Selective Service Provenance in the VRESCo Runtime

In general, provenance describes the origin and well-documented history of a given object. This notion has been applied in information systems, mainly to provide data provenance of scientific workflows. Similar to this, provenance in Service-oriented Computing has also focused on data provenance. However, the authors argue that in service-centric systems the origin and history of services is equally important. This paper presents an approach that addresses service provenance. The authors show how service provenance information can be collected and retrieved, and how security mechanisms guarantee integrity and access to this information, while also providing user-specific views on provenance. Finally, the paper gives a performance evaluation of the authors’ approach, which has been integrated into the VRESCo Web service runtime environment.

DiALog

Service-oriented systems facilitate business workflows to span multiple organizations (e.g., by means of Web services). As a side effect, data may be more easily transferred over organizational boundaries. Thus, privacy issues arise. At the same time, there are personal, business and legal requirements for protecting privacy and IPR and allowing customers to request information about how and by whom their data was handled. Managing these requirements constitutes an unsolved technical and organizational problem. The authors propose to solve the information request problem by attaching meta-knowledge about how data was handled to the data itself. The authors present their solution, in form of an architecture, a formalization and an implemented prototype for logging and collecting logs in service-oriented and cross-organizational systems.

Enhancing Security Modeling for Web Services Using Delegation and Pass-On

In recent years, security issues in web service environments have been widely studied and various security standards and models have been proposed. However, most of these standards and models focus on individual web services and do not consider the security issues in composite services. In this article, the authors propose an enhanced security model to control the information flow in service chains. It extends the basic web service security models by introducing the concepts of delegation and pass-on. Based on these concepts, new certificates, certificate chains, delegation and pass-on policies, and how they are used to control the information flow are discussed. The authors also introduce a case study from a healthcare information system to illustrate the protocols.

The MACE Approach for Caching Mashups

In recent years, Web 2.0 applications have experienced tremendous growth in popularity. Mashups are a key category of Web 2.0 applications, which empower end-users with a highly personalized mechanism to aggregate and manipulate data from multiple sources distributed across the Web. Surprisingly, there are few studies on the performance and scalability aspects of mashups. In this paper, the authors study caching-based approaches to improve efficiency and scalability of mashups platforms. This paper presents MACE, a caching framework specifically designed for mashups. MACE embodies three major technical contributions. First, the authors propose a mashup structure-aware indexing scheme that is used for locating cached data efficiently. Second, taxonomy awareness into the system is built and provides support for range queries to further improve caching effectiveness. Third, the authors design a dynamic cache placement technique that takes into consideration the benefits and costs of caching at various points within mashups workflows. This paper presents a set of experiments studying the effectiveness of the proposed mechanisms.

Flexible Probabilistic QoS Management of Orchestrations

In this paper, the authors develop a comprehensive framework for QoS management based on soft probabilistic contracts. The authors approach also encompasses general QoS parameters, with “response time” as a particular case. In addition, the authors support composite QoS parameters, for example, combining timing aspects with “quality of data” or security level. They also study contract composition (how to derive QoS contracts for an orchestration from the QoS contracts with its called services), and contract monitoring.

A Federated Approach to Information Management in Grids

We propose a novel approach to managing information in grids. The proposed approach is an add-on information system that provides unification and federation of grid information services. The system interacts with local information services and assembles their metadata instances under one hybrid architecture to provide a common query/publish interface to different kinds of metadata. The system also supports interoperability of major grid information services by providing federated information management. We present the semantics and architectural design for this system. We introduce a prototype implementation and present its evaluation. As the results indicate, the proposed system achieves unification and federation of custom implementations of grid information services with negligible processing overheads.

Service Flavors

In a services marketplace where a particular service is provided by multiple service providers, service offerings have to be differentiated against competitor services in order to gain market share. Differentiation of services is also needed for different markets and for different consumer segments. Strategies to differentiate service offerings have to be unintrusive—without requiring major changes to the existing service realization mechanisms. In this article, the authors present Service Flavors, a strategy for service providers to differentiate services. By using this strategy, it is possible to analyze and adapt various aspects of a service that help differentiate it from that of the competitors. The authors model differentiating aspects as policies and also provide a mechanism for enforcing these policies in the middleware.

Web Services Compositions Modelling and Choreographies Analysis

In Rouached et al. (2006) and Rouached and Godart (2007) the authors described the semantics of WSBPEL by way of mapping each of the WSBPEL (Arkin et al., 2004) constructs to the EC algebra and building a model of the process behaviour. With these mapping rules, the authors describe a modelling approach of a process defined for a single Web service composition. However, this modelling is limited to a local view and can only be used to model the behaviour of a single process. The authors further the semantic mapping to include Web service composition interactions through modelling Web service conversations and their choreography. This paper elaborates the models to support a view of interacting Web service compositions extending the mapping from WSBPEL to EC, and including Web service interfaces (WSDL) for use in modelling between services. The verification and validation techniques are also exposed while automated induction-based theorem prover is used as verification back-end.

Protocol-Level Service Composition Mismatches

Protocol-level mismatch is one of the most important problems in service composition. The state-of-the-art method to deal with protocol mismatch is to generate adaptors to check deadlock-freeness based on a reachability graph. When this property is violated, the generation process will repeat itself until no deadlock state is found; however, the main drawback of this method is that it does not take into account the future deadlock state and requires many interactions with a developer. In this regard, it suffers from low efficiency. In this paper, the authors model multiple web service interaction with a Petri net called Composition net (C-net). The protocol-level mismatch problem is transformed into the empty siphon problem of a C-net. The authors take future deadlock states into consideration through this model, while finding the optimal solution that involves fewest interactions with a developer. The proposed method is proved to achieve higher efficiency for resolving protocol-level mismatch issues than traditional ones.

Optimal Fault Tolerance Strategy Selection for Web Services

Service-oriented systems are usually composed by heterogeneous Web services, which are distributed across the Internet and provided by organizations. Building highly reliable service-oriented systems is a challenge due to the highly dynamic nature of Web services. In this paper, the authors apply software fault tolerance techniques for Web services, where the component failures are handled by fault tolerance strategies. In this paper, a distributed fault tolerance strategy evaluation and selection framework is proposed based on versatile fault tolerance techniques. The authors provide a systematic comparison of various fault tolerance strategies by theoretical formulas, as well as real-world experiments. This paper also presents the optimal fault tolerance strategy selection algorithm, which employs both the QoS performance of Web services and the requirements of service users for selecting optimal fault tolerance strategy. A prototype is implemented and real-world experiments are conducted to illustrate the advantages of the evaluation framework. In these experiments, users from six different locations perform evaluation of Web services distributed in six countries, where over 1,000,000 test cases are executed in a collaborative manner to demonstrate the effectiveness of this approach.