Ensuring and Assessing Architecture Conformance to Microservice Decomposition Patterns

Microservice-based software architecture design has been widely discussed, and best practices have been published as architecture design patterns. However, conformance to those patterns is hard to ensure and assess automatically, leading to problems such as architectural drift and erosion, especially in the context of continued software evolution or large-scale microservice systems. In addition, not much in the component and connector architecture models is specific (only) to the microservices approach, whereas other aspects really specific to that approach, such as independent deployment of microservices, are usually modeled in other views or not at all. We suggest a set of constraints to check and metrics to assess architecture conformance to microservice patterns. In comparison to expert judgment derived from the patterns, a subset of these constraints and metrics shows a good relative performance and potential for automation

Combinatorial Auction-based Mechanisms for Composite Web Service Selection

Composite service selection presents the opportunity for the rapid development of complex applications using existing web services. It refers to the problem of selecting a set of web services from a large pool of available candidates to logically compose them to achieve value-added composite services. The aim of service selection is to choose the best set of services based on the functional and non-functional (quality related) requirements of a composite service requester. The current service selection approaches mostly assume that web services are offered as single independent entities; there is no possibility for bundling. Moreover, the current research has mainly focused on solving the problem for a single composite service. There is a limited research to date on how the presence of multiple requests for composite services affects the performance of service selection approaches. Addressing these two aspects can significantly enhance the application of composite service selection approaches in the real-world. We develop new approaches for the composite web service selection problem by addressing both the bundling and multiple requests issues. In particular, we propose two mechanisms based on combinatorial auction models, where the provisioning of multiple services are auctioned simultaneously and service providers can bid to offer combinations of web services. We mapped these mechanisms to Integer Linear Programing models and conducted extensive simulations to evaluate them. The results of our experimentation show that bundling can lead to cost reductions compared to when services are offered independently. Moreover, the simultaneous consideration of a set of requests enhances the success rate of the mechanism in allocating services to requests. By considering all composite service requests at the same time, the mechanism achieves more homogenous prices which can be a determining factor for the service requester in choosing the best composite service selection mechanism to deploy

An approach to the semantic intelligence cloud

Cloud computing is a disruptive technology that aims to provide a utility approach to computing, where users can obtain their required computing resources without investment in infrastructure, computing platforms or services. Cloud computing resources can be obtained from a number internal or external sources. The heterogeneity of cloud service provision makes comparison of services difficult, with further complexity being introduced by a number of provision approaches such as reserved purchase, on-demand provisioning and spot markets.The aim of the research was to develop a semantic framework for cloud computing services which incorporated Cloud Service Agreements, requirements, pricing and Benefits Management.The proposed approach sees the development of an integrated framework where Cloud Service Agreements describe the relationship between cloud service providers and cloud service users. Requirements are developed from agreements and can use the concepts, relationships and assertions provided as requirements. Pricing in turn is established from requirements. Benefits Management is pervasive across the semantic framework developed.The methods used were to provide a comprehensive review of literature to establish a good theoretical basis for the research undertaken. Then problem solving ontology was developed that defined concepts and relationships for the proposed semantic framework. A number of case studies were used to populate the developed ontology with assertions. Reasoning was used to test the framework was correct.The results produced were a proposed framework of concepts, relationships and assertions for a cloud service descriptions, which are presented as ontology in textual and graphical form. Several parts of the ontology were published on public ontology platforms and, in journal and conference papers.The original contribution to knowledge is seen in the results produced. The proposed framework provides the foundations for development of a unified semantic framework for cloud computing service description and has been used by other researchers developing semantic cloud service description.In the area of Cloud Service Agreements a full coverage of the documents described by major standards organisations have been encoded into the framework. Requirements have been modelled as a unique multilevel semantic representation. Pricing of cloud services has been developed using semantic description that can be mapped to requirements. The existing Benefits Management approach has been reimplemented using semantic description.In conclusion a proposed framework has been developed that allows the semantic description of cloud computing services. This approach provides greater expression than simplistic frameworks that use mathematical formulas or models with simple relationships between concepts. The proposed framework is limited to a narrow area of service description and requires expansion to be viable in a commercial setting.Further work sees the development of software toolsets based on the semantic description developed to realise a viable product for mapping high level cloud service requirements to low level cloud resources

Uma proposta de arquitetura de resiliência computacional para infraestruturas baseadas em SOA de empresas virtuais

Tese (doutorado) - Universidade Federal de Santa Catarina, Centro Tecnológico, Programa de Pós-Graduação em Engenharia de Automação e Sistemas, Florianópolis, 2019Uma Empresa Virtual (EV) é um tipo de rede colaborativa de organizações na qual grupos de empresas se unem dinâmica, lógica e temporariamente para melhor atender a demandas de mercado. Atuando como se fossem uma única empresa, compartilham recursos, custos e riscos de um negócio, representando assim um proeminente modelo de sustentabilidade, especialmente para pequenas e médias empresas. Uma das pré-condições para atuar numa EV é que os sistemas computacionais dos seus membros interoperem para que os processos de negócio associados à EV possam ser executados sem problemas pelos mais diversos sistemas envolvidos. Esta tese explora um cenário onde todos os sistemas das empresas são implementados de uma forma que possam ser expostos como serviços de software numa perspectiva SOA (Service Oriented Architecture), serem invocados pelos processos de negócio da EV em questão e, ao mesmo tempo, possam ser compartilhados com os outros membros. Desta forma, quando uma EV é formada, um grande sistema distribuído baseado em serviços é dinamicamente criado. Dado que em uma EV novas empresas podem entrar e outras sair ao longo de sua existência, tal sistema não é estático, mas sim deve alterar sua composição, tanto em tempo de projeto, quanto em tempo de execução. Como cada empresa pode participar simultaneamente em mais do que uma EV, isso também significa que cada um dos seus serviços poderá estar envolvido ao mesmo tempo em inúmeras orquestrações, porém em diferentes contextos de negócio e requisitos de qualidade de serviço. Este sistema computacional (e seus inúmeros serviços) deve permanecer operacional ao longo de todo ciclo de vida da EV de forma a sustentar a execução dos processos e, assim, do negócio. Em um sistema como esse, largamente distribuído e com serviços implementados em diferentes tecnologias, várias falhas podem ocorrer. Esta tese propõe uma arquitetura computacional para um sistema de resiliência para esse cenário, fazendo com que o sistema como um todo se recupere diante das falhas e mantenha o nível de qualidade de serviço geral do negócio da EV. Após pesquisa na literatura, não foram encontrados trabalhos que cobrissem a área de intersecção entre resiliência, SOA e EV. Baseado no modelo de referência de computação autonômica MAPE-K, a arquitetura proposta é auto resiliente e foi concebida ela mesma como SOA; portanto distribuída, com baixo acoplamento e escalável. Além disso, seu projeto contempla as modernas visões de economia orientada a serviços, compreendendo ecossistemas de provedores de serviços de software. Para garantir a permanência da EV em operação, várias técnicas consolidadas de tolerância a falhas foram empregadas, combinadas e adaptadas ao cenário em questão, atuando tanto reativamente como proativamente, e respeitando os níveis de responsabilidade das camadas de negócio, TI e de infraestrutura computacional. Um robusto protótipo de software foi implementado como prova de conceito, onde se buscou utilizar o maior número possível de padrões abertos de TI. Ele foi avaliado experimentalmente em um cenário controlado de EV. Ao se aplicar indicadores de desempenho de referência, a arquitetura mostrou-se promissora, suportando a execução dos sistemas da EV na quase totalidade dos casos mesmo diante de inúmeras falhas. A implementação teve algumas simplificações e o desenho da arquitetura partiu de uma série de pressupostos. Ao final, conclusões finais do trabalho são apresentadas bem como um conjunto de trabalhos futuros é sugerido.Abstract: Virtual Enterprises (VE) is a type of collaborative networked organization in which groups of companies are dynamically, logically and temporally joined to better meet market demands. Acting as a single company, they share resources, costs and business risks, thus representing a prominent sustainability model, especially for small and medium-sized enterprises. One of the preconditions for operating as an EV is that the members? IT systems should interoperate in way the business processes associated with EV can be executed by the most diverse involved systems without problems. This thesis exploits a scenario where all company systems are implemented in way they can be exposed as software services in the SOA (Service Oriented Architecture) perspective, being invoked by the VE?s business processes and, at the same time, can be shared with the other members. In this way, when an EV is formed, a large distributed service-based system is dynamically created. Given that new companies can enter and other leave a VE during the general VE process, such system is not static, but rather can change its composition, both at design and run time. Yet, since given companies can participate in many EV simultaneously, this also means that their services can be involved in diverse orchestrations although in different business contexts and quality of services requirements. This computational system (and its many services) should remain operating throughout the VE?s life cycle in order to sustain the execution of the processes and thus of the business. In a system like this, widely distributed and with services implemented in different technologies, several failures can occur. This thesis proposes a resilience system computing architecture for this scenario, making the system able to recover from failures while maintaining the level of general service quality of the VE business. After a literature research, no works were found out that covered the intersection area of resilience, SOA and VE. Based on the MAPE-K autonomic computing reference model, the proposed architecture is self-resilient and was conceived as a SOA itself; therefore, it is distributed, loosely coupled and scalable. In addition, its design adopts the modern vision of service-oriented economy, comprising ecosystems of software service providers. In order to guarantee the VE operation, several fault tolerance techniques were used, combined and adapted to that scenario, acting both reactively and pro-actively, and respecting the responsibility levels of the business, IT and computing infrastructure layers. A robust software prototype was implemented as proof of concept, using as many open IT standards as possible. It was evaluated experimentally in a controlled VE scenario. After the application of reference performance indicators, the architecture showed to be promising, supporting the VE?s systems execution in almost all cases in the presence of numerous failures. The implementation has simplifications and the architecture design has adopted several assumptions. Conclusions are presented in the end, including suggestions for future work

Synthesising end-to-end security schemes through endorsement intermediaries

Composing secure interaction protocols dynamically for e-commerce continue to pose a number of challenges, such as lack of standard notations for expressing requirements and the difficulty involved in enforcing them. Furthermore, interaction with unknown entities may require finding common trusted intermediaries. Securing messages sent through such intermediaries require schemes that provide end-to-end security guarantees. In the past, e-commerce protocols such as SET were created to provide such end-to-end guarantees. However, such complex hand crafted protocols proved difficult to model check. This thesis addresses the end-to-end problems in an open dynamic setting where trust relationships evolve, and requirements of interacting entities change over time. Before interaction protocols can be synthesised, a number of research questions must be addressed. Firstly, to meet end-to-end security requirements, the security level along the message path must be made to reflect the requirements. Secondly, the type of endorsement intermediaries must reflect the message category. Thirdly, intermediaries must be made liable for their endorsements. This thesis proposes a number of solutions to address the research problems. End-to-end security requirements were arrived by aggregating security requirements of all interacting parties. These requirements were enforced by interleaving and composing basic schemes derived from challenge-response mechanisms. The institutional trust promoting mechanism devised allowed all vital data to be endorsed by authorised category specific intermediaries. Intermediaries were made accountable for their endorsements by being required to discharge or transfer proof obligations placed on them. The techniques devised for aggregating and enforcing security requirements allow dynamic creation of end-to-end security schemes. The novel interleaving technique devised allows creation of provably secure multiparty schemes for any number of recipients. The structured technique combining compositional approach with appropriate invariants and preconditions makes model checking of synthesised schemes unnecessary. The proposed framework combining endorsement trust with schemes making intermediaries accountable provides a way to alleviate distrust between previously unknown e-commerce entities