The service-based paradigm is enabling new models of software provisioning based on cloud architectures. An increasing number of organizations are either providing their software as a service or acting as enablers by providing platforms on which service providers can offer their services. However the service implementations and the characteristics of the underlying cloud architectures are often opaque to the service consumers. The resulting deficit of trust on the security of such services is hampering the adoption of these new software paradigms by the industry.� In this paper, we discuss an approach for security certification of services that can help fill this trust deficit, and we analyze the challenges that we face in realizing this approach. In particular, we concentrate on the problem of ensuring a robust binding between a security certificate and the corresponding service, outlining some possible approaches to tackle this issue.
{"title":"Ensuring trust in service consumption through security certification","authors":"M. Bezzi, Samuel Paul Kaluvuri, A. Sabetta","doi":"10.1145/2031746.2031758","DOIUrl":"https://doi.org/10.1145/2031746.2031758","url":null,"abstract":"The service-based paradigm is enabling new models of software provisioning based on cloud architectures. An increasing number of organizations are either providing their software as a service or acting as enablers by providing platforms on which service providers can offer their services. However the service implementations and the characteristics of the underlying cloud architectures are often opaque to the service consumers. The resulting deficit of trust on the security of such services is hampering the adoption of these new software paradigms by the industry.\u0000 In this paper, we discuss an approach for security certification of services that can help fill this trust deficit, and we analyze the challenges that we face in realizing this approach. In particular, we concentrate on the problem of ensuring a robust binding between a security certificate and the corresponding service, outlining some possible approaches to tackle this issue.","PeriodicalId":357051,"journal":{"name":"QASBA '11","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132280872","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Access Policy compliance testing within a trust network helps ensure that the services available to users are reliable, secure and trustworthy. In the TAS3 project Access Policy testing is a vital function of the trust network in which users and service providers interact. User-centric security management is enabled by using automated compliance testing using the TAS3 Audit Bus and OCT components to monitor service state and provide users with a new level of privacy protection in networks of services. The components have been deployed and tested in an employability scenario and present a foundation from which a new level of security for emerging service-based applications can be developed.
{"title":"Access policy compliance testing in a user centric trust service infrastructure","authors":"G. D. Angelis, T. Kirkham, Sandra Winfield","doi":"10.1145/2031746.2031757","DOIUrl":"https://doi.org/10.1145/2031746.2031757","url":null,"abstract":"Access Policy compliance testing within a trust network helps ensure that the services available to users are reliable, secure and trustworthy. In the TAS3 project Access Policy testing is a vital function of the trust network in which users and service providers interact. User-centric security management is enabled by using automated compliance testing using the TAS3 Audit Bus and OCT components to monitor service state and provide users with a new level of privacy protection in networks of services. The components have been deployed and tested in an employability scenario and present a foundation from which a new level of security for emerging service-based applications can be developed.","PeriodicalId":357051,"journal":{"name":"QASBA '11","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115858695","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper provides a notation of protocol compatibility among services and describe how this can be useful to test interoperability in Service-Based Applications (SBA). Indeed, the features of a SBA, like distribution and loosely-coupling make usual testing techniques inefficient, especially when the choreography model is adopted. We argue that only the service interface description is not enough to prove and test compatibility among services. Services behavior should also be described. In this paper we introduce a formal model based on message-exchange that should fit for it, considering a service as a non-deterministic finite state automaton. According to this model, we can finally discuss a definition of protocol compatibility and its role for test generation.
{"title":"Protocol compatibility notations for service integration testing","authors":"F. D. Angelis, D. Fanì, A. Polzonetti","doi":"10.1145/2031746.2031749","DOIUrl":"https://doi.org/10.1145/2031746.2031749","url":null,"abstract":"This paper provides a notation of protocol compatibility among services and describe how this can be useful to test interoperability in Service-Based Applications (SBA). Indeed, the features of a SBA, like distribution and loosely-coupling make usual testing techniques inefficient, especially when the choreography model is adopted. We argue that only the service interface description is not enough to prove and test compatibility among services. Services behavior should also be described. In this paper we introduce a formal model based on message-exchange that should fit for it, considering a service as a non-deterministic finite state automaton. According to this model, we can finally discuss a definition of protocol compatibility and its role for test generation.","PeriodicalId":357051,"journal":{"name":"QASBA '11","volume":"157 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123096268","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cross-layer adaptation and monitoring (CLAM) is an approach to the run-time quality assurance of service-based applications (SBAs). The aim of CLAM is to monitor the different layers of an SBA and correlate the monitoring results, such that in the event that a problem occurs an effective adaptation strategy is inferred for enacting a coordinated adaptation across all layers of the SBA. An important aspect of CLAM is the definition of the appropriate Service-Level Agreements (SLAs) for third party services utilised in the different layers of the SBAs. In this paper, we present insights into how to define SLAs for CLAM, by analysing SBAs in order to differentiate the third party business, software and infrastructure services utilised by the SBA. As a case study, we apply the analytical approach to an existing platform-as-a-service framework, which has been developed as an SBA and could benefit from CLAM. The analysis reveals the different third party services and their characteristics, as a precursor to defining SLAs. The case study successfully demonstrates how distinct SLAs for business, software and infrastructure services may be applied respectively in the BPM, SCC and SI layers of an SBA, to provide a flexible monitoring and adaptation response across layers.
{"title":"SLAs for cross-layer adaptation and monitoring of service-based applications: a case study","authors":"Konstantinos Bratanis, D. Dranidis, A. Simons","doi":"10.1145/2031746.2031755","DOIUrl":"https://doi.org/10.1145/2031746.2031755","url":null,"abstract":"Cross-layer adaptation and monitoring (CLAM) is an approach to the run-time quality assurance of service-based applications (SBAs). The aim of CLAM is to monitor the different layers of an SBA and correlate the monitoring results, such that in the event that a problem occurs an effective adaptation strategy is inferred for enacting a coordinated adaptation across all layers of the SBA. An important aspect of CLAM is the definition of the appropriate Service-Level Agreements (SLAs) for third party services utilised in the different layers of the SBAs. In this paper, we present insights into how to define SLAs for CLAM, by analysing SBAs in order to differentiate the third party business, software and infrastructure services utilised by the SBA. As a case study, we apply the analytical approach to an existing platform-as-a-service framework, which has been developed as an SBA and could benefit from CLAM. The analysis reveals the different third party services and their characteristics, as a precursor to defining SLAs. The case study successfully demonstrates how distinct SLAs for business, software and infrastructure services may be applied respectively in the BPM, SCC and SI layers of an SBA, to provide a flexible monitoring and adaptation response across layers.","PeriodicalId":357051,"journal":{"name":"QASBA '11","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116307114","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The highly dynamic and loosely coupled nature of a service-oriented software system leads to the challenge of understanding it. In order to obtain insight into the runtime topology of a SOA system, we propose a framework-based runtime monitoring approach to trace the service interactions during execution. The approach can be transparently applied to all web services built on the framework and reuses parts of information and functionality already available in the framework to achieve our goals.
{"title":"A framework-based runtime monitoring approach for service-oriented software systems","authors":"Cuiting Chen, A. Zaidman, H. Groß","doi":"10.1145/2031746.2031752","DOIUrl":"https://doi.org/10.1145/2031746.2031752","url":null,"abstract":"The highly dynamic and loosely coupled nature of a service-oriented software system leads to the challenge of understanding it. In order to obtain insight into the runtime topology of a SOA system, we propose a framework-based runtime monitoring approach to trace the service interactions during execution. The approach can be transparently applied to all web services built on the framework and reuses parts of information and functionality already available in the framework to achieve our goals.","PeriodicalId":357051,"journal":{"name":"QASBA '11","volume":"82 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127000925","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Marco, Claudio Pompilio, A. Bertolino, Antonello Calabrò, F. Lonetti, A. Sabetta
In service-oriented systems non-functional properties become very important to support run-time service discovery and composition. Software engineers should take care of them for guaranteeing the service quality in all the software life-cycle phases, from requirements specification to design, to system deployment and execution monitoring. This wide scope and the criticality of non-functional properties demand that they are expressed in a language which is intuitive and easy to use for the service quality specification, and at the same time is machine-processable to be automatically handled at run-time. In this paper we present a Property Meta-Model that aims to reach these two main objectives and show as a proof of concept its use for the modeling of two different properties.
{"title":"Yet another meta-model to specify non-functional properties","authors":"A. Marco, Claudio Pompilio, A. Bertolino, Antonello Calabrò, F. Lonetti, A. Sabetta","doi":"10.1145/2031746.2031751","DOIUrl":"https://doi.org/10.1145/2031746.2031751","url":null,"abstract":"In service-oriented systems non-functional properties become very important to support run-time service discovery and composition. Software engineers should take care of them for guaranteeing the service quality in all the software life-cycle phases, from requirements specification to design, to system deployment and execution monitoring. This wide scope and the criticality of non-functional properties demand that they are expressed in a language which is intuitive and easy to use for the service quality specification, and at the same time is machine-processable to be automatically handled at run-time. In this paper we present a Property Meta-Model that aims to reach these two main objectives and show as a proof of concept its use for the modeling of two different properties.","PeriodicalId":357051,"journal":{"name":"QASBA '11","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129416463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The heterogeneous and dynamic execution context of service-based applications (SBA) makes the problem of adaptation critical. However in most cases the adaptation is not trivial due to the following facts. First, SBA has a complex layered system where the application is implemented through a composition of services, which in turn are provided by platforms and run on top of infrastructures. Second, as a result of this multi-level application system there exist several adaptation approaches isolated from each other, which focus on a specific concern of one level ignoring the overall impact of the adaptation on the whole service-based system. To tackle this problem we propose a cross-layer adaptation manager (CLAM) whose contribution is two-fold: (i) It provides a platform that integrates and coordinates existing analysis and adaptation tools, which target specific system concerns, to assess the impact of an adaptation at the different levels. (ii) Covering the whole system for the SBA, it provides an analysis algorithm that incrementally constructs consistent adaptation strategies starting from an initial adaptation trigger originated at any level. The paper introduces the proposed approach and presents its first implementation with concrete analysis and adaptation tools.
{"title":"CLAM: cross-layer adaptation manager for service-based applications","authors":"Aslı Zengin, A. Marconi, M. Pistore","doi":"10.1145/2031746.2031754","DOIUrl":"https://doi.org/10.1145/2031746.2031754","url":null,"abstract":"The heterogeneous and dynamic execution context of service-based applications (SBA) makes the problem of adaptation critical. However in most cases the adaptation is not trivial due to the following facts. First, SBA has a complex layered system where the application is implemented through a composition of services, which in turn are provided by platforms and run on top of infrastructures. Second, as a result of this multi-level application system there exist several adaptation approaches isolated from each other, which focus on a specific concern of one level ignoring the overall impact of the adaptation on the whole service-based system. To tackle this problem we propose a cross-layer adaptation manager (CLAM) whose contribution is two-fold: (i) It provides a platform that integrates and coordinates existing analysis and adaptation tools, which target specific system concerns, to assess the impact of an adaptation at the different levels. (ii) Covering the whole system for the SBA, it provides an analysis algorithm that incrementally constructs consistent adaptation strategies starting from an initial adaptation trigger originated at any level. The paper introduces the proposed approach and presents its first implementation with concrete analysis and adaptation tools.","PeriodicalId":357051,"journal":{"name":"QASBA '11","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129692907","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Service-Oriented Architecture (SOA) enable organizations to react to requirement changes in an agile manner and to foster the reuse of existing services. However, the dynamic nature of Service-Oriented Systems and their agility bear the challenge of properly understanding such systems. In particular, understanding the dependencies among services is a non trivial task, especially if service-oriented systems are distributed over several hosts and/or using different SOA technologies.� In this paper, we propose an approach to monitor dynamic dependencies among services. The approach is based on the vector clocks, originally conceived and used to order events in a distributed environment. We use the vector clocks to order service executions and to infer causal dependencies among services. In our future work we plan to use this information to study change and failure impact analysis in service-oriented systems.
{"title":"Using vector clocks to monitor dependencies among services at runtime","authors":"Daniele Romano, M. Pinzger","doi":"10.1145/2031746.2031748","DOIUrl":"https://doi.org/10.1145/2031746.2031748","url":null,"abstract":"Service-Oriented Architecture (SOA) enable organizations to react to requirement changes in an agile manner and to foster the reuse of existing services. However, the dynamic nature of Service-Oriented Systems and their agility bear the challenge of properly understanding such systems. In particular, understanding the dependencies among services is a non trivial task, especially if service-oriented systems are distributed over several hosts and/or using different SOA technologies.\u0000 In this paper, we propose an approach to monitor dynamic dependencies among services. The approach is based on the vector clocks, originally conceived and used to order events in a distributed environment. We use the vector clocks to order service executions and to infer causal dependencies among services. In our future work we plan to use this information to study change and failure impact analysis in service-oriented systems.","PeriodicalId":357051,"journal":{"name":"QASBA '11","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124677827","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: