (2) the Genesis algorithm – an extension of the hierarchical task network (HTN) planning algorithm to handle business criteria and control flows commonly found in business processes.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

Patterns for Enterprise Mashups in B2B Collaborations to Foster Lightweight Composition and End User Development

Till Janner, Robert Siebeck, Christoph Schroth, Volker Hoyer — 2/02/2010 01:50

The huge demand for situational and ad-hoc applications desired by the mass of business end users cannot be fully implemented by IT departments. New approaches that allow for End User Development (EUD) are needed to overcome this “long-tail” dilemma. More specifically, most existing approaches insufficiently support EUD for infrequent, situational, and ad-hoc B2B Collaborations. Enterprise Mashup-/ and Lightweight Composition approaches and tools are promising solutions to unleash the huge potential of integrating the mass of users into development. Within the current research project FAST, a Web based Mashup/ Gadget development tool is in development that allows for different options to realize B2B collaborations via Mashups. In this work, five patterns for the development of Enterprise Mashups are identified, characterized, and evaluated with focus on their adequacy for B2B collaborations

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

BlueInfo: Open Architecture for Deploying Web Services in WPAN Hotspots

Hannu Kukka, Fabio Kruger, Timo Ojala — 2/02/2010 02:06

We introduce BlueInfo, an open architecture for deploying web services in WPAN hotspots for cost-free context-aware mobile access over Bluetooth. A BlueInfo hotspot either pushes subscribed services at desired intervals to registered devices (BlueInfo Push) or alternatively the user invokes a particular service by sending a simple keyword query to the hotspot (BlueInfo Pull). The BlueInfo hotspot requests the service from the origin server in the Internet and relays the response to the mobile device, possibly after adaptation for mobile viewing. The usability of BlueInfo Pull in comparison to a mobile phone browser is demonstrated with an empirical user evaluation conducted in a laboratory setting.

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)

XDM-Compatible Service Repository for User-Centric Service Creation and Discovery

8/05/2009 05:10

The key objective of OPUCE system is to enable the participation of end-users in the management of their own services, by providing them with innovative tools which allow an easy creation and delivery of personalized communication and information services. This paper describes the OPUCE service and component repository, which extends the OMA OSPE service model storage approach XDM. By integrating an ebXML Registry using the native notification mechanisms of XDM, the search capability of the repository is dramatically improved. Moreover, this repository also exploits semantic Web technology to provide an intuitive visualized browser for convenient service exploring.

Risk Management Framework for Service-Oriented Architecture

R. William Maule, William C. Lewis — 8/05/2009 05:11

A current focus of military research and development is Service-Oriented Architecture (SOA) and processes to transition legacy systems into SOA. While there have been many excellent examples of cutting-edge SOA and web services implementations there remains a need for models, methodologies and specifications to help programmers integrate their work into selected SOA and to more easily access web services. Research proposed herein will aid both programmer and management understanding of selected SOA through an application that provides baselines, reference specifications, and integration methodology to assist developers seeking to utilize SOA components or interface with SOA services. There is an additional need in the Department of Navy to consider issues in a distributed SOA where either the SOA, and/or a component of the SOA, and/or dependent web services, must be re-synchronized after significant communication outages. Research herein will establish baselines, models and a prototype application to help define, categorize, normalize, and weight risks in the development of distributed SOA including methodology to manage risk

An Approach to Non-functional Property Evaluation of Web Services

Pei Li, Marco Comerio, Andrea Maurino, Flavio De Paoli — 8/05/2009 05:12

Web service evaluation is a phase of the Web service selectionv in which discovered Web services are evaluated with respect to user request, which means that the non functional properties (NFPs) offered by Web services are compared with the non functional properties requested by users. The fact that users and providers can express their NFPs in very flexible ways makes the management of NFPs a very complex task. In this paper we propose a computing-oriented description of NFPs and a novel approach to NFP-based service evaluation based on Hierarchical Constraint Logic Programming. This proposal extends our previous work onPolicy Centered Meta-model

Mutation Test Based on OWL-S Requirement Model

Xiaojuan Wang, Ning Huang, Rui Wang — 8/05/2009 05:13

When web services play more important roles in software development, the corresponding software dedicated for web services testing has attracted more attention. This paper proposes a new mutation testing method based on the requirement model presented by OWL-S, which not only improves the test efficiency, but also makes the test work undergoing automatically. How to define the mutant operators, generate mutants and test cases automatically according to the requirement model are discussed in detail by the author.

Modeling and Analysis of Flexible Transaction for Web Services

Min Yuan, Zhiqiu Huang, Fangxiong Xiao — 8/05/2009 05:14

A variety of extended transaction models have been proposed in distributed database community, and the development of such models has drawn more attentions since they are not adequate for long-running Web services. From a formal method perspective, a Flexible transaction model for Web services based on MPi-calculus is proposed in this work. MPi-calculus, without introducing any new operators, creates the dynamic association between the changes of transaction scope and their interactive actions in the original Pi-calculus. According to the flexible transaction dependency, a new weak transactional open bisimulation relationship is presented to characterize the transactional equivalence. All of the results can serve as the theoretical foundation to model flexible and powerful mechanisms for implementing long-runningtransactions.

Formal Analysis for Multimedia Conferencing Communication Services Orchestration

Bo Cheng, Xiangtao Lin, Xiaoxiao Hu, Junliang Chen — 8/05/2009 05:15

Service-oriented communication (SOC) is a new trend in the industry to enable communication through a service-oriented architecture (SOA) and thereby encapsulate communication capabilities as services. In this paper, we design the session initiation protocol (SIP) based multimedia conferencing communication services model, And mainly focus on formal analysis for BPEL based multimedia conferencing communication services orchestration and to guarantee the process correctness for such applications, and also providing an automated support for the formal analysis model of their behavior. Finally, we give the conclusions.

Change Detection and Correction Facilitation for Web Applications and Services

Alfredo Alba, Varun Bhagwan, Tyrone Grandison, Daniel Gruhl, Jan Pieper — 8/05/2009 05:15

There are a large number of websites serving valuable content that can be used by higher-level applications, Web Services, Mashups, etc. Yet, due to various reasons (lack of computing resources, financial constraints etc.) they are unable to provide Web Service APIs to access their data. In their desire to incorporate the latest and greatest technologies, as well as to adapt layouts that are more preferred by users, websites undergo changes over time. These changes can range from minor, e.g. function name changes, to major, e.g., shifting the web platform to AJAX technologies. This paper addresses the problem of detecting layout changes for websites which are unable to provide any Web Service to access their content, yet do not mind others harvesting said content.

Deactivation of Unwelcomed Deep Web Extraction Services through Random Injection

Varun Bhagwan, Tyrone Grandison — 8/05/2009 05:16

Websites serve content both through Web Services as well as through user-viewable webpages. While the consumers of web-services are typically ‘machines’, webpages are meant for human users. It is highly desirable (for reasons of security, revenue, ownership, availability etc.) for service providers that content that will undergo further processing be fetched in a prescribed fashion, preferably through a supplied Web Services. In fact, monetization of partnerships within a services ecosystem normally means that website data translate into valuable revenue.Unfortunately, it is quite commonplace for arbitrary developers to extract or leverage information fromwebsites without asking for permission and or negotiating a revenue sharing agreement. This may translate to significant lost income for content providers. Even in cases where website owners are happy to share the data, they may want users to adopt dedicated Web Service APIs (and associated API-servers) rather than putting a load on their revenue-generating websites. In this paper, we introduce a mechanism that disables automated web scraping agents, thus forcing clients to conform to the provided Web Services.

Web Services SIP based Open Multimedia Conferencing on Internet

Bo Cheng, Xiaoxiao Hu, Xiangtao Lin, Yang Zhang, Junliang Chen — 8/05/2009 05:17

In this paper, we introduce the session initiation protocol (SIP) based multimedia conferencing on Internet, and mainly focus on the design and implementation for conferencing communication services model, such as SIP connection, session management, media control conferencing management, also we provide a prototype. Finally, we give the conclusions.

A Framework for Building Reliable Distributed Bioinformatics Service Repositories

Francois Moreews — 8/05/2009 05:18

The reliability is a major factor that limits the success of promising service oriented architecture in bioinformatics. To evaluate services reliability and availability and create indicators of quality of service, we have defined an XML format designed to exchange service status reports. We demonstrate the interest of sharing status reports between service consumers and producers by providing two example applications, a workflow management system plugin and a web report generator. Furthermore, we describe the framework that we use to distribute quality of service management features, QBIOS. QBIOS enables service test case creation, scheduled execution and monitoring. We illustrate the use of our open test strategy at the level of a group of scientific partners sharing bioinformatics services.

A Governance Model for SOA

Pierre de Leusse, Theo Dimitrakos, David Brossard — 8/05/2009 05:19

Currently, business requirements for rapid operational efficiency, customer responsiveness as well as rapid adaptability are driving the need for ever increasing communication and integration capabilities of the software assets. Service Oriented Architecture (SOA) is generally acknowledged as being a potential solution to expose finely grained pieces of software components on a network that are reusable and composable. Provisioning of business services for different business purposes may require the rapid assembly of their core functionality with different infrastructure capabilities and policies in different contexts. In this paper, the authors propose a SOA based governance model that permits to handle non functional requirements in a dynamic way.

Out of the Confusion of Tongues: A Unified Database Programming Paradigm

Rui Liu, Weihong Wang — 8/05/2009 05:20

Data-intensive applications are calling for (1) significant performance improvement in data processing, and (2) lowered entries for domain expertise to create higher value. Pursuing a database approach to the challenges, the paper presents an automated database extension mechanism, which allows one to seamlessly program application level workflows, and computations to be pushed down to (heterogeneous) database systems, in one programming language. We thus greatly ease the job of implementing scalable data intensive computations, with multiple databases as the computation platform.

A Semantic Repository for Geological Modeling Workflows

Nabil Belaid, Yamine Ait-Ameur, Jean-Franc¸ois Rainaud — 8/05/2009 05:21

Nowadays, many engineering studies are conducted to securely exploit depleted Oil Fields for CO2 Storage. These studies follow complex workflows of data processing services described by geologists. If no explicit semantics is applied to describe these workflows, it is not possible to share them between geologists by reusing existing ones or for composing new ones. The focus of our work is to make the semantics explicit in order to facilitate the geologists daily work. In this article, we first explain how geologists operate today. Then, we enrich such workflows with semantic indexes through ontology based characterizations.

Generic Web Services - Extensible Functionality with Stable Interface

Vadym Borovskiy, Sebastian Enderlein, and Alexander Zeier — 8/05/2009 05:21

Extending the functionality of Web services without invalidating the code of existing clients has been a challenging task. This paper proposes a new interface design technique called ”Generic Web Services” that preserves a service’s backwards compatibility while enriching its functionality. This is accomplished by applying interface relaxation technique - shifting the semantics of a service’s API from design time to runtime by using identity parameters. The paper gives an example illustrating the idea on a Web service from SAP Enterprise Services Workplace.

GroupSpeak: High-level Language Extension for Workflow Capability

8/05/2009 05:24

Currently, workflow systems are either XML based or component based. Both paradigms have usability deficiencies. XML is not designed for procedural programming. Legacy code is difficult to adapt to component based systems. We propose a new paradigm by adding workflow keywords to an existing high-level language. This approach, called GroupSpeak, uses a procedural style of programming and allows for easy introduction of workflow patterns to legacy code. The programmer can leverage their existing knowledge of the high-level language to easily add workflow capabilities to their applications.

Enabling Scaleable, Efficient, Non-Visual Web Browsing Services

Ashish Verma, Tyrone Grandison, Himanshu Chauhan — 8/05/2009 05:24

Over the last few decades, the discipline of Web Accessibility has been focused on building more efficient and more effective speech generators for Web Browsers. The visual browser interface is central to the current paradigm. However, in many cases, visual interaction is not required or desired, e.g. it is not relevant for blind people. More generally, when the input and output points are WAV files, SMS messages or natural queries, it becomes very clear that going through the visual user interface is overkill. In this paper we introduce a solution to this problem - a scalable, efficient, non-visual web browser that works with a Web whose central assumption is that visual interaction is an integral part of the user experience.

The Fourth Party Service Platform and Service Charging

Xuhui He, Xiaolin Zheng, Deren Chen, Jianyue Wang — 8/05/2009 05:25

To solve the difficulties of the service operators on how to manage services and achieve a continuable operation goal, we propose and develop the 4th party service platform. We also develop a rule-based customizable charge service management component for the platform. The website www.foode.cn is the demonstration. The charging service is used to charge for the 3rd services such as search services, electronic authentication services, online communication services, online payment services and so on. The results show that the 4th party service platform can greatly shorten the construction time of a business application, reduce construction and operating costs, and enable service providers to share in the financial rewards properly.

MWS-MCS: A Novel Multi-agent-assisted and WS-Management-based Composite Service Management Scheme

ZhiHui Lu, JiaJun Wang, Yu Wu, Jie Wu, YiPing Zhong — 8/05/2009 05:26

From the analysis of some hard drawbacks faced with system service and composite service management today, a novel Multi-agent-assisted and WS-Management-based Composite Service Management Scheme: MWS-MCS is introduced in this paper. Firstly we propose model architecture of this scheme. The prototype system had proved the feasibility of this design scheme. At last, we conclude this paper and analyze the prospective research challenges.

Business-Driven Management and Governance of Service-Oriented Systems

Claudio Bartolini,Patrick C.K. Hung — 12/08/2009 21:55

Management (monitoring and control) of service-oriented systems is needed to ensure their regular operation, attain guaranteed quality of service (QoS), and accommodate changes. Monitoring measures technical QoS (e.g., response time, availability) and/or business value metrics (e.g., profit, return on investment, customer satisfaction). Control ensures (reactively and/or proactively) that there are no faults and that the measured quantities are within desired boundaries. IT (information technology) governance is a set of organization’s policies, plans, and processes that direct how its IT resources are used over a longer time. To be successful, management and governance issues should be considered not only during deployment and run-time, but also during design-time software engineering activities. We present how service-oriented software systems can be made more successful from the business viewpoint by using governance and management that maximizes business value metrics. The tutorial first clarifies importance of these topics and why the widely used basic Web service technologies are not enough. Then, it explains theoretical principles for specification, monitoring, and control of QoS and business value metrics. It also provides a critical analysis of several important research achievements and industrial products in this area. Then, we present an introduction to business-driven IT management (BDIM) and possible approaches to extend management solutions maximizing QoS into solutions maximizing business value metrics. Furthermore, we overview the major IT governance frameworks and discuss their relevance for value-based software engineering of service-oriented systems. At the end, a number of open topics and resources for further study are identified.

Technical challenges and Business Implications

Geng Lin — 8/27/2009 05:02

In 2008, the business concept of cloud computing was recognized as a true market transformation in the IT industry. The three-tier cloud model-infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS)-is becoming widely accepted as the common taxonomy across the industry for cloud services. In 2009, the focus is now on how to solve critical technology and business issues in order to build and deliver cloud services. In other words, the discussion around clouds has shifted from "what and why" to "how and when."

In this panel session, we invite industry technology experts and business leaders to discuss the latest technology advances and business challenges in cloud computing. The audience will have a first-hand opportunity to discuss with technology experts and business leaders on issues such as cloud middleware architecture, multi-tenant cloud service architecture, cloud-enabling network architecture, private-public cloud integration, Intercloud service interoperability, and cloud standards. The panel will also examine cloud-related business implications stemming from the fundamental technological paradigm shifts such as the cloud-centric programming model vs. the client-server programming model, network intelligence in delivering cloud services vs. network as layer-3 connectivity, Internet-scale data mining and processing vs. enterprise scale data mining and processing, just to name a few.

The audience of this panel is targeted at advanced researchers and practitioners in cloud computing.

Service-Oriented Model-Driven Solution Architecture Design, Rationalization, Integration and Practices

Tony Shan — 8/28/2009 02:54

This tutorial is aimed at presenting a high-level overview of the underlying complexity at different levels of architecture models in an IT solution, and offering a pragmatic set of approaches to holistically manage the architecture design concerns and considerations in a systematic fashion. A wide variety of important aspects in SOA solution development are addressed with regard to the architecture design, rationalization, integration and practices (DRIP) from a practitioner’s perspective. Firstly, dozens of architecture methods and frameworks are reviewed and assessed, to illustrate the state of the art of the landscape and the trend of unification. Secondly, a multidisciplinary view of the design tenets, idioms, principles and styles (TIPS) in the IT architecting practices are investigated, focusing on the fundamental doctrines in SOA development. Thirdly, a comprehensive method is presented, which comprises four dimensions of architecting activities: Requirement Analysis, Specification, Validation, and Planning (RSVP). The progressive process is broken down to 11 interrelated models: Meta-Architecture, Contextual Architecture, Conceptual Architecture, Logical Architecture, Physical Architecture, Deployment Architecture, Management Architecture, Security Architecture, Information Architecture, Aspect Architecture, and Component Architecture. Fourthly, a 2-D matrix is defined as a blueprint to denote a step-by-step procedure to produce and manage the architectural artifacts and deliverables in the lifecycle of systems architecture analysis, design, development and governance. Fifthly, a SOA transformation strategization and operationalization approach, named SORT, is presented, to demonstrate a model-driven architecture reengineering case study in a large organization. Lastly, the standards and specifications related to SOA are examined in-depth in the format of a stack composed of layers and pillars. The characteristics and features of the constituent elements in this overarching framework are drilled down in great detail. Real-life project experience, practical examples, patterns, best practices, practitioner guide, gaps, challenges, recommendations and future trends are also discussed in the context. The synergy of SOA and emerging technologies, such as Cloud Computing, is also articulated. The framework helps build high-quality service-oriented solutions tailored for different domains, and in the meantime keeps the agility, flexibility and adaptiveness of the overall method.

Cloud Computing: Architecture, Business Value, and Innovation Opportunities

Liang-Jie Zhang — 3/02/2010 20:54

>>> View Video(Flash Player 9 please. Version 10 may not work as expected)