06291 Abstracts Collection -- The Role of Business Processes in Service-Oriented Architectures

The Dagstuhl seminar on emph{The Role of Business Processes in Service Oriented Architectures} (Seminar 06291) took place in July 2006 (16.07.2006-21.07.2006 to be precise). The seminar was attended by more than 40 experts from both academia and industry. Unlike most Dagstuhl seminars there was a high participation from industry (in particular from organizations developing software, e.g., IBM, SAP, Microsoft, Google, etc.). The focal point of the seminar was the marriage of business processes and service oriented architectures. This was reflected by the topics selected by the participants and their background

ACHIEVING AUTONOMIC SERVICE ORIENTED ARCHITECTURE USING CASE BASED REASONING

Service-Oriented Architecture (SOA) enables composition of large and complex computational units out of the available atomic services. However, implementation of SOA, for its dynamic nature, could bring about challenges in terms of service discovery, service interaction, service composition, robustness, etc. In the near future, SOA will often need to dynamically re-configuring and re-organizing its topologies of interactions between the web services because of some unpredictable events, such as crashes or network problems, which will cause service unavailability. Complexity and dynamism of the current and future global network system require service architecture that is capable of autonomously changing its structure and functionality to meet dynamic changes in the requirements and environment with little human intervention. This then needs to motivate the research described throughout this thesis. In this thesis, the idea of introducing autonomy and adapting case-based reasoning into SOA in order to extend the intelligence and capability of SOA is contributed and elaborated. It is conducted by proposing architecture of an autonomic SOA framework based on case-based reasoning and the architectural considerations of autonomic computing paradigm. It is then followed by developing and analyzing formal models of the proposed architecture using Petri Net. The framework is also tested and analyzed through case studies, simulation, and prototype development. The case studies show feasibility to employing case-based reasoning and autonomic computing into SOA domain and the simulation results show believability that it would increase the intelligence, capability, usability and robustness of SOA. It was shown that SOA can be improved to cope with dynamic environment and services unavailability by incorporating case-based reasoning and autonomic computing paradigm to monitor and analyze events and service requests, then to plan and execute the appropriate actions using the knowledge stored in knowledge database

Correctness of services and their composition

We study correctness of services and their composition and investigate how the design of correct service compositions can be systematically supported. We thereby focus on the communication protocol of the service and approach these questions using formal methods and make contributions to three scenarios of SOC.Wir studieren die Korrektheit von Services und Servicekompositionen und untersuchen, wie der Entwurf von korrekten Servicekompositionen systematisch unterstützt werden kann. Wir legen dabei den Fokus auf das Kommunikationsprotokoll der Services. Mithilfe von formalen Methoden tragen wir zu drei Szenarien von SOC bei

Correctness of services and their composition

We study correctness of services and their composition and investigate how the design of correct service compositions can be systematically supported. We thereby focus on the communication protocol of the service and approach these questions using formal methods and make contributions to three scenarios of SOC.Wir studieren die Korrektheit von Services und Servicekompositionen und untersuchen, wie der Entwurf von korrekten Servicekompositionen systematisch unterstützt werden kann. Wir legen dabei den Fokus auf das Kommunikationsprotokoll der Services. Mithilfe von formalen Methoden tragen wir zu drei Szenarien von SOC bei

ACHIEVING AUTONOMIC SERVICE ORIENTED ARCHITECTURE USING CASE BASED REASONING

Service-Oriented Architecture (SOA) enables composition of large and complex computational units out of the available atomic services. However, implementation of SOA, for its dynamic nature, could bring about challenges in terms of service discovery, service interaction, service composition, robustness, etc. In the near future, SOA will often need to dynamically re-configuring and re-organizing its topologies of interactions between the web services because of some unpredictable events, such as crashes or network problems, which will cause service unavailability. Complexity and dynamism of the current and future global network system require service architecture that is capable of autonomously changing its structure and functionality to meet dynamic changes in the requirements and environment with little human intervention. This then needs to motivate the research described throughout this thesis. In this thesis, the idea of introducing autonomy and adapting case-based reasoning into SOA in order to extend the intelligence and capability of SOA is contributed and elaborated. It is conducted by proposing architecture of an autonomic SOA framework based on case-based reasoning and the architectural considerations of autonomic computing paradigm. It is then followed by developing and analyzing formal models of the proposed architecture using Petri Net. The framework is also tested and analyzed through case studies, simulation, and prototype development. The case studies show feasibility to employing case-based reasoning and autonomic computing into SOA domain and the simulation results show believability that it would increase the intelligence, capability, usability and robustness of SOA. It was shown that SOA can be improved to cope with dynamic environment and services unavailability by incorporating case-based reasoning and autonomic computing paradigm to monitor and analyze events and service requests, then to plan and execute the appropriate actions using the knowledge stored in knowledge database

Fuzzy Rule Based Approach for Quality Analysis of Web Service Composition Using Complexity Metrics

Since the human needs are fast changing, the present day software tends to be complex. So, complexity analysis of any software is the one of the challenging areas of research. In the literature review, a good number of articles are available on traditional software complexity analysis; but the complexity analysis of service oriented architecture based software is not studied extensively till date. The web service is the basic building block of SOA. Composition of web service is done through a Business Process Execution Language; but a large number of web service compositions make the software more complex. So, it is necessary to analyze the complexity of BPEL processes. Business activities govern long-running complex composed service. That reduces the service reliability, performability, and others quality attributes. Business process complexity metrics are considered for analysis of composed web service. In this work different complexity metrics are proposed and Fuzzy logic is used for quality analysis of web service composition. This model relates business complexity metrics such as activity complexity, structural complexity, control ow complexity to high-level quality attributes such as functionality, usability, maintainability, reliability, performability using fuzzy rule-based approach

Mining and Improving Composite Web Services Recovery Mechanisms

International audienceEnsuring composite services reliability is a challenging problem. Indeed, due to the inherent autonomy and heterogeneity of Web services it is difficult to predict and reason about the behavior of the overall composite service. Generally, previous approaches develop, using their modeling formalisms, a set of techniques to analyze the composition model and check “correctness” properties. Although powerful, these approaches may fail, in some cases, to ensure CS reliable executions even if they formally validate its composition model. This is because properties specified in the studied composition model remains assumptions that may not coincide with the reality (i.e. effective CS executions). Sharing the same issue, we present a reengineering approach that starts from CS executions log to improve its recovery mechanisms. Basically, we propose a set of mining techniques to discover CS transactional behavior from an event based log. Then, based on this mining step, we use a set of rules in order to improve its reliability

Privacy-preserved security-conscious framework to enhance web service composition

The emergence of loosely coupled and platform-independent Service-Oriented Computing (SOC) has encouraged the development of large computing infrastructures like the Internet, thus enabling organizations to share information and offer valueadded services tailored to a wide range of user needs. Web Service Composition (WSC) has a pivotal role in realizing the vision of implementing just about any complex business processes. Although service composition assures cost-effective means of integrating applications over the Internet, it remains a significant challenge from various perspectives. Security and privacy are among the barriers preventing a more extensive application of WSC. First, users possess limited prior knowledge of security concepts. Second, WSC is hindered by having to identify the security required to protect critical user information. Therefore, the security available to users is usually not in accordance with their requirements. Moreover, the correlation between user input and orchestration architecture model is neglected in WSC with respect to selecting a high performance composition execution process. The proposed framework provides not only the opportunity to securely select services for use in the composition process but also handles service users’ privacy requirements. All possible user input states are modelled with respect to the extracted user privacy preferences and security requirements. The proposed approach supports the mathematical modelling of centralized and decentralized orchestration regarding service provider privacy and security policies. The output is then utilized to compare and screen the candidate composition routes and to select the most secure composition route based on user requests. The D-optimal design is employed to select the best subset of all possible experiments and optimize the security conscious of privacy-preserving service composition. A Choreography Index Table (CIT) is constructed for selecting a suitable orchestration model for each user input and to recommend the selected model to the choreographed level. Results are promising that indicate the proposed framework can enhance the choreographed level of the Web service composition process in making adequate decisions to respond to user requests in terms of higher security and privacy. Moreover, the results reflect a significant value compared to conventional WSC, and WSC optimality was increased by an average of 50% using the proposed CIT

Operating guidelines for services

In the paradigm of service-oriented computing, companies organize their core competencies as services and may request other functionalities from services of other companies. Services provide high flexibility, platform independent loose coupling, and distributed execution. They may thus help to reduce the complexity of dynamically binding and integrating heterogenous processes within and across organizations. The vision of service-oriented architectures is to provide a framework for publishing new services, for on demand searching for and discovery of existing services, and for dynamically binding services to achieve common business goals. That way, each individual organization gains more flexibility to dynamically react on new challenges. As services may be created or modified, or collaborations may be restructured at any point in time, a new challenge arises in this setting—the challenge for deciding the compatibility of the composed services before their actual binding. Recent literature distinguishes four different aspects of service compatibility: syntactical, behavioral, semantical, and non-functional compatibility. In this thesis, we focus on behavioral compatibility and abstract from the other aspects. Potential behavioral incompatibilities between services include deadlocks (two services wait for a message of each other), livelocks (two services keep exchanging messages without progressing), and pending messages that have been sent but cannot be received anymore. For stateful services that interact via asynchronous message passing, deciding behavioral compatibility is far from trivial. Local changes to one service may introduce errors in some or even all other services of an interaction. The verification of behavioral compatibility suffers from state explosion problems and is restricted by privacy issues. That is, the parties of an interaction are essentially autonomous and may be competitors in other business fields. Consequently, they do not want to reveal the internals of their processes to the other participants in order to hide trade secrets. To systematically approach this challenge, we introduce a formal framework based on Petri nets and automata for service modeling and formalize behavioral compatibility as deadlock freedom of the composition of the services. The main contribution of this thesis is to introduce the concept of the operating guideline of a service. Operating guidelines provide a formal characterization of the set of all behaviorally compatible services R for a given service S. Usually, this set is infinite. However, the operating guideline OGS of a service S serves as a finite representation of this infinite set. Furthermore, the operating guideline of S reveals only internals that are inevitably necessary to decide behavioral compatibility with S. We provide a construction method of operating guidelines for finite-state services with bounded communication. Operating guidelines can be used in many applications in the context of serviceoriented computing. The most fundamental application is to support the discovery of behaviorally compatible services. To this end, we develop a matching procedure that efficiently decides whether a given service R is characterized by the operating guideline OGS of a service S. If R matches, then both services R and S are behaviorally compatible and can be bound together to interact with each other. If R does not match with OGS, then the services are behaviorally incompatible and may run into severe behavioral errors and not reach their common business goal. Operating guidelines can furthermore be applied in the novel research areas of service substitutability and the generation of adapter services, for instance. To this end, we develop methods to compare the sets of services characterized by the operating guidelines OGS and OGS0 . If OGS0 characterizes more services than OGS, then the service S can be substituted by the service S0 without loosing any behaviorally compatible interaction partner R. Furthermore, we show how to synthesize a service R from the operating guideline OGS such that R is behaviorally compatible to S by construction. All results presented in this thesis are implemented in our service analysis tool Fiona. Fiona may compute operating guidelines for services modeled as Petri nets. It may match a service with an operating guideline, compare operating guidelines for equivalence or an inclusion relation, and synthesize service adapters for behaviorally incompatible services. Together with the tool BPEL2oWFN— which translates web services specified in BPEL into Petri net models of the services—we can immediately apply our results to services that stem from practic