Comprehensive Monitor-Oriented Compensation Programming

Compensation programming is typically used in the programming of web service compositions whose correct implementation is crucial due to their handling of security-critical activities such as financial transactions. While traditional exception handling depends on the state of the system at the moment of failure, compensation programming is significantly more challenging and dynamic because it is dependent on the runtime execution flow - with the history of behaviour of the system at the moment of failure affecting how to apply compensation. To address this dynamic element, we propose the use of runtime monitors to facilitate compensation programming, with monitors enabling the modeller to be able to implicitly reason in terms of the runtime control flow, thus separating the concerns of system building and compensation modelling. Our approach is instantiated into an architecture and shown to be applicable to a case study.Comment: In Proceedings FESCA 2014, arXiv:1404.043

History-sensitive versus future-sensitive approaches to security in distributed systems

We consider the use of aspect-oriented techniques as a flexible way to deal with security policies in distributed systems. Recent work suggests to use aspects for analysing the future behaviour of programs and to make access control decisions based on this; this gives the flavour of dealing with information flow rather than mere access control. We show in this paper that it is beneficial to augment this approach with history-based components as is the traditional approach in reference monitor-based approaches to mandatory access control. Our developments are performed in an aspect-oriented coordination language aiming to describe the Bell-LaPadula policy as elegantly as possible. Furthermore, the resulting language has the capability of combining both history- and future-sensitive policies, providing even more flexibility and power.Comment: In Proceedings ICE 2010, arXiv:1010.530

Distributed aspect-oriented service composition for business compliance governance with public service processes

Service-Oriented Architecture (SOA) offers a technical foundation for Enterprise Application Integration and business collaboration through service-based business components. With increasing process outsourcing and cloud computing, enterprises need process-level integration and collaboration (process-oriented) to quickly launch new business processes for new customers and products. However, business processes that cross organisations’ compliance regulation boundaries are still unaddressed. We introduce a distributed aspect-oriented service composition approach, which enables multiple process clients hot-plugging their business compliance models (business rules, fault handling policy, and execution monitor) to BPEL business processes

Specifying and Analysing SOC Applications with COWS

COWS is a recently defined process calculus for specifying and combining service-oriented applications, while modelling their dynamic behaviour. Since its introduction, a number of methods and tools have been devised to analyse COWS specifications, like e.g. a type system to check confidentiality properties, a logic and a model checker to express and check functional properties of services. In this paper, by means of a case study in the area of automotive systems, we demonstrate that COWS, with some mild linguistic additions, can model all the phases of the life cycle of service-oriented applications, such as publication, discovery, negotiation, orchestration, deployment, reconfiguration and execution. We also provide a flavour of the properties that can be analysed by using the tools mentioned above

Analytical/ML Mixed Approach for Concurrency Regulation in Software Transactional Memory

In this article we exploit a combination of analytical and Machine Learning (ML) techniques in order to build a performance model allowing to dynamically tune the level of concurrency of applications based on Software Transactional Memory (STM). Our mixed approach has the advantage of reducing the training time of pure machine learning methods, and avoiding approximation errors typically affecting pure analytical approaches. Hence it allows very fast construction of highly reliable performance models, which can be promptly and effectively exploited for optimizing actual application runs. We also present a real implementation of a concurrency regulation architecture, based on the mixed modeling approach, which has been integrated with the open source Tiny STM package, together with experimental data related to runs of applications taken from the STAMP benchmark suite demonstrating the effectiveness of our proposal. © 2014 IEEE

Situational Enterprise Services

The ability to rapidly find potential business partners as well as rapidly set up a collaborative business process is desirable in the face of market turbulence. Collaborative business processes are increasingly dependent on the integration of business information systems. Traditional linking of business processes has a large ad hoc character. Implementing situational enterprise services in an appropriate way will deliver the business more flexibility, adaptability and agility. Service-oriented architectures (SOA) are rapidly becoming the dominant computing paradigm. It is now being embraced by organizations everywhere as the key to business agility. Web 2.0 technologies such as AJAX on the other hand provide good user interactions for successful service discovery, selection, adaptation, invocation and service construction. They also balance automatic integration of services and human interactions, disconnecting content from presentation in the delivery of the service. Another Web technology, such as semantic Web, makes automatic service discovery, mediation and composition possible. Integrating SOA, Web 2.0 Technologies and Semantic Web into a service-oriented virtual enterprise connects business processes in a much more horizontal fashion. To be able run these services consistently across the enterprise, an enterprise infrastructure that provides enterprise architecture and security foundation is necessary. The world is constantly changing. So does the business environment. An agile enterprise needs to be able to quickly and cost-effectively change how it does business and who it does business with. Knowing, adapting to diffident situations is an important aspect of today’s business environment. The changes in an operating environment can happen implicitly and explicitly. The changes can be caused by different factors in the application domain. Changes can also happen for the purpose of organizing information in a better way. Changes can be further made according to the users' needs such as incorporating additional functionalities. Handling and managing diffident situations of service-oriented enterprises are important aspects of business environment. In the chapter, we will investigate how to apply new Web technologies to develop, deploy and executing enterprise services

Aspect-Oriented Techniques for Web Services: a Model-Driven Approach

Web Service technologies offer a successful way for interoperability among applications, but in order to tackle the entire web service life cycle, it is necessary to face how to model systems based on service functionality and also how to add extra-functional properties to modelled services. In this regard, we propose first of all a versatile and simple UML profile based on the Service Component Architecture specification for modelling services, in order to provide a model environment in which to add extra-functional properties. Secondly, a new UML profile is proposed to model and reuse the said extra-functional properties in service models. The implemented models based on these profiles will be independent from a final implementation language or platform, thus it is necessary to specify a particular type of model to convert the independent one into in a subsequent step. In order to meet this requirement an object, an aspect and a policy based models are proposed as the intermediate step between the independent model and the final code. We acknowledge that there are tools available which convert Java models into web services\u27 Java code, and it is not our aim to build a tool to fulfil this requirement. Regarding extra-functional properties, aspect-oriented techniques allow them to be easily modularized and reused; in this respect, properties are implemented as aspects in a totally transparent way and avoid the need to modify service code in an intrusive manner on adding extra-functional properties, improving our system maintenance. Furthermore, this way traceability between the model and the code is perfectly maintained in both directions. This work has been developed thanks to the support of CICYT under contract TIN2005-09405-C02-02

Towards UML Modelling Extra-Functional Properties in Web Services and their Clients

Web Services provide our systems with a platform independent and loosely coupled implementation environment, being time to face how the named systems can be modelled. Service Component Architecture (SCA) allows us to define services independently of the final implementation technology; however, it does not integrate the remaining development stages. Model Driven Architecture provides a method to face all stages in development from the platform independent model to final code, although it is not specific to service technologies. Regarding web service extra-functional properties, WS-Policy establishes how to describe them in a loosely coupled manner; however the loosely coupled environment is not always maintained when modelling or implementing these properties, which can be solved by using aspect-oriented techniques. In this paper, we propose to use a model driven approach for extra-functional properties in SCA service based models, where generated code will consist of the policy description and an aspect-oriented implementation