Using argumentative agents to manage communities of Web services

This paper presents a framework for specifying Web services communities. A Web service is an accessible application that humans, software agents, and other applications in general can discover, compose, and invoke in order to satisfy users\u27 needs like hotel booking. Web services providing the same functionality are gathered into one community, independently of their origins. This framework shows how software agents that are able to argue, negotiate, and reason about Web services can be used to specify these Web services and to manage their respective communities. The use of what we call argumentative agents helps Web services in being better organized within communities and in achieving the goals for which they are conceived. The community is led by a master component, which among others attracts new Web services to the community, retains existing Web services in the community, and identifies the Web services in the community that will participate in composite Web services. All these operations are managed by interacting agents through flexible conversations made up by argumentation, persuasion, and negotiation phases called dialogue games. © 2007 IEEE

Web Processing Services for Forestry and Environmental Applications

Dissertation submitted in partial fulfillment of the requirements for the Degree of Master of Science in Geospatial Technologies.Nowadays spatial processing on the web is becoming a requirement for more and more web applications. The use of processes helps to find solutions to a wide range of spatial problems and extends the common functionality of Web GIS. There are many open source technologies that can be implemented in each component of a Web GIS application. Forestry and environmental problems, with their strong territorial implications, are especially suitable to be analyzed applying these technologies. In order to create an application with spatial processes, we propose a framework with a layered service-based architecture. It is layered because its structure is divided in a set of functional layers: the user layer (geoportal or client), the service layer (inside the server) and the data layer (spatial database). The access and processing of spatial data is accomplished through adequate service standards of OGC (Open Geospatial Consortium): Web Map Services (WMS), Web Feature Services (WFS), Web Coverage Services (WCS) and Web Processing Services (WPS). We implement a complete forestry – related application from scratch that offers access, visualization, querying and processing of spatial data and an active user interaction. The key of the application is WPS. Additionally, other processing solutions (like making queries with the spatial database) are discussed. In brief, this work presents an overview of the current technology and possible solutions for integrating spatial processes on the web and proposes some guidelines to implement them in a fully working system

Enabling Context-Aware Web Services: A Middleware Approach for Ubiquitous Environments

In ubiquitous environments, mobile applications should sense and react to environmental changes to provide a better user experience. In order to deal with these concerns, Service-Oriented Architectures (SOA) provide a solution allowing applications to interact with the services available in their surroundings. In particular, context-aware Web Services can adapt their behavior considering the user context. However, the limited resources of mobile devices restrict the adaptation degree. Furthermore, the diverse nature of context information makes difficult its retrieval, processing and distribution. To tackle these challenges, we present the CAPPUCINO platform for executing context-aware Web Services in ubiquitous environments. In particular, in this chapter we focus on the middleware part that is built as an autonomic control loop that deals with dynamic adaptation. In this autonomic loop we use FraSCAti, an implementation of the Service Component Architecture (SCA) specification, as the execution kernel for Web Services. The context distribution is achieved with SPACES, a flexible solution based on REST (REpresentational State Transfer ) principles and benefiting from the COSMOS (COntext entitieS coMpositiOn and Sharing ) context manage- ment framework. The application of our platform is illustrated with a mobile commerce application scenario that combines context-aware Web Services and social networks

Runtime Detection and Prevention for Structure Query Language Injection Attacks

The use of Internet services and web applications has grown rapidly because of user demand. At the same time, the number of web application vulnerabilities has increased as a result of mistakes in the development where some developers gave the security aspect a lower priority than aspects like application usability. An SQL (structure query language) injection is a common vulnerability in web applications as it allows the hacker or illegal user to have access to the web application’s database and therefore damage the data, or change the information held in the database. This thesis proposes a new framework for the detection and prevention of new and common types of SQL injection attacks. The programme of research is divided in several work packages that start from addressing the problem of the web application in general and SQL injection in particular and discuss existing approaches. The other work packages follow a constructive research approach. The framework considers existing and new SQL injection attacks. The framework consists of three checking components; the first component will check the user input for existing attacks, the second component will check for new types of attacks, and the last component will block unexpected responses from the database engine. Additionally, our framework will keep track of an ongoing attack by recording and investigating user behaviour. The framework is based on the Anatempura tool, a runtime verification tool for Interval Temporal Logic properties. Existing attacks and good/bad user behaviours are specified using Interval Temporal Logic, and the detection of new SQL injection attacks is done using the database observer component. Moreover, this thesis discusses a case study where various types of user behaviour are specified in Interval Temporal Logic and show how these can be detected. The implementation of each component has been provided and explained in detail showing the input, the output and the process of each component. Finally, the functionality of each checking component is evaluated using a case study. The user behaviour component is evaluated using sample attacks and normal user inputs. This thesis is summarized at the conclusion chapter, the future work and the limitations will be discussed. This research has made the following contributions: • New framework for detection and prevention of SQL injection attacks. • Runtime detection: use runtime verification technique based on Interval Temporal logic to detect various types of SQL injection attacks. • Database observer: to detect possible new injection attacks by monitoring database transactions. • User’s behaviour: investigates related SQL injection attacks using user input, and providing early warning against SQL injection attacks

A QoS-Aware BPEL Framework for Service Selection and Composition Using QoS Properties

Abstract—The promise of service oriented computing, and the availability of web services in particular, promote delivery of services and creation of new services composed of existing services – service components are assembled to achieve integrated computational goals. Business organizations strive to utilize the services and to provide new service solutions and they will need appropriate tools to achieve these goals. As web and internet based services grow into clouds, inter-dependency of services and their complexity increases tremendously. The cloud ontology depicts service layers from a high-level, such as Application and Software, to a low-level, such as Infrastructure and Platform. Each component resides at one layer can be useful to others as a service. It hints the amount of complexity resulting from not only horizontal but also vertical integrations in building and deploying a composite service. Our framework tackles the complexity of the selection and composition issues with additional qualitative information to the service descriptions using Business Process Execution Language (BPEL). Engineers can use BPEL to explore design options, and have the QoS properties analyzed for the design. QoS properties of each service are annotated with our extension to Web Service Description Language (WSDL). In this paper, we describe our framework and illustrate its application to one QoS property, performance. We translate BPEL orchestration and choreography into appropriate queuing networks, and analyze the resulting model to obtain the performance properties of the composed service. Our framework is also designed to support utilizations of other QoS extensions of WSDL, adaptable business logic languages, and composition models for other QoS properties

Organising the knowledge space for software components

Software development has become a distributed, collaborative process based on the assembly of off-the-shelf and purpose-built components. The selection of software components from component repositories and the development of components for these repositories requires an accessible information infrastructure that allows the description and comparison of these components. General knowledge relating to software development is equally important in this context as knowledge concerning the application domain of the software. Both form two pillars on which the structural and behavioural properties of software components can be addressed. Form, effect, and intention are the essential aspects of process-based knowledge representation with behaviour as a primary property. We investigate how this information space for software components can be organised in order to facilitate the required taxonomy, thesaurus, conceptual model, and logical framework functions. Focal point is an axiomatised ontology that, in addition to the usual static view on knowledge, also intrinsically addresses the dynamics, i.e. the behaviour of software. Modal logics are central here – providing a bridge between classical (static) knowledge representation approaches and behaviour and process description and classification. We relate our discussion to the Web context, looking at Web services as components and the Semantic Web as the knowledge representation framewor

Fault Tolerance Framework for Composite Web Services

A composite Web service combines multiple, logically interrelated services for creating more common services meeting complex requirements from users. The services participating in a composition coordinate the actions of distributed activity using Web services protocols to reach consistent agreement on the outcome of joint operation. However, as services run over unreliable protocols, there is a great chance that services fail due to the failure of protocols. However, current protocol standards provide fault-tolerance but are limited to backward recovery using expensive compensation and roll-back strategies. This paper gives an extension of the existing Web services business activity (WS-BA) protocol to deal with failures using forward recovery approach. A set of common failure types affecting the execution of component services is identified, and recovery solutions for each identified failure are also presented. The fault-handling extension of the WS-BA protocol implements recovery solutions for each of the identified failures to handle failures at runtime. Another important aspect about which the WS-BA protocol specification is unclear is reaching and notifying consistent outcome on the completion of joint work. This study extends the WS-BA protocol to notify consistent outcome reached by all participating services. The implementation and testing of the framework are performed using the model-checking and verification tool UPPAAL. A well-known application example supports the study. The key properties of the framework, like the execution of corresponding recovery actions in cases of failures and reaching a consistent agreement on the outcome of joint operation, are verified

Strategies for including cloud-computing into an engineering modeling workflow

With the advent of cloud computing, high-end computing, networking, and storage resources are available on-demand at a relatively low price point. Internet applications in the consumer and increasingly in the enterprise space are making use of these resources to upgrade existing applications and build new ones. This is made possible by building decentralized applications that can be integrated with one another through web-enabled application programming interfaces (APIs). However, in the fields of engineering and computational science, cloud computing resources have been utilized primarily to augment existing high-performance computing hardware, but engineering model integrations still occur by the use of software libraries. In this research, a novel approach is proposed where engineering models are constructed as independent services that publish web-enabled APIs. To enable this, the engineering models are built as stateless microservices that solve a single computational problem. Composite services are then built utilizing these independent component models, much like in the consumer application space. Interactions between component models is orchestrated by a federation management system. This proposed approach is then demonstrated by disaggregating an existing monolithic model for a cookstove into a set of component models. The component models are then reintegrated and compared with the original model for computational accuracy and run-time. Additionally, a novel engineering workflow is proposed that reuses computational data by constructing reduced-order models (ROMs). This framework is evaluated empirically for a number of producers and consumers of engineering models based on computation and data synchronization aspects. The framework is also evaluated by simulating an engineering design workflow with multiple producers and consumers at various stages during the design process. Finally, concepts from the federated system of models and ROMs are combined to propose the concept of a hybrid model (information artefact). The hybrid model is a web-enabled microservice that encapsulates information from multiple engineering models at varying fidelities, and responds to queries based on the best available information. Rules for the construction of hybrid models have been proposed and evaluated in the context of engineering workflows

A UI-driven approach to facilitating effective development of rich and composite web applications

It is well-recognized that the development of user interfaces is one of the most time-consuming tasks in the overall application development process. At the same time, there is an increasing demand for rich and fluid user interfaces from web users. As a result, developers are facing increasing challenges in delivering web applications, especially those with rich UI requirements. In this thesis we present two solutions to facilitate the execution and rapid development of web applications with rich user interfaces. The first solution is a rich internet application (RIA) framework aimed at providing high usability and productivity to web applications, while the second solution is a UI integration framework that simplifies web application development by facilitating the composition of reusable UI components. The foundation of our RIA framework is an XML-based high-level protocol for communicating asynchronous events and incremental UI updates on the web. The protocol facilitates rich and highly interactive UI, while at the same time eliminates frequent and slow page refreshes and provides a more responsive user experience. Built on top of the protocol, a server-side runtime allows UI logic code to be executed on the server side, while a set of server-side event-driven API enables developers to implement sophisticated application-specific UI behavior. On the client side, a thin client renders UI and processes native events, but leaves application-specific logic to the server side. The thin client thus allows end users to enjoy a rich UI experience in a safe client environment, without executing any downloaded code. The proposed UI integration framework includes an abstract UI component model which allows UI components to be programmatically manipulated via events, operations, and properties, essentially exposing UI as services. To facilitate component interactions, the framework offers an event-based composition model, which allows integration logic to be specified in the form of event listeners. Composite applications are executed via a lightweight runtime middleware, which provides component adapters that allow the middleware to communicate with native UI components implemented in a variety of languages and platforms. Finally, a graphical development environment allows composite applications to be built in a drag-and-drop fashion

The GNAT library for local and remote gene mention normalization

Summary: Identifying mentions of named entities, such as genes or diseases, and normalizing them to database identifiers have become an important step in many text and data mining pipelines. Despite this need, very few entity normalization systems are publicly available as source code or web services for biomedical text mining. Here we present the Gnat Java library for text retrieval, named entity recognition, and normalization of gene and protein mentions in biomedical text. The library can be used as a component to be integrated with other text-mining systems, as a framework to add user-specific extensions, and as an efficient stand-alone application for the identification of gene and protein names for data analysis. On the BioCreative III test data, the current version of Gnat achieves a Tap-20 score of 0.1987