An architecture for certification-aware service discovery

Service-orientation is an emerging paradigm for building complex systems based on loosely coupled components, deployed and consumed over the network. Despite the original intent of the paradigm, its current instantiations are limited to a single trust domain (e.g., a single organization). Also, some of the key promises of service-orientation - such as the dynamic orchestration of externally provided software services, using runtime service discovery and deployment - are still unachieved. One of the main reasons for this is the trust gap that normally arises when software services, offered by previously unknown providers, are to be selected at run-time, without any human intervention. To close this gap, the concept of machine-readable security certificates (called asserts) has been recently introduced, which paves the way to automated processing about security properties of services. Similarly to current security certification schemes, the assessment of the security properties of a service is delegated to an independent third party (certification authority), who issues a corresponding assert, bound to the service. In this paper, we propose an architecture, which exploits the assert concept to realise a certification-aware service discovery framework. The architecture supports the discovery of single services based on certified security properties (in additional to the usual functional properties), as well as the dynamic synthesis of service compositions, that satisfy the given security properties. The architecture is extensible, thus allowing for a range of domain specific matchmaking components, to cover dimensions related to, e.g., performance, cost and other non-functional characteristics

Comparison of web service architecture based on architecture quality properties

Web service research has been focused on the issues of automatic binding, performance, scalability, and security, however, little research has been done in evaluation of web service architectures, namely Broker based. Examples of these are Matchmaker Broker, Layered Matchmaker, Facilitator, Layered facilitator, and Peer to peer (P2P) based, such as P2P Discovery, Match Maker and P2P, Split Code and P2P execution, Mobile Code with P2P etc. Another consideration is its impact on the adoption in distributed Internet environment. In this paper we introduce a methodology for measuring and evaluating web service architecture style, and we present our development of a set of architectural quality properties, and use these quality properties to carry out comparison and contract of current web services architectures. We provide a detailed analysis and critique of these, and these could be served as a guidelines for the next generation of web services development, which could adopted into the distributed environment

Blueprint model and language for engineering cloud applications

Abstract: The research presented in this thesis is positioned within the domain of engineering CSBAs. Its contribution is twofold: (1) a uniform specification language, called the Blueprint Specification Language (BSL), for specifying cloud services across several cloud vendors and (2) a set of associated techniques, called the Blueprint Manipulation Techniques (BMTs), for publishing, querying, and composing cloud service specifications with aim to support the flexible design and configuration of an CSBA.