Current data sharing and integration among various organizations require a central and trusted authority to first collect data from all data sources and then integrate the collected data. This process tends to complicate the update of data and to compromise data sources' privacy. In this paper, a repository for integrating data from various data sharing services without central authorities is presented. The major differences between our repository and existing central authorities are: 1) Our repository collects data from data sharing services based on users' integration requirements rather than all the data from the data sharing services as existing central authorities. 2) While existing central authorities have full control of the collected data, the capability of our repository is restricted to computing the integration results required by users and cannot get other information about the data or use it for other purposes. 3) The data collected by our repository cannot be used to generate other results except that of the specified data integration request, and hence the compromise of our repository can only reveal the results of the specified data integration request, while the compromise of central authorities will reveal all data.
The paper presents the concept of an Adaptive SOA Solution Stack (AS3). It is an extension of the S3 model, implemented via uniform application of the AS3 element pattern across different layers of the model. The pattern consists of components constituting an adaptation loop. The functionality of each component is specified in a generic way. Aspects of these patterns are analyzed in relation to individual S3 layers. The ability to achieve multilayer adaptation, provided by several cooperating AS3 elements is also discussed. Practical usage of the proposed concepts for Adaptive Operational Systems, Integration and Service Component layers are presented in the form of three case studies. Each study describes the architecture of the proposed system extensions, selected software technologies, implementation details and sample applications. Related work is discussed in order to provide a background for the reported research. The paper ends with conclusions and an outline of future work.
The effective use of services to compose business processes in services computing demands that the Quality of Services (QoS) meet consumers' expectations. Automated web-based negotiation of Service Level Agreements (SLA) can help define the QoS requirements of critical service-based processes. We propose a novel trusted Negotiation Broker (NB) framework that performs adaptive and intelligent bilateral bargaining of SLAs between a service provider and a service consumer based on each party's high-level business requirements. We define mathematical models to map business-level requirements to low-level parameters of the decision function, which obscures the complexity of the system from the parties. We also define an algorithm for adapting the decision functions during an ongoing negotiation to comply with an opponent's offers or with updated consumer preferences. The NB uses intelligent agents to conduct the negotiation locally by selecting the most appropriate time-based decision functions. The negotiation outcomes are validated by extensive experimental study for Exponential, Polynomial, and Sigmoid time-based decision functions using simulations on our prototype framework. Results are compared in terms of a total utility value of the negotiating parties to demonstrate the efficiency of our proposed approach.
The adoption of XACML as the standard for specifying access control policies for various applications, especially web services is vastly increasing. This calls for high performance XACML policy evaluation engines. A policy evaluation engine can easily become a bottleneck when enforcing XACML policies with a large number of rules. In this paper we propose an adaptive approach for XACML policy optimization. We apply a clustering technique to policy sets based on the K-means algorithm. In addition to clustering we find that, since a policy set has a variable number of policies and a policy has a variable number of rules, their ordering is important for efficient execution. By clustering policy sets and reordering policies and rules in a policy set and policies respectively, we formulated and solved the optimal policy execution problem. The proposed clustering technique categorizes policies and rules within a policy set and policy respectively in respect to target subjects. When a request is received, it is redirected to applicable policies and rules that correspond to its subjects; hence, avoiding unnecessary evaluations from occurring. We also propose a usage based framework that computes access request statistics to dynamically optimize the ordering access control to policies within a policy set and rules within a policy. Reordering is applied to categorized policies and rules from our proposed clustering technique. To evaluate the performance of our framework, we conducted extensive experiments on XACML policies. We evaluated separately the improvement due to categorization and to reordering techniques, in order to assess the policy sets targeted by our techniques. The experimental results show that our approach is orders of magnitude more efficient than standard Sun PDP.
In this paper, we develop a novel algorithm that allows service consumers to execute business processes (or workflows) of interdependent services in a dependable manner within tight time-constraints. In particular, we consider large interorganizational service-oriented systems, where services are offered by external organizations that demand financial remuneration and where their use has to be negotiated in advance using explicit service-level agreements (as is common in Grids and cloud computing). Here, different providers often offer the same type of service at varying levels of quality and price. Furthermore, some providers may be less trustworthy than others, possibly failing to meet their agreements. To control this unreliability and ensure end-to-end dependability while maximizing the profit obtained from completing a business process, our algorithm automatically selects the most suitable providers. Moreover, unlike existing work, it reasons about the dependability properties of a workflow, and it controls these by using service redundancy for critical tasks and by planning for contingencies. Finally, our algorithm reserves services for only parts of its workflow at any time, in order to retain flexibility when failures occur. We show empirically that our algorithm consistently outperforms existing approaches, achieving up to a 35-fold increase in profit and successfully completing most workflows, even when the majority of providers fail.
Agent-based Cloud computing is concerned with the design and development of software agents for bolstering Cloud service discovery, service negotiation and service composition. The significance of this work is introducing an agent-based paradigm for constructing software tools and testbeds for Cloud resource management. Novel contributions of this work include: 1) developing Cloudle: an agent-based search engine for Cloud service discovery, 2) showing that agent-based negotiation mechanisms can be effectively adopted for bolstering Cloud service negotiation and Cloud commerce, and 3) showing that agent-based cooperative problem-solving techniques can be effectively adopted for automating Cloud service composition. Cloudle consists of a service discovery agent that consults a Cloud ontology for determining the similarities between providers' service specifications and consumers' service requirements. To support Cloud commerce, this work devised a complex Cloud negotiation mechanism that supports parallel negotiation activities in interrelated markets. Empirical results show that using such mechanism, agents achieved high utilities and high success rates in negotiating for Cloud resources. To automate Cloud service composition, agents adopt the contract net protocol (CNP) and use acquaintance networks (AN). Empirical results show that using CNP and AN, agents can successfully compose Cloud services by autonomously selecting services.
Reputation-based trust systems provide important capability in open and service-oriented computing environments. Most existing trust models fail to assess the variance of a reputation prediction. Moreover, the summation method, widely used for reputation feedback aggregation, is vulnerable to malicious feedbacks. This paper presents a general trust model, called RLM, for a more comprehensive and robust reputation evaluation. Concretely, we define a comprehensive reputation evaluation method based on two attributes: reputation value and reputation prediction variance. The reputation predication variance serves as a quality measure of the reputation value computed based on aggregation of feedbacks. For feedback aggregation, we propose the novel Kalman aggregation method, which can inherently support robust trust evaluation. To defend against malicious and coordinated feedbacks, we design the Expectation Maximization algorithm to autonomously mitigate the influence of a malicious feedback, and further apply the hypothesis test method to resist malicious feedbacks precisely. Through theoretical analysis, we demonstrate the robustness of the RLM design against adulating and defaming attacks, two popular types of feedback attacks. Our experiments show that the RLM model can effectively capture the reputation's evolution and outperform the popular summation-based trust models in terms of both accuracy and attack resilience. Concretely, under the attack of collusive malicious feedbacks, RLM offers higher robustness for the reputation prediction and a lower false positive rate for the malicious feedback detection.
In most existing trust evaluation studies, a single value is computed based on the ratings given to a service provider to indicate the current trust level. This is useful but may not represent the trust features well under certain circumstances. Alternatively, a complete set of trust ratings can be transferred to a service client for local trust calculation. But this obviously creates a big overhead in communication as the data set usually has a large size covering a long service history. In this paper, we present a novel two-dimensional aggregation approach consisting of both vertical and horizontal aggregations of trust ratings. The vertical aggregation calculates the aggregated rating representing the trust level for the services delivered in a small time period. The horizontal aggregation applies our proposed optimal algorithm to determine the minimal number of time intervals, within each of which a trust vector with three values can be calculated to represent all the ratings in that time interval and retain the trust features well. Hence, a small set of trust vectors can represent a large set of trust ratings. This is significant for large-scale trust rating transmission and trust evaluation. Experiments have been conducted to illustrate the properties of our proposed approach.
In Service Oriented Architecture, each application is often designed as a set of abstract services, which defines its functions. A concrete service(s) is selected at runtime for each abstract service to fulfill its function. Since different concrete services may operate at different Quality of Service (QoS) measures, application developers are required to select an appropriate set of concrete services that satisfies a given Service Level Agreement (SLA) when a number of concrete services are available for each abstract service. This problem, the QoS-aware service composition problem, is known NP-hard, which takes a significant amount of time and costs to find optimal solutions (optimal combinations of concrete services) from a huge number of possible solutions. This paper proposes an optimization framework, called $E^3$, to address the issue. By leveraging a multiobjective genetic algorithm, $E^3$ heuristically solves the QoS-aware service composition problem in a reasonably short time. The algorithm $E^3$ proposes can consider multiple SLAs simultaneously and produce a set of Pareto solutions, which have the equivalent quality to satisfy multiple SLAs.
Services are perishable and are simultaneously produced and consumed. A reservation is a traditional and effective means for coordinating service demand and supply. In recent years, computerized reservation systems have been used widely by many service vendors such as airline companies and hotels to satisfy their customer's demands and improve their profits. In this paper, we propose and describe a more flexible reservation method called "YuuZuu" reservation that motivates cooperation among customers with different preferences for services. It increases utilization of vendor-provided services. The DREAM reservation system, which is an implementation of "YuuZuu" reservation, comprises three functions: (1) reservation allocation, (2) demand analysis, and (3) price optimization. Preliminary experiments show that the DREAM reservation system outperforms a standard reservation system when some customers are insistent upon detailed preferences and others are not, which, we believe, reflects real-world conditions.
Recently introduced spot instances in the Amazon Elastic Compute Cloud (EC2) offer low resource costs in exchange for reduced reliability; these instances can be revoked abruptly due to price and demand fluctuations. Mechanisms and tools that deal with the cost-reliability trade-offs under this schema are of great value for users seeking to lessen their costs while maintaining high reliability. We study how mechanisms, namely, checkpointing and migration, can be used to minimize the cost and volatility of resource provisioning. Based on the real price history of EC2 spot instances, we compare several adaptive checkpointing schemes in terms of monetary costs and improvement of job completion times. We evaluate schemes that apply predictive methods for spot prices. Furthermore, we also study how work migration can improve task completion in the midst of failures while maintaining low monetary costs. Trace-based simulations show that our schemes can reduce significantly both monetary costs and task completion times of computation on spot instance.
Service-Oriented Computing (SOC) is intended to improve software maintainability as businesses become more agile and underlying processes and rules change more frequently. However, to date, the impact of service cohesion on the analyzability subcharacteristic of maintainability has not been rigorously studied. Consequently, this paper extends existing notions of cohesion in the Procedural and OO paradigms in order to account for the unique characteristics of SOC, thereby supporting the derivation of design-level software metrics for objectively quantifying the degree of service cohesion. The metrics are theoretically validated, and an initial empirical evaluation using a small-scale controlled study suggests that the proposed metrics could help predict analyzability early in the Software Development Life Cycle. If future industrial studies confirm these findings, the practical applicability of such metrics is to support the development of service-oriented systems that can be analyzed, and thus maintained, more easily. In addition, such metrics could help identify design problems in existing systems.
Mobile devices are getting more pervasive, and it is becoming increasingly necessary to integrate web services into applications that run on these devices. We introduce a novel approach for dynamically invoking web service methods from mobile devices with minimal user intervention that only involves entering a search phrase and values for the method parameters. The architecture overcomes technical challenges that involve consuming discovered services dynamically by introducing a man-in-the-middle (MIM) server that provides a web service whose responsibility is to discover needed services and build the client-side proxies at runtime. The architecture moves to the MIM server energy-consuming tasks that would otherwise run on the mobile device. Such tasks involve communication with servers over the Internet, XML-parsing of files, and on-the-fly compilation of source code. We perform extensive evaluations of the system performance to measure scalability as it relates to the capacity of the MIM server in handling mobile client requests, and device battery power savings resulting from delegating the service discovery tasks to the server.
Mashup is a web technology that allows different service providers to flexibly integrate their expertise and to deliver highly customizable services to their customers. Data mashup is a special type of mashup application that aims at integrating data from multiple data providers depending on the user's request. However, integrating data from multiple sources brings about three challenges: (1) Simply joining multiple private data sets together would reveal the sensitive information to the other data providers. (2) The integrated (mashup) data could potentially sharpen the identification of individuals and, therefore, reveal their person-specific sensitive information that was not available before the mashup. (3) The mashup data from multiple sources often contain many data attributes. When enforcing a traditional privacy model, the high-dimensional data would suffer from the problem known as the curse of high dimensionality, resulting in useless data for further data analysis. In this paper, we study and resolve a privacy problem in a real-life mashup application for the online advertising industry, and propose a service-oriented architecture along with a privacy-preserving data mashup algorithm to address the aforementioned challenges. Experiments suggest that our proposed method is effective for preserving both privacy and information utility on the mashup data.
As the number of services and the size of data involved in workflows increases, centralised orchestration techniques are reaching the limits of scalability. When relying on web services without third-party data transfer, a standard orchestration model needs to pass all data through a centralised engine, which results in unnecessary data transfer and the engine to become a bottleneck to the execution of a workflow. As a solution, this paper presents and evaluates Circulate, an alternative service-oriented architecture which facilitates an orchestration model of central control in combination with a choreography model of optimised distributed data transport. Extensive performance analysis through the PlanetLab framework is conducted on a Web service-based implementation over a range of Internet-scale configurations which mirror scientific workflow environments. Performance analysis concludes that our architecture's optimised model of data transport speeds up the execution time of workflows, consistently outperforms standard orchestration and scales with data and node size. Furthermore, Circulate is a less-intrusive solution as individual services do not have to be reconfigured in order to take part in a workflow.
Models of Web service compositions that are both readable and verifiable will benefit organizations that integrate purportedly reusable Web services. Colored Petri nets (CPNs) are at once verifiable and visually expressive, capable of presenting subtle flaws in service composition. Constructing CPN models from business process execution language (BPEL) artifacts had been a manual process requiring human judgment. Building on results from the workflow community, we automate the mapping of artifacts written in BPEL to models used by CPN Tools - a formal verification environment for development, simulation, and model checking of colored Petri nets. We extend related work that already converts BPEL to Petri nets, to reflect hierarchy and data type (color in CPN terminology), while improving model layout. We present a prototype implementation that mines both a BPEL artifact and the Petri net generated from it by an existing tool. The prototype partitions the Petri net into subnets, lays them out, colors them, and generates their XML file for import into CPN tools. Our results include depictions of subnets produced and initial simulation results for a well-known case study.
There are at least two challenges with quality management of service-oriented architecture based web service systems: 1) how to link its technical capabilities with customer's needs explicitly to satisfy customers' functional and nonfunctional requirements; and 2) how to determine targets of web service design attributes. Currently, the first issue is not addressed and the second one is dealt with subjectively. Quality Function Deployment (QFD), a quality management system, has found its success in improving quality of complex products although it has not been used for developing web service systems. In this paper, we analyze requirements for web services and their design attributes, and apply the QFD for developing web service systems by linking quality of service requirements to web service design attributes. A new method for technical target setting in QFD, based on an artificial neural network, is also presented. Compared with the conventional methods for technical target setting in QFD, such as benchmarking and the linear regression method, which fail to incorporate nonlinear relationships between design attributes and quality of service requirements, it sets up technical targets consistent with relationships between quality of web service requirements and design attributes, no matter whether they are linear or nonlinear.
In this paper, we propose a dynamic audit service for verifying the integrity of an untrusted and outsourced storage. Our audit service is constructed based on the techniques, fragment structure, random sampling and index-hash table, supporting provable updates to outsourced data and timely anomaly detection. In addition, we propose a method based on probabilistic query and periodic verification for improving the performance of audit services. Our experimental results not only validate the effectiveness of our approaches, but also show our audit system verifies the integrity with lower computation overhead and requiring less extra storage for audit metadata.
In the world where on-demand and trustworthy service delivery is one of the main preconditions for successful business, service and business process availability is of the paramount importance and cannot be compromised. For that reason service availability is coming into central focus of the IT operations and management research and practice. Still, our understanding of service and process availability is mostly empirical and at best, sketchy. Services are assessed using a mixture of qualitative, quantitative, and analytical methods, with results of varying quality. We introduce a systematic model-based methodology and a tool for service and business process availability assessment. The main advantage of the proposed method is the ability to automatically generate availability models, based on the service/process description and technical infrastructure it is executing on. Therefore, service level agreements can be tested/simulated or return on investment calculation can be performed, without the need for costly experiments and/or actual investments.
This paper proposes an approach for automatic, service-driven configuration of networked IT systems focused on achieving a specific set of dependability properties. An automatic process starts from a service-level model to generate dependable configurations for the managed IT infrastructure. The process uses an ontology to model the services and their dependability requirements, the IT infrastructure, the available dependability mechanisms, and their configuration. Configurations are computed by model transformation rules which implement various dependability strategies with different degrees of requirements' satisfaction. Alternative configurations are generated to allow reconfiguring the system taking into account incidents or other operational conditions. A sample system hosting services based on web technologies is used as a proof-of-concept to illustrate application and extent of our approach.
In this paper, we propose a novel autonomic service delivery platform for service-oriented network environments. The platform enables a self-optimizing infrastructure that balances the goals of maximizing the business value derived from processing service requests and the optimal utilization of IT resources. We believe that our proposal is the first of its kind to integrate several well-established theoretical and practical techniques from networking, microeconomics, and service-oriented computing to form a fully-distributed service delivery platform. The principal component of the platform is a utility-based cooperative service routing protocol that disseminates congestion-based prices amongst intermediaries to enable the dynamic routing of service requests from consumers to providers. We provide the motivation for such a platform and formally present our proposed architecture. We discuss the underlying analytical framework for the service routing protocol, as well as key methodologies which together provide a robust framework for our service delivery platform that is applicable to the next-generation of middleware and telecommunications architectures.
With increasing presence and adoption of Web services on the World Wide Web, Quality-of-Service (QoS) is becoming important for describing nonfunctional characteristics of Web services. In this paper, we present a collaborative filtering approach for predicting QoS values of Web services and making Web service recommendation by taking advantages of past usage experiences of service users. We first propose a user-collaborative mechanism for past Web service QoS information collection from different service users. Then, based on the collected QoS data, a collaborative filtering approach is designed to predict Web service QoS values. Finally, a prototype called WSRec is implemented by Java language and deployed to the Internet for conducting real-world experiments. To study the QoS value prediction accuracy of our approach, 1.5 millions Web service invocation results are collected from 150 service users in 24 countries on 100 real-world Web services in 22 countries. The experimental results show that our algorithm achieves better prediction accuracy than other approaches. Our Web service QoS data set is publicly released for future research.
Evolvability is essential for computer systems to adapt to the dynamic and changing requirements in response to instant or delayed feedback from a service environment that nowadays is becoming more and more context aware; however, current context-aware service-centric models largely lack the capability to continuously explore human intentions that often drive system evolution. To support service requirements analysis of real-world applications for services computing, this paper presents a situation-theoretic approach to human-intention-driven service evolution in context-aware service environments. In this study, we give situation a definition that is rich in semantics and useful for modeling and reasoning human intentions, whereas the definition of intention is based on the observations of situations. A novel computational framework is described that allows us to model and infer human intentions by detecting the desires of an individual as well as capturing the corresponding context values through observations. An inference process based on hidden Markov model makes instant definition of individualized services at runtime possible, and significantly, shortens service evolution cycle. We illustrate the possible applications of this framework through a smart home example aimed at supporting independent living of elderly people.
Service management is becoming more and more important within the area of IT-management. How to efficiently manage and organize service in complicated IT service environments with frequent changes is a challenging issue. IT service and the related information from different sources are characterized as diverse, incomplete, heterogeneous, and geographically distributed. It is hard to consume these complicated services without knowledge assistant. To address this problem, a systematic way (with proposed toolsets and process) is proposed to tackle the challenges of acquisition, structuring and refinement of structured knowledge. An integrated knowledge process is developed to guarantee the whole engineering procedure which utilizes Bayesian Network as the knowledge model. This framework can be successfully applied on key tasks in service management, such as problem determination and change impact analysis, and a real example of Cisco VoIP system is introduced to show the usefulness of this method.
With the popularity ofWeb Services and Service-Oriented Architecture (SOA), quality assurance of SOA applications, such as testing, has become a research focus. Programs implemented by Business Process Execution Language for Web Services (WS-BPEL), which can be used to compose partner Web Services into composite Web Services, are one popular kind of SOA applications. The unique features of WS-BPEL programs bring new challenges into testing. Without explicit user interfaces, a test case for testing aWS-BPEL program is a sequence of messages that can be received by theWS-BPEL program under test. Previous research has not studied the challenges of message-sequence generation induced by unique features of WS-BPEL as a new language. In this paper, we present a novel methodology to generate effective message sequences for testing WS-BPEL programs. To capture the order relationship in a message sequence and the constraints on correlated messages imposed by WS-BPEL routing mechanism, we model the WS-BPEL program under test as a message-sequence graph (MSG), and generate message sequences based on MSG. We performed experiments for our method and two other techniques with six WS-BPEL programs. The results show that the message sequences generated using our method can effectively expose faults in the WS-BPEL programs.
Business collaboration is about coordinating the flow of information among organizations and linking their business processes into a cohesive whole. Collaborative business processes are time-critical within and across organizations and can become unreliable due to temporal inconsistency where processes can not execute according to the agreed temporal policies. It is necessary to have a mechanism to manage temporal consistency in service oriented business collaboration. In this paper, we propose a model named Timed Choreographical Business Transaction Net (TiCoBTx-Net) based on Hierarchical Colored Petri Net for individual business participants to specify and manage the temporal consistency in business collaboration. A series of temporal polices are formalized and checked in TiCoBTx-Net to enforce the temporal consistency at design time and runtime. A verification mechanism is also developed to clarify the status of temporal inconsistencies. Finally, the implementation details of the proposed mechanism is provided.
A contract is a legally binding agreement between real world business entities whom we treat as providing services to one another. We focus on business, rather than technical, services. We think of a business contract as specifying the functional and nonfunctional behavior and interactions of the services. In current practice, contracts are produced as text documents. Thus the relevant service capabilities, requirements, qualities, and risks are hidden and difficult to access and reason about. We describe a simple but effective unsupervised information extraction approach and tool, Enlil, for discovering service exceptions at the phrasal level from a large contract repository. Our approach involves preprocessing followed by an application of linguistic patterns and parsing to extract the service exception phrases. Identifying such noun phrases can help build service exception vocabularies that support the development of a taxonomy of business terms, and also facilitate modeling and analyzing service engagements. A lightweight online tool that comes with Enlil highlights the relevant text in service contracts and thereby assists users in reviewing contracts. Enlil produces promising results in terms of precision and recall when evaluated over a corpus of manually annotated contracts.
This paper presents a service-oriented digital government infrastructure focused on efficiently providing customized services to senior citizens. We designed and developed a Web Service Management System (WSMS), called WebSenior, which provides a service-centric framework to deliver government services to senior citizens. The proposed WSMS manages the entire life cycle of third-party web services. These act as proxies for real government services. Due to the specific requirements of our digital government application, we focus on the following key components of WebSenior: service composition, service optimization, and service privacy preservation. These components form the nucleus that achieves seamless cooperation among government agencies to provide prompt and customized services to senior citizens.
The overwhelming amount of various monitoring and log data generated in multi-tier IT systems makes problem determination one of the most expensive and labor-intensive tasks in IT Services arena. Particularly the initial step of problem classification is complicated by error propagation making secondary problems surfacing on multiple dependent resources. In this paper, we propose to automate the process of problem classification by leveraging machine learning. The main focus is to categorize the problem a user experiences by recognizing the real root cause specificity leveraging available training data such as monitoring and logs across the systems. We transform the structure of the problem into a hierarchy using an existing taxonomy. We then propose an efficient hierarchical incremental learning algorithm which is capable of adjusting its internal local classifier parameters in realtime. Comparing to the traditional batch learning algorithms, this online solution decreases the computational complexity of the training process by learning from new instances on an incremental fashion. Our approach significantly reduces the memory required to store the training instances. We demonstrate the efficiency of our approach by learning hierarchical problem patterns for several issues occurring in distributed web applications. Experimental results show that our approach substantially outperforms previous methods.
As one of the emerging services in cloud paradigm, cloud storage enables users to remotely store their data into the cloud so as to enjoy the on-demand high quality applications and services from a shared pool of configurable computing resources. While cloud storage relieves users from the burden of local storage management and maintenance, it is also relinquishing users’ ultimate control over the fate of their data, which may put the correctness of outsourced data into risks. In order to regain the assurances of cloud data integrity and availability and enforce the quality of cloud storage service for users, we propose a highly efficient and flexible distributed storage verification scheme with two salient features, opposing to its predecessors. By utilizing the homomorphic token with distributed erasure-coded data, our scheme achieves the integration of storage correctness insurance and data error localization, i.e., the identification of misbehaving server(s). Unlike most prior works, the new scheme further supports secure and efficient dynamic operations on outsourced data, including: block modification, deletion and append. Extensive security and performance analysis shows the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding attacks.
A virtual networked infrastructure (VNI) consists of virtual machines (VMs) connected by a virtual network. Created for individual users on a shared cloud infrastructure, VNIs reflect the concept of "Infrastructure as a Service" (IaaS) as part of the emerging cloud computing paradigm. The ability to take snapshots of an entire VNI - including images of the VMs with their execution, communication and storage states - yields a unique approach to reliability as a VNI snapshot can be used to restore the operation of the entire virtual infrastructure. We present VNsnap, a system that takes distributed snapshots of VNIs. Unlike many existing distributed snapshot/checkpointing solutions, VNsnap does not require any modifications to the applications, libraries, or (guest) operating systems running in the VMs. Furthermore, by performing much of the snapshot operation concurrently with the VNI's normal operation, VNsnap incurs only seconds of downtime. We have implemented VNsnap on top of Xen. Our experiments with real-world parallel and distributed applications demonstrate VNsnap's effectiveness and efficiency.
Online relationships in social networks are often based on real world relationships and can therefore be used to infer a level of trust between users. We propose leveraging these relationships to form a dynamic “Social Cloud”, thereby enabling users to share heterogeneous resources within the context of a social network. In addition, the inherent socially corrective mechanisms (incentives, disincentives) can be used to enable a Cloud based framework for long term sharing with lower privacy concerns and security overheads than are present in traditional Cloud environments. Due to the unique nature of the Social Cloud, a social market place is proposed as a means of regulating sharing. The social market is novel, as it uses both social and economic protocols to facilitate trading. This article defines Social Cloud Computing, outlining various aspects of Social Clouds, and demonstrates the approach using a social storage Cloud implementation in Facebook.
NoSQL Cloud data stores provide scalability and high availability properties for web applications, but at the same time they sacrifice data consistency. However, many applications cannot afford any data inconsistency. CloudTPS is a scalable transaction manager which guarantees full ACID properties for multi-item transactions issued by Web applications, even in the presence of server failures and network partitions. We implement this approach on top of the two main families of scalable data layers: Bigtable and SimpleDB. Performance evaluation on top of HBase (an open-source version of Bigtable) in our local cluster and Amazon SimpleDB in the Amazon cloud shows that our system scales linearly at least up to 40 nodes in our local cluster and 80 nodes in the Amazon cloud.
Software testers are confronted with great challenges in testing Web Services (WS) especially when integrating to services owned by other vendors. They must deal with the diversity of implementation techniques used by the other services and to meet a wide range of test requirements. However, they are in lack of software artifacts, the means of control over test executions and observation on the internal behavior of the other services. An automated testing technique must be developed to be capable of testing on-the-fly nonintrusively and nondisruptively. Addressing these problems, this paper proposes a framework of collaborative testing in which test tasks are completed through the collaboration of various test services that are registered, discovered, and invoked at runtime using the ontology of software testing STOWS. The composition of test services is realized by using test brokers, which are also test services but specialized in the coordination of other test services. The ontology can be extended and updated through an ontology management service so that it can support a wide open range of test activities, methods, techniques, and types of software artifacts. The paper presents a prototype implementation of the framework in semantic WS and demonstrates the feasibility of the framework by running examples of building a testing tool as a test service, developing a service for test executions of a WS, and composing existing test services for more complicated testing tasks. Experimental evaluation of the framework has also demonstrated its scalability.
In this work, we propose a two-step, context-based semantic approach to the problem of matching and ranking Web services for possible service composition. We present an analysis of different methods for classifying Web services for possible composition and supply a context-based semantic matching method for ranking these possibilities. Semantic understanding of Web services may provide added value by identifying new possibilities for compositions of services. The semantic matching ranking approach is unique since it provides the Web service designer with an explicit numeric estimation of the extent to which a possible composition ldquomakes sense.rdquo First, we analyze two common methods for text processing, TF/IDF and context analysis; and two types of service description, free text and WSDL. Second, we present a method for evaluating the proximity of services for possible compositions. Each Web service WSDL context descriptor is evaluated according to its proximity to other services' free text context descriptors. The methods were tested on a large repository of real-world Web services. The experimental results indicate that context analysis is more useful than TF/IDF. Furthermore, the method evaluating the proximity of the WSDL description to the textual description of other services provides high recall and precision results.
Scientific workflow has recently become an enabling technology to automate and speed up the scientific discovery process. Although several scientific workflow management systems (SWFMSs) have been developed, a formal scientific workflow composition model in which workflow constructs are fully compositional one with another is still missing. In this paper, we propose a dataflow-based scientific workflow composition framework consisting of (1) a dataflow-based scientific workflow model that separates the declaration of the workflow interface from the definition of its functional body; (2) a set of workflow constructs, including Map, Reduce, Tree, Loop, Conditional, and Curry, which are fully compositional one with another; (3) a dataflow-based exception handling approach to support hierarchical exception propagation and user-defined exception handling. Our workflow composition framework is unique in that workflows are the only operands for composition; in this way, our approach elegantly solves the two-world problem in existing composition frameworks, in which composition needs to deal with both the world of tasks and the world of workflows. The proposed framework is implemented and several case studies are conducted to validate our techniques.
Service-oriented architecture provides a framework for achieving rapid system composition and deployment. To satisfy different system QoS requirements, it is possible to select an appropriate set of concrete services and compose them to achieve the QoS goals. In addition, some of the services may be reconfigurable and provide various QoS tradeoffs. To make use of these reconfigurable services, the composition process should consider not only service selection, but also configuration parameter settings. However, existing QoS-driven service composition research does not consider reconfigurable services. Moreover, the decision space may be enormous when reconfigurable services are considered. In this paper, we deal with the issues of reconfigurable service modeling and efficient service composition decision making. We introduce a novel compositional decision making process, CDP, which explores optimal solutions of individual component services and uses the knowledge to derive optimal QoS-driven composition solutions. Experimental studies show that the CDP approach can significantly reduce the search space and achieve great performance gains. We also develop a case study system to validate the proposed approach and the results confirm the feasibility and effectiveness of reconfigurable services.
The Service-Oriented Architecture (SOA) approach to building systems of application and middleware components promotes the use of reusable services with a core focus of service interactions, obligations, and context. Although services technically relieve the difficulties of specific technology dependency, the difficulties in building reusable components is still prominent and a challenge to service engineers. Engineering the behavior of these services means ensuring that the interactions and obligations are correct and consistent with policies set out to guide partners in building the correct sequences of interactions to support the functions of one or more services. Hence, checking the suitability of service behavior is complex, particularly when dealing with a composition of services and concurrent interactions. How can we rigorously check implementations of service compositions? What are the semantics of service compositions? How does deployment configuration affect service composition behavior safety? To facilitate service engineers designing and implementing suitable and safe service compositions, we present in this paper an approach to consider different viewpoints of service composition behavior analysis. The contribution of the paper is threefold. First, we model service orchestration, choreography behavior, and service orchestration deployment through formal semantics applied to service behavior and configuration descriptions. Second, we define types of analysis and properties of interest for checking service models of orchestrations, choreography, and deployment. Third, we describe mechanical support by providing a comprehensive integrated workbench for the verification and validation of service compositions.
This paper presents a recovery algorithm for service execution failure in the context of concurrent process execution. The recovery algorithm was specifically designed to support a rule-based approach to user-defined correctness in execution environments that support a relaxed form of isolation for service execution. Data dependencies are analyzed from data changes that are extracted from database transaction log files and generated as a stream of deltas from Delta-Enabled Grid Services. The deltas are merged by timestamp to create a global schedule of data changes that, together with the process execution context, are used to identify processes that are read and write dependent on failed processes. Process interference rules are used to express semantic conditions that determine if a process that is dependent on a failed process should recover or continue execution. The recovery algorithm integrates a service composition model that supports nested processes, compensation, contingency, and roll-back procedures with the data dependency analysis process and rule execution procedure to provide a new approach for addressing consistency among concurrent processes that access shared data. We present the recovery algorithm and also discuss our results with simulation and evaluation of the concurrent process recovery algorithm.
An increasing number of popular SOAP web services exhibit a stateful behavior, where a successful interaction is determined as much by the correct format of messages as by the sequence in which they are exchanged with a client. The set of such constraints forms a "message contract" that needs to be enforced on both sides of the transaction; it often includes constraints referring to actual data elements inside messages. We present an algorithm for the runtime monitoring of such message contracts with data parameterization. Their properties are expressed in LTL-FO+, an extension of Linear Temporal Logic that allows first-order quantification over the data inside a trace of XML messages. An implementation of this algorithm can transparently enforce an LTL-FO+ specification using a small and invisible Java applet. Violations of the specification are reported on-the-fly and prevent erroneous or out-of-sequence XML messages from being exchanged. Experimentats on commercial web services from Amazon.com and Google indicate that LTL-FO+ is an appropriate language for expressing their message contracts, and that its processing overhead on sample traces is acceptable for both a client-side or a server-side enforcement architecture.
Ensuring transactional behavior of business processes and web service compositions is an essential issue in the area of service-oriented computing. Transactions in this context may require long periods of time to complete and must be managed using non-blocking techniques. Data integrity in Long-Running Transactions (LRTs) is preserved using compensations, that is, activities explicitly programmed to eliminate the effects of a process terminated by a user or that failed to complete due to another reason. In this paper, we present a framework for behavioral modeling of business processes, focusing on their transactional properties. Our solution is based on the channel-based exogenous coordination language Reo, which is an expressive, compositional and semantically precise design language admitting formal reasoning. The operational semantics of Reo is given by constraint automata. We illustrate how Reo can be used for modeling termination and compensation handling in a number of commonly-used workflow patterns. Furthermore, we show how essential properties of LRTs can be expressed in LTL and CTL-like logics and verified using model checking technology. Our framework is supported by a number of Eclipse plug-ins that provide facilities for modeling, animation, and verification of LRTs to generate executable code for them.
Current approaches to transactional support of distributed processes in service-oriented environments are limited to scenarios where the participant initiating the process maintains a controlling position throughout the lifetime of the process. This constraint impedes support of complex processes where participants may only possess limited local views on the overall process. Furthermore, there is little support of dynamic aspects: failure or exit of participants usually leads to cancelation of the whole process. In this paper, we address these limitations by introducing a framework that strengthens the role of the coordinator and allows for largely autonomous coordination of dynamic processes. We first discuss motivating examples and analyze existing approaches to transactional coordination. Subsequently, we present our framework TracG, which is based on WS-BusinessActivity. It contains at its core a set of rules for deciding on the ongoing confirmation or cancelation status of participants' work and protocol extensions for monitoring the progress of a process. Various types of participant vitality for a process are distinguished, facilitating the controlled exit of nonvital participants as well as continuation of a process in case of tolerable failures. The implementation of the framework is presented and discussed regarding interoperability issues.
Service-oriented computing (SOC) is emerging as a paradigm for developing distributed applications. A critical issue of utilizing SOC is to have a scalable, reliable and robust service discovery mechanism. However, traditional service discovery methods using centralized registries can easily suffer from problems such as performance bottleneck and vulnerability to failures in large scalable service networks, thus functioning abnormally. To address these problems, this paper proposes a peer-to-peer based decentralized service discovery approach named Chord4S. Chord4S utilizes the data distribution and lookup capabilities of the popular Chord to distribute and discover services in a decentralized manner. Data availability is further improved by distributing published descriptions of functionally equivalent services to different successor nodes that are organized into virtual segments in the Chord4S circle. Based on the service publication approach, Chord4S supports QoS-aware service discovery. Chord4S also supports service discovery with wildcard(s). In addition, the Chord routing protocol is extended to support efficient discovery of multiple services with a single query. This enables late negotiation of service level agreements between service consumers and multiple candidate service providers. The experimental evaluation shows that Chord4S achieves higher data availability and provides efficient query with reasonable overhead.
The relationship-focused and credential-focused identity managements are both user-centric notions in Service-oriented architecture (SOA). For composite services, pure user-centric identity management is inefficient because each subservice may authenticate and authorize users and users need participate in every identity provisioning transaction. If the above two paradigms are unified into the universal identity management where identity information and privileges are delegatable, user centricity will be more feasible in SOA. The credential-focused system is a good starting point for constructing a universal identity management system. However, how to implement a practical delegation scheme is still a challenge although there are some delegatable anonymous credential schemes that were theoretically constructed. This paper aims to propose a practical delegation solution for universal identity management. For this, a pseudonym-based signature scheme is first designed where pseudonyms are self-generated and unlinkable for realizing user's privacy. Next, a proxy signature is presented with the pseudonyms as public keys where delegation can be achieved through certificate chains. Finally, the security of our scheme is analyzed and proved in the random oracle model.
Web-based collaborations and processes have become essential in today’s business environments. Such processes typically span interactions between people and services across globally distributed companies. Web services and SOA are the defacto technology to implement compositions of humans and services. To support complex interaction scenarios, we introduce a mixed service-oriented system composed of both human-provided and software-based services interacting to perform joint activities or to solve emerging problems. However, competencies of people evolve over time, thereby requiring approaches for the automated management of actor skills, reputation, and trust. We present a novel approach addressing the need for flexible involvement of experts and knowledge workers in distributed collaborations. We argue that the automated inference of trust between members is a key factor for successful collaborations. Instead of following a security perspective on trust, we focus on dynamic trust in collaborative networks. We discuss Human-Provided Services (HPS) and an approach for managing user preferences and network structures. Our main contributions center around a context-sensitive trust-based algorithm called ExpertHITS inspired by the concept of hubs and authorities in Web-based environments. ExpertHITS takes trust-relations and link properties in social networks into account to estimate the reputation of users.
The goal of service oriented architectures is to enable the creation of business applications through the automatic discovery and composition of independently developed and deployed (Web) services. Automatic discovery of Web Services (WSs) can be achieved by incorporating semantics into a richer WS description model (WSDM) and the use of Semantic Web (SW) technologies in the WS matchmaking and selection models. A sufficiently rich WSDM should encompass not only functional but also non-functional aspects like Quality of Service (QoS). QoS is a set of performance attributes that has a substantial impact on WS requesters' expectations. Thus, it can be used as a discriminating factor of functionally-equivalent WSs. The focus of this paper is twofold: to analyze the requirements of a semantically rich QoS-based WSDM and to provide SW and constrained- based mechanisms for enriching syntactic QoS-based WS Discovery (WSDi) algorithms. In addition, a roadmap of extending WS standard techniques for realizing semantic, functional and QoS-based WSDi is presented.
In this paper, we propose Proteus, a generic query model for the discovery of operations offered by heterogeneous services. We demonstrate the need for such a model, and show how it unifies the task of service discovery through abstractions, which allow for the technology-independent formulation of service advertisements, queries, and query responses. On top of these generic elements, we build an intuitive, fuzzy-based query evaluation mechanism that supports the service matchmaking process by employing and appropriately combining existing similarity metrics. Thanks to the generality of Proteus, it is possible to seamlessly accommodate the discovery of operations provided by various types of services without the need of changing the existing service infrastructure. Thus, our approach is applicable to a variety of settings ranging from traditional Web services to service-oriented Grids, Peer-to-Peer networks, Geospatial Information Systems, etc. Overall, compared to the existing query models supported by standard service discovery technologies, our approach is marked by openness, flexibility, and improved performance in terms of precision and recall. The feasibility and efficiency of Proteus are verified by a series of experiments.
The goal of service oriented architectures (SOAs) is to enable the creation of business applications through the automatic discovery and composition of independently developed and deployed (Web) services. Automatic discovery of Web services (WSs) can be achieved by incorporating semantics into a richer WS description model (WSDM) and by the use of semantic Web (SW) technologies in the WS matchmaking and selection (i.e., discovery) process. A sufficiently rich WSDM should encompass not only functional but also nonfunctional aspects like quality of service (QoS). QoS is a set of performance and domain-dependent attributes that has a substantial impact on WS requesters' expectations. Thus, it can be used for distinguishing between many functionally equivalent WSs that are available nowadays. This paper starts by defining QoS in the context of WSs. Its main contribution is the analysis of the requirements for a semantically rich QoS-based WSDM and an accurate, effective QoS-based WS Discovery (WSDi) process. In addition, a road map of extending current WS standard technologies for realizing semantic, functional, and QoS-based WSDi, respecting the above requirements, is presented.
Web Services (WS) provide a comprehensive solution for representing, discovering and invoking services in a variety of environments, including SOA (Service Oriented Architectures) and grid computing systems. At the core of WS lie a number of XML-based standards, such as SOAP, that have ensured WS extensibility, transparency, and interoperability. Nonetheless, there is an increasing demand to enhance WS performance, which is severely impaired by XML's verbosity. SOAP communications produce considerable network traffic, making them unfit for distributed and heterogeneous computing environments such as the Internet. Also, they introduce higher latency and processing delays than other technologies, like Java-RMI and CORBA. WS research has recently focused on SOAP performance enhancement. Many approaches build on the observation that SOAP message exchange usually involves highly similar messages, and exploit similarity evaluation and differential encoding as potential SOAP performance enhancement techniques. Other approaches investigate parallel processing architectures, to further increase the processing rates of SOAP/XML software toolkits. This survey paper provides a concise, yet comprehensive review of the research efforts aimed at SOAP performance enhancement. A unified view of the problem is provided, covering almost every phase of SOAP processing, ranging over message parsing, serialization, de-serialization, compression, multicasting, security evaluation, and data/instruction-level processing.