Implementation of Distributed Transactions in BPEL

Cílem této bakalářské práce je implementovat podporu distribuovaných transakcí do projektu RiftSaw tak, aby webové služby mohly být volány v rámci distribuovaných transakcí podnikovými procesy. A to pouze v tom případě, že operace webové služby vyžaduje být provedena v rámci distribuované transakce. Oproti již funkčním implementacím přináší podporu specifikace WS-BusinessActivity a jiný způsob kontroly, zda má podnikový proces použít distribuované transakce u volaných webových služeb.The goal of this work is to implement a support of distributed transactions into the project RiftSaw so that web services can be invoked within distributed transactions by business processes. And only if a web service operation requires to be performed within a distributed transaction. Comparing to already working implementations, the presented sulution brings support of WS-BusinessActivity specification and a different way of checking that a business process use distributed transactions for invoked web services.

A language and toolkit for the specification, execution and monitoring of dependable distributed applications

PhD ThesisThis thesis addresses the problem of specifying the composition of distributed applications out of existing applications, possibly legacy ones. With the automation of business processes on the increase, more and more applications of this kind are being constructed. The resulting applications can be quite complex, usually long-lived and are executed in a heterogeneous environment. In a distributed environment, long-lived activities need support for fault tolerance and dynamic reconfiguration. Indeed, it is likely that the environment where they are run will change (nodes may fail, services may be moved elsewhere or withdrawn) during their execution and the specification will have to be modified. There is also a need for modularity, scalability and openness. However, most of the existing systems only consider part of these requirements. A new area of research, called workflow management has been trying to address these issues. This work first looks at what needs to be addressed to support the specification and execution of these new applications in a heterogeneous, distributed environment. A co- ordination language (scripting language) is developed that fulfils the requirements of specifying the composition and inter-dependencies of distributed applications with the properties of dynamic reconfiguration, fault tolerance, modularity, scalability and openness. The architecture of the overall workflow system and its implementation are then presented. The system has been implemented as a set of CORBA services and the execution environment is built using a transactional workflow management system. Next, the thesis describes the design of a toolkit to specify, execute and monitor distributed applications. The design of the co-ordination language and the toolkit represents the main contribution of the thesis.UK Engineering and Physical Sciences Research Council, CaberNet, Northern Telecom (Nortel)

Dependability analysis of web services

Web Services form the basis of the web based eCommerce eScience applications so it is vital that robust services are developed. Traditional validation and verification techniques are centred around the concept of removing all faults to guarantee correct operation whereas Dependability gives an assessment of how dependably a system can deliver the required functionality by assessing attributes, and by eliminating threats via means attempts to improve dependability. Fault injection is a well-proven dependability assessment method. Although much work has been done in the area of fault injection and distributed systems in general, there appears to have been little research carried out on applying this to middleware systems and Web Services in particular. There are additional problems associated with applying existing fault injection technologies to Web Services running in a virtual machine environment since most are either invasive or work at a machine level. The Fault Injection Technology (FIT) method has been devised to address these problems for middleware systems. The Web Service-Fault Injection Technology (WS-FIT) implementation applies the FIT method, based on network level fault injection, to Web Services to create a non-invasive dependability assessment method. It allows targeted perturbation of Web Service RFC parameters as well as more traditional network level fault injection operations. The WS-FIT tool includes taxonomies that define a system under test, fault models to apply and failure modes to be detected, and uses these taxonomies to generate fault injection campaigns. WS-FIT has been applied to a number of case studies and has successfully demonstrated its effectiveness. It has also been successfully applied to a third-party system to evaluate dependability means. It performed this dependability assessment as well as allowing debugging of the means to be undertaken uncovering unknown faults

Intrusion Tolerance: Concepts and Design Principles. A Tutorial

In traditional dependability, fault tolerance has been the workhorse of the many solutions published over the years. Classical security-related work has on the other hand privileged, with few exceptions, intrusion prevention, or intrusion detection without systematic forms of processing the intrusion symptoms. A new approach has slowly emerged during the past decade, and gained impressive momentum recently: intrusion tolerance. The purpose of this tutorial is to explain the underlying concepts and design principles. The tutorial reviews previous results under the light of intrusion tolerance (IT), introduces the fundamental ideas behind IT, and presents recent advances of the state-of-the-art, coming from European and US research efforts devoted to IT. The program of the tutorial will address: a review of the dependability and security background; introduction of the fundamental concepts of intrusion tolerance (IT); intrusion-aware fault models; intrusion prevention; intrusion detection; IT strategies and mechanisms; design methodologies for IT systems; examples of IT systems and protocol

Adaptation des composants centrée sur l'utilisation

Avec la notion de composant logiciel, la démarche de conception d'applications informatiques a vu apparaître une alternative intéressante à l'approche classique, où le développement est mené selon une approche centralisée. L'idée est en effet de permettre la construction d'applications adaptées aux besoins spécifiques de chaque utilisateur par assemblage de composants préexistants. Néanmoins, le choix de composants prédéfinis, sur étagère, pose le problème de leur adéquation à une utilisation spécifique. Dans ce contexte, la possibilité d'adapter les composants semble cruciale, si l'on souhaite rendre réellement effective l'approche de développement par assemblage de composants. Cette thèse introduit une nouvelle approche de l'adaptation de composants logiciels qui consiste à adapter le composant à ses contextes d'utilisation en se basant sur le point de vue de l'utilisateur. Nous décrivons le profil d'utilisation sous la forme d'un ensemble de triplets dont chacun spécifie les propriétés souhaitées, les réactions correspondantes à traiter dans le cas où une condition n'est pas vérifiée et les échéanciers d'évaluation des propriétés. Nous proposons aussi un service de supervision de composant (SSC) qui repose sur la surveillance de l'état des composants pour obtenir des clichés qui reflètent l'état actuel du composant et les changements récents. Nous définissons également le service de sûreté de service (SSS) qui intercepte les requêtes clientes et qui les délègue vers le composant le plus convenable, tout en gérant l'exécution du composant en fonction du profil d'usage. ABSTRACT : The concept of software component, provides an interesting alternative to the traditional way of designing data-processing applications, where the development is undertaken according to a centralized approach. The idea is indeed to allow the construction of applications adapted to the specific needs for each user by assembling preexistent components. Nevertheless, the choice of off-the-shelf components, raises the problem of their adequacy to a specific use. In this context, the ability to adapt components appears to be crucial, if one wishes to make really effective the approach of development by assembling components. This thesis introduces a new approach of the adaptation of software components which consists in adapting the component to its contexts of use centered on the point of view of the user. We describe a user profile as a set of triples, where each triple specifies the desired properties, the reactions to be run if a condition is not checked and the schedule of evaluation of properties. We propose also a service of supervision of component (SSC) which is based on the monitoring of the state of the components to obtain snapshots which reflect the current state of the component and the recent changes. We also define the service of safety of service (SSS) which intercepts the user requests and delegates them towards the most suitable component, while managing the execution of the component according to the profile of use

Automatic software upgrades for distributed systems

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2004.Includes bibliographical references (p. 156-164).Upgrading the software of long-lived, highly-available distributed systems is difficult. It is not possible to upgrade all the nodes in a system at once, since some nodes may be unavailable and halting the system for an upgrade is unacceptable. Instead, upgrades may happen gradually, and there may be long periods of time when different nodes are running different software versions and need to communicate using incompatible protocols. We present a methodology and infrastructure that address these challenges and make it possible to upgrade distributed systems automatically while limiting service disruption. Our methodology defines how to enable nodes to interoperate across versions, how to preserve the state of a system across upgrades, and how to schedule an upgrade so as to limit service disrup- tion. The approach is modular: defining an upgrade requires understanding only the new software and the version it replaces. The upgrade infrastructure is a generic platform for distributing and installing software while enabling nodes to interoperate across versions. The infrastructure requires no access to the system source code and is transparent: node software is unaware that different versions even exist. We have implemented a prototype of the infrastructure called Upstart that intercepts socket communication using a dynamically-linked C++ library. Experiments show that Upstart has low overhead and works well for both local-area-and Internet systems.by Sameer Ajmani.Ph.D