Approaches to Functional, Structural and Security SOA Testing

In this chapter, we provide an overview of recently proposed approaches and tools for functional and structural testing of SOA services. Typically, these two classes of approaches have been considered separately. However, since they focus on different perspectives, they are generally non-conflicting and could be used in a complementary way. Accordingly, we make an attempt at such a combination, briefly showing the approach and some preliminary results of the experimentation. The combined approach provides encouraging results from the point of view of the achievements and the degree of automation obtained. A very important concern in designing and developing web services is security. In the chapter we also discuss the security testing challenges and the currently proposed solutions.

Achieving Dependable Composite Services through Two-Level Redundancy

Service composition is a widely accepted method to build service-oriented applications. However, due to the uncertainty of infrastructure environments, service performance and user requests, service composition faces a great challenge to guarantee the dependability of the corresponding composite services. In this chapter, we provide an insightful analysis of the dependability issue of composite services. And we present a solution based on two-level redundancy: component service redundancy and structural redundancy. With component service redundancy, we study how to determine the number of backup services and how to guarantee consistent dependability of a composite service. In addition, structural redundancy aims at further improving dependability at business process level through setting up backup execution paths.

Performability Evaluation of Web-Based Services

The joint evaluation of performance and dependability in a unique approach leads to the notion of performability which usually combines different analytical modeling formalisms (Markov chains, queueing models, etc.) for assessing systems behaviors in the presence of faults. This chapter presents a systematic modeling approach allowing designers of web-based services to evaluate the performability of the service provided to the users. We have developed a multi-level modeling framework for analyzing the user perceived performability. Multiple sources of service unavailability are taken into account, particularly i) hardware and software failures affecting the servers, and ii) performance degradation due to e.g. overload of servers and probability of loss. The main concepts and the feasibility of the proposed framework are illustrated using a web-based travel agency. Various analytical models and sensitivity studies are presented considering different assumptions with respect to users profiles, architecture, faults, recovery strategies, and traffic characteristics.

Dependability Modeling

This chapter presents modeling method and evaluation techniques for computing dependability metrics of systems. The chapter begins providing a summary of seminal works. After presenting the background, the most prominent model types are presented, and the respective methods for computing exact values and bounds. This chapter focuses particularly on non-state space models although state space models such as Markov models and hierarchical models are also presented. Case studies are then presented in the end of the chapter.

Service Level Agreement (SLA) in Utility Computing Systems

In recent years, extensive research has been conducted in the area of Service Level Agreement (SLA) for utility computing systems. An SLA is a formal contract used to guarantee that consumers’ service quality expectation can be achieved. In utility computing systems, the level of customer satisfaction is crucial, making SLAs significantly important in these environments. Fundamental issue is the management of SLAs, including SLA autonomy management or trade off among multiple Quality of Service (QoS) parameters. Many SLA languages and frameworks have been developed as solutions; however, there is no overall classification for these extensive works. Therefore, the aim of this chapter is to present a comprehensive survey of how SLAs are created, managed and used in utility computing environment. We discuss existing use cases from Grid and Cloud computing systems to identify the level of SLA realization in state-of-art systems and emerging challenges for future research.

Engineering Secure Web Services

Web services are key components in the implementation of Service Oriented Architectures (SOA), which must satisfy proper security requirements in order to be able to support critical business processes. Research works show that a large number of web services are deployed with significant security flaws, ranging from code vulnerabilities to the incorrect use of security standards and protocols. This chapter discusses state of the art techniques and tools for the deployment of secure web services, including standards and protocols for the deployment of secure services, and security assessment approaches. The chapter also discusses how relevant security aspects can be correlated into practical engineering approaches.

Dependability and Security on Wireless Self-Organized Networks

Wireless communication technologies have been improved every day, increasing the dependence of people on distributed systems. Such dependence increases the necessity of guaranteeing dependable and secure services, particularly, for applications related to commercial, financial and medial domains. However, on wireless self-organized network context, providing simultaneously reliability and security is a demanding task due to the network characteristics. This chapter provides an overview of survivability concepts, reviews security threats in wireless self-organized networks (WSONs) and describes existing solutions for survivable service computing on wireless network context. Finally, this chapter presents conclusions and future directions.

A Tool Chain for Constructing QoS-aware Web Services

Web services play a dominant role in service computing and for realizing service-oriented architectures (SOA), which define the architectural foundation for various kinds of distributed applications. In many business domains, Web services must exhibit quality attributes such as robustness, security, dependability, performance, scalability and accounting. As a consequence, there is a high demand to develop, deploy and consume Web services equipped with well-defined quality of service (QoS) attributes – so-called QoS-aware Web services. Currently, there is only limited development support for the creation of QoS-aware Web services, though. In this work we present a tool chain that facilitates development, deployment and testing of QoS-aware Web services. The tool chain has following features: i) integration of standard components such as widely used IDEs, ii) usage of standards and specifications, and iii) support for various application servers and Web services infrastructures.

High-Quality Business Processes Based on Multi-Dimensional QoS

An important area of services research gathering momentum is the ability to take a generic business process and instantiate it by selecting services that meet both the functional and non-functional requirements of the process owner. These non-functional or quality-of-service (QoS) requirements may describe essential performance and dependability requirements and apply across different logical layers of the application, from business-related details to system infrastructure; i.e., they are cross-cutting and considered multidimensional. Configuring an abstract business process with the “best” services to meet the process owner’s multidimensional end-to-end QoS requirements is a challenging task as there may be many services that match to the functional requirements but provide differentiated QoS characteristics. In this chapter we explore an approach to discover services, differentiated by their QoS attributes, to configure an abstract business process by selecting an optimal configuration of the “best” QoS combinations. The approach considered takes into account the optimal choice of multi-dimensional QoS variables. We present and compare two solutions based on heuristic algorithms to illustrate how this approach would work practically.

Trends and Research Issues in SOA Validation

Service Oriented Architecture (SOA) is changing the way in which software applications are designed, deployed and maintained. A service-oriented application consists of the runtime composition of autonomous services that are typically owned and controlled by different organizations. This decentralization impacts on the dependability of applications that consist of dynamic services agglomerates, and challenges their validation. Different techniques can be used or combined for the verification of dependability aspects, spanning over traditional off-line testing approaches, monitoring, and on-line testing. In this chapter we discuss issues and opportunities of SOA validation, we identify three different stages for validation along the service life-cycle model, and we overview some proposed research approaches and tools. The emphasis is on on-line testing, which to us is the most peculiar stage in the SOA validation process. Finally, we claim that on-line testing is only possible within an agreed governance framework.