Engineering Secure Adaptable Web Services Compositions

Service-oriented architecture defines a paradigm for building applications by assembling autonomous components such as web services to create web service compositions. Web services are executed in complex contexts where unforeseen events may compromise the security of the web services composition. If such compositions perform critical functions, prompt action may be required as new security threats may arise at runtime. Manual interventions may not be ideal or feasible. To automatically decide on valid security changes to make at runtime, the composition needs to make use of current security context information. Such security changes are referred to as dynamic adaptation. This research proposes a framework to develop web services compositions that can dynamically adapt to maintain the same level of security when unforeseen security events occur at runtime. The framework is supported by mechanisms that map revised security requirements arising at runtime to a new security configuration plan that is used to adapt the web services composition

An Event-Driven Integration Platform for Context-Aware Web Services

Abstract: Web services are nowadays one of the preferred technologies to implement serviceoriented architectures and to communicate distributed applications. On the other hand, contextawareness is highly demanded for distributed applications. However, even though there are excellent tools and frameworks for service development, getting services to be context-aware is still under investigation. In turn, an Enterprise Service Bus (ESB) is a standards-based integration platform, which provides mediation capabilities (e.g. routing, transformation). ESBs are being increasingly used in conjunction with Complex Event Processing (CEP) engines to support event-driven architectures scenarios. In this regard, this paper proposes an ESB-based integration platform which, leveraging its mediation capabilities and a CEP engine, allows the construction of context-aware web services. Concretely, CEP techniques are used to detect the complex situations that may affect services and mediation mechanisms are used to adapt service requests and responses to make them context-aware

Evolving Software Systems for Self-Adaptation

There is a strong synergy between the concepts of evolution and adaptation in software engineering: software adaptation refers to both the current software being adapted and to the evolution process that leads to the new adapted software. Evolution changes for the purpose of adaptation are usually made at development or compile time, and are meant to handle predictable situations in the form of software change requests. On the other hand, software may also change and adapt itself based on the changes in its environment. Such adaptive changes are usually dynamic, and are suitable for dealing with unpredictable or temporary changes in the software's operating environment. A promising solution for software adaptation is to develop self-adaptive software systems that can manage changes dynamically at runtime in a rapid and reliable way. One of the main advantages of self-adaptive software is its ability to manage the complexity that stems from highly dynamic and nondeterministic operating environments. If a self-adaptive software system has been engineered and used properly, it can greatly improve the cost-effectiveness of software change through its lifespan. However, in practice, many of the existing approaches towards self-adaptive software are rather expensive and may increase the overall system complexity, as well as subsequent future maintenance costs. This means that in many cases, self-adaptive software is not a good solution, because its development and maintenance costs are not paid off. The situation is even worse in the case of making current (legacy) systems adaptive. There are several factors that have an impact on the cost-effectiveness and usability of self-adaptive software; however the main objective of this thesis is to make a software system adaptive in a cost-effective way, while keeping the target adaptive software generic, usable, and evolvable, so as to support future changes. In order to effectively engineer and use self-adaptive software systems, in this thesis we propose a new conceptual model for identifying and specifying problem spaces in the context of self-adaptive software systems. Based on the foundations of this conceptual model, we propose a model-centric approach for engineering self-adaptive software by designing a generic adaptation framework and a supporting evolution process. This approach is particularly tailored to facilitate and simplify the process of evolving and adapting current (legacy) software towards runtime adaptivity. The conducted case studies reveal the applicability and effectiveness of this approach in bringing self-adaptive behaviour into non-adaptive applications that essentially demand adaptive behaviour to sustain

Data Driven Adaptation of Heterogeneous Service-Oriented Processes

Η με βάση τα δεδομένα προσαρμογή διαδικασιών αποτελεί μια επέκταση της έννοιας των Δυναμικών και με βάση τα Δεδομένα Καθοδηγουμενων Συστήματων (DDDAS) όπως αυτά έχουν καθοριστεί από την Δαρεμά. Συγεκριμένα όπως και στα DDDAS συστήματα η προσέγγιση μας επιτρέπει την προσφορά προσαρμοζόμενων διαδικασιών χρησιμοποιώντας διαθέσιμες πληροφορίες και υπηρεσίες. H προσφορά προσαρμοζόμενων διαδικασιών περιλαμβάνει την αναγνώριση και χρήση πιθανών εναλλακτικών μονοπατιών εκτέλεσης (ή διαδρομών) για την επίτευξη των στόχων και υπό-στόχων της κάθε διαδικασίας. Τα εναλλακτικά μονοπάτια λαμβάνουν υπόψη και χρησιμοποιούν σχετικές πληροφορίες ή/και υπηρεσίες (ή συνθέσεις υπηρεσιών). Για την αναζήτηση των πιθανών εναλλακτικών χρησιμοποιούνται τεχνικές από το χώρο της Τεχνητής Νοημοσύνης Σχεδιασμού (AI Planning) και της υπολογιστικής Πλαισίου (Context-Aware computing) κατά τον χρόνο διάθεσης της διαδικασίας. Κατά τον υπολογισμό των πιθανών εναλλακτικών, στόχος της προσέγγισης μας είναι η μείωση των βημάτων εκτέλεσης, δλδ του πλήθους των εργασιών της διαδικασίας που έχουν οριστείIn principle the Data-Driven Process Adaptation (DDPA) approach is based on the concept of Dynamic Data Driven Application Systems (DDDAS) as this is stated by Darema in [8]. In accordance to the DDDAS notion such systems support the utilization of appropriate information at specific decision points so as to make real systems more efficient. In this regard, DDPA accommodates the provision of adaptable service processes by exploiting the use of information available to the process environment in addition to existing services. Adaptation in the context of our approach includes the identification and use of possible alternatives for the achievement of the goals and sub-goals defined in a process; alternatives include the utilization of available related information and/or services (or service chains). Data-Driven adaptation incorporates AI planning and Context-Aware Computing techniques to support the identification of possible alternatives at deployment time. When calculating the possible alternatives the goal of our approach is to reduce the number of steps, i.e. number of process tasks, defined in the original process

Supporting Quality of Service in Scientific Workflows

While workflow management systems have been utilized in enterprises to support businesses for almost two decades, the use of workflows in scientific environments was fairly uncommon until recently. Nowadays, scientists use workflow systems to conduct scientific experiments, simulations, and distributed computations. However, most scientific workflow management systems have not been built using existing workflow technology; rather they have been designed and developed from scratch. Due to the lack of generality of early scientific workflow systems, many domain-specific workflow systems have been developed. Generally speaking, those domain-specific approaches lack common acceptance and tool support and offer lower robustness compared to business workflow systems. In this thesis, the use of the industry standard BPEL, a workflow language for modeling business processes, is proposed for the modeling and the execution of scientific workflows. Due to the widespread use of BPEL in enterprises, a number of stable and mature software products exist. The language is expressive (Turingcomplete) and not restricted to specific applications. BPEL is well suited for the modeling of scientific workflows, but existing implementations of the standard lack important features that are necessary for the execution of scientific workflows. This work presents components that extend an existing implementation of the BPEL standard and eliminate the identified weaknesses. The components thus provide the technical basis for use of BPEL in academia. The particular focus is on so-called non-functional (Quality of Service) requirements. These requirements include scalability, reliability (fault tolerance), data security, and cost (of executing a workflow). From a technical perspective, the workflow system must be able to interface with the middleware systems that are commonly used by the scientific workflow community to allow access to heterogeneous, distributed resources (especially Grid and Cloud resources). The major components cover exactly these requirements: Cloud Resource Provisioner Scalability of the workflow system is achieved by automatically adding additional (Cloud) resources to the workflow system’s resource pool when the workflow system is heavily loaded. Fault Tolerance Module High reliability is achieved via continuous monitoring of workflow execution and corrective interventions, such as re-execution of a failed workflow step or replacement of the faulty resource. Cost Aware Data Flow Aware Scheduler The majority of scientific workflow systems only take the performance and utilization of resources for the execution of workflow steps into account when making scheduling decisions. The presented workflow system goes beyond that. By defining preference values for the weighting of costs and the anticipated workflow execution time, workflow users may influence the resource selection process. The developed multiobjective scheduling algorithm respects the defined weighting and makes both efficient and advantageous decisions using a heuristic approach. Security Extensions Because it supports various encryption, signature and authentication mechanisms (e.g., Grid Security Infrastructure), the workflow system guarantees data security in the transfer of workflow data. Furthermore, this work identifies the need to equip workflow developers with workflow modeling tools that can be used intuitively. This dissertation presents two modeling tools that support users with different needs. The first tool, DAVO (domain-adaptable, Visual BPEL Orchestrator), operates at a low level of abstraction and allows users with knowledge of BPEL to use the full extent of the language. DAVO is a software that offers extensibility and customizability for different application domains. These features are used in the implementation of the second tool, SimpleBPEL Composer. SimpleBPEL is aimed at users with little or no background in computer science and allows for quick and intuitive development of BPEL workflows based on predefined components

Advancing Operating Systems via Aspect-Oriented Programming

Operating system kernels are among the most complex pieces of software in existence to- day. Maintaining the kernel code and developing new functionality is increasingly compli- cated, since the amount of required features has risen significantly, leading to side ef fects that can be introduced inadvertedly by changing a piece of code that belongs to a completely dif ferent context. Software developers try to modularize their code base into separate functional units. Some of the functionality or “concerns” required in a kernel, however, does not fit into the given modularization structure; this code may then be spread over the code base and its implementation tangled with code implementing dif ferent concerns. These so-called “crosscutting concerns” are especially dif ficult to handle since a change in a crosscutting concern implies that all relevant locations spread throughout the code base have to be modified. Aspect-Oriented Software Development (AOSD) is an approach to handle crosscutting concerns by factoring them out into separate modules. The “advice” code contained in these modules is woven into the original code base according to a pointcut description, a set of interaction points (joinpoints) with the code base. To be used in operating systems, AOSD requires tool support for the prevalent procedu- ral programming style as well as support for weaving aspects. Many interactions in kernel code are dynamic, so in order to implement non-static behavior and improve performance, a dynamic weaver that deploys and undeploys aspects at system runtime is required. This thesis presents an extension of the “C” programming language to support AOSD. Based on this, two dynamic weaving toolkits – TOSKANA and TOSKANA-VM – are presented to permit dynamic aspect weaving in the monolithic NetBSD kernel as well as in a virtual- machine and microkernel-based Linux kernel running on top of L4. Based on TOSKANA, applications for this dynamic aspect technology are discussed and evaluated. The thesis closes with a view on an aspect-oriented kernel structure that maintains coherency and handles crosscutting concerns using dynamic aspects while enhancing de- velopment methods through the use of domain-specific programming languages

The TASAR Project: Launching Aviation on an Optimized Route Toward Aircraft Autonomy

The Traffic Aware Strategic Aircrew Request (TASAR) concept applies onboard automation for the purpose of advising the pilot of route modifications that would be beneficial to the flight. Leveraging onboard computing platforms with connectivity to avionics and diverse data sources on and off the aircraft, TASAR introduces a new, powerful capability for in-flight trajectory management to the cockpit and its flight crew that is anticipated to induce a significant culture change in airspace operations. Flight crews empowered by TASAR and its derivative technologies could transform from todays flight plan followers to proactive trajectory managers, taking an initial critical step towards increasing autonomy in the airspace system. TASAR was developed as a catalyst for operational autonomy, a future vision where the responsibilities and authorities of trajectory management reside with the aircraft operator and are distributed among participating aircraft, thus fulfilling a vision dating back decades and enabling a fully scalable airspace system. This NASA Technical Paper maps TASAR to its foundational vision and traces its research and development from initial concept generation to an operational evaluation by a U.S. airline in revenue service, the final stage before technology transfer and commercialization

The integrity of digital technologies in the evolving characteristics of real-time enterprise architecture

Advancements in interactive and responsive enterprises involve real-time access to the information and capabilities of emerging technologies. Digital technologies (DTs) are emerging technologies that provide end-to-end business processes (BPs), engage a diversified set of real-time enterprise (RTE) participants, and institutes interactive DT services. This thesis offers a selection of the author’s work over the last decade that addresses the real-time access to changing characteristics of information and integration of DTs. They are critical for RTEs to run a competitive business and respond to a dynamic marketplace. The primary contributions of this work are listed below. • Performed an intense investigation to illustrate the challenges of the RTE during the advancement of DTs and corresponding business operations. • Constituted a practical approach to continuously evolve the RTEs and measure the impact of DTs by developing, instrumenting, and inferring the standardized RTE architecture and DTs. • Established the RTE operational governance framework and instituted it to provide structure, oversight responsibilities, features, and interdependencies of business operations. • Formulated the incremental risk (IR) modeling framework to identify and correlate the evolving risks of the RTEs during the deployment of DT services. • DT service classifications scheme is derived based on BPs, BP activities, DT’s paradigms, RTE processes, and RTE policies. • Identified and assessed the evaluation paradigms of the RTEs to measure the progress of the RTE architecture based on the DT service classifications. The starting point was the author’s experience with evolving aspects of DTs that are disrupting industries and consequently impacting the sustainability of the RTE. The initial publications emphasized innovative characteristics of DTs and lack of standardization, indicating the impact and adaptation of DTs are questionable for the RTEs. The publications are focused on developing different elements of RTE architecture. Each published work concerns the creation of an RTE architecture framework fit to the purpose of business operations in association with the DT services and associated capabilities. The RTE operational governance framework and incremental risk methodology presented in subsequent publications ensure the continuous evolution of RTE in advancements of DTs. Eventually, each publication presents the evaluation paradigms based on the identified scheme of DT service classification to measure the success of RTE architecture or corresponding elements of the RTE architecture