Dependability analysis of web services

Web Services form the basis of the web based eCommerce eScience applications so it is vital that robust services are developed. Traditional validation and verification techniques are centred around the concept of removing all faults to guarantee correct operation whereas Dependability gives an assessment of how dependably a system can deliver the required functionality by assessing attributes, and by eliminating threats via means attempts to improve dependability. Fault injection is a well-proven dependability assessment method. Although much work has been done in the area of fault injection and distributed systems in general, there appears to have been little research carried out on applying this to middleware systems and Web Services in particular. There are additional problems associated with applying existing fault injection technologies to Web Services running in a virtual machine environment since most are either invasive or work at a machine level. The Fault Injection Technology (FIT) method has been devised to address these problems for middleware systems. The Web Service-Fault Injection Technology (WS-FIT) implementation applies the FIT method, based on network level fault injection, to Web Services to create a non-invasive dependability assessment method. It allows targeted perturbation of Web Service RFC parameters as well as more traditional network level fault injection operations. The WS-FIT tool includes taxonomies that define a system under test, fault models to apply and failure modes to be detected, and uses these taxonomies to generate fault injection campaigns. WS-FIT has been applied to a number of case studies and has successfully demonstrated its effectiveness. It has also been successfully applied to a third-party system to evaluate dependability means. It performed this dependability assessment as well as allowing debugging of the means to be undertaken uncovering unknown faults

Intrusion damage assessment for multi-stage attacks for clouds

Clouds represent a major paradigm shift from contemporary systems, inspiring the contemporary approach to computing. They present fascinating opportunities to address dynamic user requirements with the provision of flexible computing infrastructures that are available on demand. Clouds, however, introducing novel challenges particularly with respect to security that require dedicated efforts to address them. This study is focused at one such challenge, that is, determining the extent of damage caused by an intrusion for a victim virtual machine. It has significant implications especially with respect to effective response to the intrusion. This study presents the efforts to address this challenge for Clouds in the form of a novel scheme for intrusion damage assessment for Clouds. In addition to its context-aware operation, the scheme facilitates protection against multi-stage attacks. The study also includes the formal specification and evaluation of the scheme, which successfully demonstrate its effectiveness to achieve rigorous damage assessment for Clouds

Resilience-Building Technologies: State of Knowledge -- ReSIST NoE Deliverable D12

This document is the first product of work package WP2, "Resilience-building and -scaling technologies", in the programme of jointly executed research (JER) of the ReSIST Network of Excellenc

Conception et mise en oeuvre d'une plate-forme pour la sûreté de fonctionnement des services Web

Les Services Web (SW) constituent la technologie de base pour le développement d'Architectures Orientées Services (AOS). Ces architectures, de plus en plus répandues sur le Net, permettent de mettre en place des applications semi-critiques à échelle planétaire. Elles se basent sur la notion de relation de "service" formalisée par un contrat qui unit le client et le prestataire de services. Dans ce type d'applications, les développeurs d'applications orientées services regardent les Services Web comme des COTS (Component Off-The Shell) et ignorent donc leurs implémentations et leurs comportements en présence de fautes. Dans ce but, cette thèse introduit, dans ce nouveau contexte, la notion de « connecteurs spécifiques de tolérance aux fautes » (SFTC – Specific Fault Tolerance Connectors) capable d'implémenter des applications sûres de fonctionnement à partir de Services Web supposés non-fiables. Composants logiciels insérés entre les clients et les prestataires, les SFTC implémentent des filtres et différentes techniques de détection d'erreurs ainsi que des mécanismes de recouvrement qui sont déclenchés quand les Services Web ne satisfont plus les caractéristiques de sûreté demandées. L'originalité de cette approche est d'utilisé une particularité intéressante du Web qui est la redondance inhérente des services qui s'y trouvent. Cette propriété a permis de définir le concept de Services Web Abstrait (SWA) et de mettre en place des stratégies de recouvrement à l'aide de services équivalents. Ainsi, les « connecteurs » et les « SWA », introduits dans les architectures orientées services, fournissent une approche plus adaptable pour permettre, à des mécanismes de sûreté, d'être définis au cas par cas pour une utilisation donnée du Service Web et d'être modifiés selon la criticité de l'application. Ainsi, mes travaux de recherches ont permis de fournir aux développeurs d'Architectures Orientées Services : 1) le langage nommé DeWeL pour décrire les caractéristiques de sûreté de fonctionnement du connecteur. Ce langage dédié à la réalisation de connecteur impose de fortes restrictions inspirées du monde des logiciels critiques du ferroviaire et de l'avionique afin de diminuer de façon drastique des fautes de développement. 2) l'infrastructure IWSD pour dynamiquement contrôler et exécuter les connecteurs dans des applications critiques. Cette plateforme, réalisé en mode duplex pour tolérer les fautes matérielles et logicielles, permet d'exécuter de façon sûres les connecteurs crées et d'obtenir également des informations sur le caractère non-fonctionnel et opérationnel des Services Web ciblés. Ces informations sont capitales pour permettre aux développeurs de connecteurs d'affiner leurs actions de tolérances aux fautes pour l'application ciblée. Environ deux cents connecteurs ont été implémentés afin de réaliser des tests sur la performance et la robustesse du langage et de la plate-forme permettant ainsi de valider cette approche capable de déployer des applications orientées services semi-critiques tolérant les fautes à l'aide de SWA. ABSTRACT : Web Services (WS) technology is the basis for the development of Service Oriented Architectures (SOA). These architectures are increasingly widespread on the Net and enable developers to implement semi-critical planetary applications. Such applications are based on the notion of service and its attached contract. The contract links a client and a service provider. In this kind of applications, application developers look at Web Services as COTS (Commercial Off-The- Shelf) components, consequently they ignore their implementation and their behaviour in the presence of faults. The thesis proposes the notion of Specific Fault Tolerance Connectors (SFTC) to implement dependable applications out of unreliable Web Services. The connectors intercept client-provider requests and implement filtering, error detection techniques (e.g. runtime assertions) together with recovery mechanisms that are triggered when the WS does not satisfy anymore the dependability specifications. The originality of this approach relies on using an interesting feature of the Web that is the inherent redundancy of services. To take advantage of this, we define the concept of Abstract Web Services (AWS) to implement recovery strategies using equivalent services. Thus, "connectors” and “AWS” allow dependability mechanisms to be defined on a case-by-case basis for a given WS usage and possibly dynamically changed according to the needs. Two specific techniques and tools have been designed and implemented to help developers of Services Oriented Architectures : 1) A domain specific language named DeWeL (DEpendable Web services Language) describing the dependability features of a connector. This language is devoted to the realization of connectors. It imposes strong restrictions enforced by standards for critical railway and avionics software in order to reduce software development faults. 2) A support infrastructure named IWSD (Infrastructure for Web Services Dependability) to dynamically manage and run connectors in real applications. This platform is implemented in duplex mode to tolerate crash faults and provides core services. In particular, it provides support to run connectors and get information on the non-functional and operational behaviour of the targeted Web Services. This information is essential to help developers of connector to adjust their fault-tolerance actions to specific application needs. Approximately two hundred connectors have been implemented in order to realize performance and robustness tests of the language and the platform. These experiments show the interest of our approach to deploy fault-tolerant service oriented applications using AW

Advances in Grid Computing

This book approaches the grid computing with a perspective on the latest achievements in the field, providing an insight into the current research trends and advances, and presenting a large range of innovative research papers. The topics covered in this book include resource and data management, grid architectures and development, and grid-enabled applications. New ideas employing heuristic methods from swarm intelligence or genetic algorithm and quantum encryption are considered in order to explain two main aspects of grid computing: resource management and data management. The book addresses also some aspects of grid computing that regard architecture and development, and includes a diverse range of applications for grid computing, including possible human grid computing system, simulation of the fusion reaction, ubiquitous healthcare service provisioning and complex water systems

Metodología de implantación de modelos de gestión de la información dentro de los sistemas de planificación de recursos empresariales. Aplicación en la pequeña y mediana empresa

La Siguiente Generación de Sistemas de Fabricación (SGSF) trata de dar respuesta a los requerimientos de los nuevos modelos de empresas, en contextos de inteligencia, agilidad y adaptabilidad en un entono global y virtual. La Planificación de Recursos Empresariales (ERP) con soportes de gestión del producto (PDM) y el ciclo de vida del producto (PLM) proporciona soluciones de gestión empresarial sobre la base de un uso coherente de tecnologías de la información para la implantación en sistemas CIM (Computer-Integrated Manufacturing), con un alto grado de adaptabilidad a la estnictura organizativa deseada. En general, esta implementación se lleva desarrollando hace tiempo en grandes empresas, siendo menor (casi nula) su extensión a PYMEs. La presente Tesis Doctoral, define y desarrolla una nueva metodología de implementación pan la generación automática de la información en los procesos de negocio que se verifican en empresas con requerimientos adaptados a las necesidades de la SGSF, dentro de los sistemas de gestión de los recursos empresariales (ERP), atendiendo a la influencia del factor humano. La validez del modelo teórico de la metodología mencionada se ha comprobado al implementarlo en una empresa del tipo PYME, del sector de Ingeniería. Para el establecimiento del Estado del Arte de este tema se ha diseñado y aplicado una metodología específica basada en el ciclo de mejora continua de Shewhart/Deming, aplicando las herramientas de búsqueda y análisis bibliográfico disponibles en la red con acceso a las correspondientes bases de datos