End-to-end security in service-oriented architecture

A service-oriented architecture (SOA)-based application is composed of a number of distributed and loosely-coupled web services, which are orchestrated to accomplish a more complex functionality. Any of these web services is able to invoke other web services to offload part of its functionality. The main security challenge in SOA is that we cannot trust the participating web services in a service composition to behave as expected all the time. In addition, the chain of services involved in an end-to-end service invocation may not be visible to the clients. As a result, any violation of client’s policies could remain undetected. To address these challenges in SOA, we proposed the following contributions. First, we devised two composite trust schemes by using graph abstraction to quantitatively maintain the trust levels of different services. The composite trust values are based on feedbacks from the actual execution of services, and the structure of the SOA application. To maintain the dynamic trust, we designed the trust manager, which is a trusted-third party service. Second, we developed an end-to-end inter-service policy monitoring and enforcement framework (PME framework), which is able to dynamically inspect the interactions between services at runtime and react to the potentially malicious activities according to the client’s policies. Third, we designed an intra-service policy monitoring and enforcement framework based on taint analysis mechanism to monitor the information flow within services and prevent information disclosure incidents. Fourth, we proposed an adaptive and secure service composition engine (ASSC), which takes advantage of an efficient heuristic algorithm to generate optimal service compositions in SOA. The service compositions generated by ASSC maximize the trustworthiness of the selected services while meeting the predefined QoS constraints. Finally, we have extensively studied the correctness and performance of the proposed security measures based on a realistic SOA case study. All experimental studies validated the practicality and effectiveness of the presented solutions

Towards adaptive e-learning applications based on Semantic Web Services

The current state of the art in supporting E-Learning objectives is primarily based on providing a learner with learning content by using metadata standards like ADL SCORM 2004 or IMS Learning Design. By following this approach, several issues can be observed including high development costs due to a limited reusability across different standards and learning contexts. To overcome these issues, our approach changes this data-centric paradigm to a highly dynamic service-oriented approach. By following this approach, learning objectives are supported based on a automatic allocation of services instead of a manual composition of learning data. Our approach is fundamentally based on current Semantic Web Service (SWS) technology and considers mappings between different learning metadata standards as well as ontological concepts for E-Learning. Since our approach is based on a dynamic selection and invocation of SWS appropriate to achieve a given learning objective within a specific learning context, it enables the dynamic adaptation to specific learning needs as well as a high level of reusability across different learning contexts

Semantic model-driven development of web service architectures.

Building service-based architectures has become a major area of interest since the advent of Web services. Modelling these architectures is a central activity. Model-driven development is a recent approach to developing software systems based on the idea of making models the central artefacts for design representation, analysis, and code generation. We propose an ontology-based engineering methodology for semantic model-driven composition and transformation of Web service architectures. Ontology technology as a logic-based knowledge representation and reasoning framework can provide answers to the needs of sharable and reusable semantic models and descriptions needed for service engineering. Based on modelling, composition and code generation techniques for service architectures, our approach provides a methodological framework for ontology-based semantic service architecture

A Survey on Service Composition Middleware in Pervasive Environments

The development of pervasive computing has put the light on a challenging problem: how to dynamically compose services in heterogeneous and highly changing environments? We propose a survey that defines the service composition as a sequence of four steps: the translation, the generation, the evaluation, and finally the execution. With this powerful and simple model we describe the major service composition middleware. Then, a classification of these service composition middleware according to pervasive requirements - interoperability, discoverability, adaptability, context awareness, QoS management, security, spontaneous management, and autonomous management - is given. The classification highlights what has been done and what remains to do to develop the service composition in pervasive environments

Forum Session at the First International Conference on Service Oriented Computing (ICSOC03)

The First International Conference on Service Oriented Computing (ICSOC) was held in Trento, December 15-18, 2003. The focus of the conference ---Service Oriented Computing (SOC)--- is the new emerging paradigm for distributed computing and e-business processing that has evolved from object-oriented and component computing to enable building agile networks of collaborating business applications distributed within and across organizational boundaries. Of the 181 papers submitted to the ICSOC conference, 10 were selected for the forum session which took place on December the 16th, 2003. The papers were chosen based on their technical quality, originality, relevance to SOC and for their nature of being best suited for a poster presentation or a demonstration. This technical report contains the 10 papers presented during the forum session at the ICSOC conference. In particular, the last two papers in the report ere submitted as industrial papers

Adressing context-awareness and standards interoperability in e-learning: a service-oriented framework based on IRS III

Current technologies aimed at supporting learning goals primarily follow a data and metadata-centric paradigm. They provide the learner with appropriate learning content packages containing the learning process description as well as the learning resources. Whereas process metadata is usually based on a certain standard specification – such as ADL SCORM or the IMS Learning Design – the used learning resources – data or services - are specific to pre-defined learning contexts, and they are allocated manually at design-time. Therefore, a content package cannot consider the actual learning context, since this is only known at runtime of a learning process. These facts limit the reusability of a content package across different standards and contexts. To overcome these issues, this paper proposes an innovative Semantic Web Service-based approach that changes this data- and metadata-based paradigm to a context-adaptive service-oriented approach. In this approach, the learning process is semantically described as a standard-independent process model decomposed into several learning goals. These goals are accomplished at runtime, based on the automatic allocation of the most appropriate service. As a result, we address the dynamic adaptation to specific context and - providing the appropriate mappings to established metadata standards - we enable the reuse of the defined semantic learning process model across different standards. To illustrate the application of our approach and to prove its feasibility, a prototypical application based on an initial use case scenario is proposed

Component Based System Framework for Dynamic B2B Interaction

Business-to-business (B2B) collaboration is becoming a pivotal way to bring today's enterprises to success in the dynamically changing, e-business environment. Though many business-to-business protocols are developed to support B2B interaction, none are generally accepted. A B2B system should support different B2B protocols dynamically to enable interaction between diverse enterprises. This paper proposes a framework for dynamic B2B interaction. A B2B transaction is divided into the interaction part and business implementation part to support flexible interaction. A component based system framework is proposed,to support the B2B transaction execution. To support. dynamic B2B services, dynamic component composition is required. Service and component notions are combined into a composable service component. The composition architecture is also presented