Facing uncertainty in web service compositions

© 2013 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works[EN] Web service compositions run in complex computing infrastructures where arising events may affect the quality of the system. However, crucial Web service compositions cannot be stopped to apply changes to deal with problematic events. Therefore, the trend is moving towards context-aware Web service compositions, which use context information as a basis for autonomic changes. Under the closed-world assumption, the context and possible adaptations are fully known at design time. Nevertheless, it is difficult to foresee all the possible situations arising in uncertain contexts. In this paper, we leverage models at runtime to guide the dynamic evolution of context-aware Web service compositions to deal with unexpected events in the open world. In order to manage uncertainty, a model that abstracts the Web service composition, self-evolves to preserve requirements. The evolved model guides changes in the underlying WS-BPEL composition schema. A prototype and an evaluation demonstrate the feasibility of our approach.This work has been developed with the support of MICINN under the project everyWare TIN2010-18011 and co-financed with ERDF.Alférez, GH.; Pelechano Ferragud, V. (2013). Facing uncertainty in web service compositions. En Web Services (ICWS), 2013 IEEE 20th International Conference on. IEEE Computer Society. 219-226. https://doi.org/10.1109/ICWS.2013.38S21922

Achieving autonomic Web service compositions with models at runtime

[EN] Several exceptional situations may arise in the complex, heterogeneous, and changing contexts where Web service operations run. For instance, a Web service operation may have greatly increased its execution time or may have become unavailable. The contribution of this article is to provide a tool-supported framework to guide autonomic adjustments of context-aware service compositions using models at runtime. During execution, when problematic events arise in the context, models are used by an autonomic architecture to guide changes of the service composition. Under the closed-world assumption, the possible context events are fully known at design time. Nevertheless, it is difficult to foresee all the possible situations arising in uncertain contexts where service compositions run. Therefore, the proposed framework also covers the dynamic evolution of service compositions to deal with unexpected events in the open world. An evaluation demonstrates that our framework is efficient during dynamic adjustments.Alférez-Salinas, GH.; Pelechano Ferragud, V. (2017). Achieving autonomic Web service compositions with models at runtime. Computers & Electrical Engineering. 63:332-352. doi:10.1016/j.compeleceng.2017.08.004S3323526

Engineering Secure Adaptable Web Services Compositions

Service-oriented architecture defines a paradigm for building applications by assembling autonomous components such as web services to create web service compositions. Web services are executed in complex contexts where unforeseen events may compromise the security of the web services composition. If such compositions perform critical functions, prompt action may be required as new security threats may arise at runtime. Manual interventions may not be ideal or feasible. To automatically decide on valid security changes to make at runtime, the composition needs to make use of current security context information. Such security changes are referred to as dynamic adaptation. This research proposes a framework to develop web services compositions that can dynamically adapt to maintain the same level of security when unforeseen security events occur at runtime. The framework is supported by mechanisms that map revised security requirements arising at runtime to a new security configuration plan that is used to adapt the web services composition

Технологічна модель процесу побудови та використання адаптивної композиції Web-сервісів

Запропоновано модель і технологічну схему процесу побудови й використання композиції Web-сервісів для різнорідних споживачів. Композитний сервіс подано динамічним сімейством його online-варіантів, описаних моделями: властивостей, порівневої варіабельності та ділових процесів і сервісів для елементарних властивостей. Процес побудови утворений операціями функцій управління варіабельністю (її планування, реалізації, моніторингу й актуалізації) цього сімейства в єдиному інформаційному середовищі, керованому моделлю варіабельності. Розроблені моделі разом уможливлюють залучення перспективних технік динамічного автоматизованого композування Web-сервісів як автоматичного планування через перевірку моделей, забезпечуючи порівневу контекстно-залежну адаптивність композитного сервісу, необхідну для його ефективного передбаченого використання

Engineering self-awareness with knowledge management in dynamic systems: a case for volunteer computing

The complexity of the modem dynamic computing systems has motivated software engineering researchers to explore new sources of inspiration for equipping such systems with autonomic behaviours. Self-awareness has recently gained considerable attention as a prominent property for enriching the self-adaptation capabilities in systems operating in dynamic, heterogeneous and open environments. This thesis investigates the role of knowledge and its dynamic management in realising various levels of self-awareness for enabling self­adaptivity with different capabilities and strengths. The thesis develops a novel multi-level dynamic knowledge management approach for managing and representing the evolving knowledge. The approach is able to acquire 'richer' knowledge about the system's internal state and its environment in addition to managing the trade-offs arising from the adaptation conflicting goals. The thesis draws on a case from the volunteer computing, as an environment characterised by openness, heterogeneity, dynamism, and unpredictability to develop and evaluate the approach. This thesis takes an experimental approach to evaluate the effectiveness of the of the dynamic knowledge management approach. The results show the added value of the approach to the self-adaptivity of the system compared to classic self­adaptation capabilities

Value- and debt-aware selection and composition in cloud-based service-oriented architectures using real options

This thesis presents a novel model for service selection and composition in Cloud-based Service-Oriented Architectures (CB-SOA), which is called CloudMTD, using real options, Dependency Structure Matrix (DSM) and propagation-cost metrics. CB-SOA architectures are composed of web services, which are leased or bought off the cloud marketplace. CB-SOA can improve its utility and add value to its composition by substituting its constituent services. The substitution decisions may introduce technical debt, which needs to be managed. The thesis defines the concept of technical debt for CB-SOA and reports on the available technical debt definitions and approaches in the literature. The formulation of service substitution problem and its technical debt valuation is based on options, which exploits Binomial Options Analysis. This thesis looks at different option types under uncertainty. This thesis is concerned with some scenarios that may lead to technical debt, which are related to web service selection and composition that has been driven by either a technical or a business objective. In each scenario, we are interested in three decisions (1) keep, (2) substitute or (3) abandon the current service. Each scenario takes into consideration either one or more QoS attribute dimension (e.g. Availability). We address these scenarios from an option-based perspective. Each scenario is linked to a suitable option type. A specific option type depends on the nature of the application, problem to be investigated, and the decision to be taken. In addition, we use Dependency Structure Matrix (DSM) in order to represent dependencies among web services in CB-SOA. We introduce time and complexity sensitive propagation-cost metrics to DSM to solve the problem. In addition, CloudMTD model informs the time-value of the decisions under uncertainty based on behavioral and structural aspects of CB-SOA

A software development framework for secure microservices

Abstract: The software development community has seen the proliferation of a new style of building applications based on small and specialized autonomous units of computation logic called microservices. Microservices collaborate by sending light-weight messages to automate a business task. These microservices are independently deployable with arbitrary schedules, allowing enterprises to quickly create new sets of business capabilities in response to changing business requirements. It is expected that the use of microservices will become the default style of building software applications by the year 2023, with the microservices’ market projected to reach thirtytwo billion United States of American dollars. The adoption of microservices presents new security challenges due to the way the units of computation logic are designed, deployed and maintained. The decomposition of an application into small independent units increases the attack surface, and makes it a challenge to secure and control network traffic for each unit. These new security challenges cannot be addressed by traditional security strategies. Software engineers developing microservices are facing growing pressure to build secure microservices to ensure the security of business information assets and guarantee business continuity. The research conducted in this thesis proposes a software development framework that software engineers can use to build secure microservices. The framework defines artefacts, development and maintenance activities together with methods and techniques that software engineers can use to ensure that microservices are developed from the ground up to be secure. The goal of the framework is to ensure that microservices are designed and built to be able to detect, react, respond and recover from attacks during day-to-day operations. To prove the capability of the framework, a microservices-based application is developed using the proposed software development framework as part of an experiment to determine its effectiveness. These results, together with a comparative and quality review of the framework indicate that the software development framework can be effectively used to develop secure microservices.Ph.D. (Computer Science

Facing Uncertainty in Web Service Compositions

Web service compositions run in complex computing infrastructures where arising events may affect the quality of the system. However, crucial Web service compositions cannot be stopped to apply changes to deal with problematic events. Therefore, the trend is moving towards context-aware Web service compositions, which use context information as a basis for autonomic changes. Under the closed-world assumption, the context and possible adaptations are fully known at design time. Nevertheless, it is difficult to foresee all the possible situations arising in uncertain contexts. In this paper, we leverage models at runtime to guide the dynamic evolution of context-aware Web service compositions to deal with unexpected events in the open world. In order to manage uncertainty, a model that abstracts the Web service composition, self-evolves to preserve requirements. The evolved model guides changes in the underlying WS-BPEL composition schema. A prototype and an evaluation demonstrate the feasibility of our approach