Situational Enterprise Services

The ability to rapidly find potential business partners as well as rapidly set up a collaborative business process is desirable in the face of market turbulence. Collaborative business processes are increasingly dependent on the integration of business information systems. Traditional linking of business processes has a large ad hoc character. Implementing situational enterprise services in an appropriate way will deliver the business more flexibility, adaptability and agility. Service-oriented architectures (SOA) are rapidly becoming the dominant computing paradigm. It is now being embraced by organizations everywhere as the key to business agility. Web 2.0 technologies such as AJAX on the other hand provide good user interactions for successful service discovery, selection, adaptation, invocation and service construction. They also balance automatic integration of services and human interactions, disconnecting content from presentation in the delivery of the service. Another Web technology, such as semantic Web, makes automatic service discovery, mediation and composition possible. Integrating SOA, Web 2.0 Technologies and Semantic Web into a service-oriented virtual enterprise connects business processes in a much more horizontal fashion. To be able run these services consistently across the enterprise, an enterprise infrastructure that provides enterprise architecture and security foundation is necessary. The world is constantly changing. So does the business environment. An agile enterprise needs to be able to quickly and cost-effectively change how it does business and who it does business with. Knowing, adapting to diffident situations is an important aspect of today’s business environment. The changes in an operating environment can happen implicitly and explicitly. The changes can be caused by different factors in the application domain. Changes can also happen for the purpose of organizing information in a better way. Changes can be further made according to the users' needs such as incorporating additional functionalities. Handling and managing diffident situations of service-oriented enterprises are important aspects of business environment. In the chapter, we will investigate how to apply new Web technologies to develop, deploy and executing enterprise services

Why HTTPS is not Enough -- A Signature-Based Architecture for Trusted Content on the Social Web

Easy to use, interactive web applications accumulating data from heterogeneous sources represent a recent trend on the World Wide Web, referred to as the Social Web. There however, security standards are often disregarded in favor of interface design or brand new features. This prevents the new services from gaining ground in the enterprise, in medical or e-government environments. We propose the deployment of XML Digital Signatures on web content and demonstrate how an architecture enabling for various security properties would look like. The solution proposed will benefit from the research on security engineering in Service-Oriented Architectures and thus allows for an in-depth analysis on the results

Special issue: Development of service-based and agent-based computing systems

This special issue presents the best papers from theworkshops onService-OrientedComputing: Agents, Semantics and Engineering (SOCASE 2010) held in May 2010 in Toronto, Canada and the IEEE 2010 First International Workshop on Service-Oriented Computing and Multi-Agent Systems (SOCMAS 2010) held in July 2010 in Miami, Florida, USA. The goal of the workshops was to present the recent significant developments at the intersections of multi-agent systems, semantic technology, and service-oriented computing, and to promote crossfertilization of techniques. In particular, the workshops attempted to identify techniques from research on multi-agent systems and semantic technology that will have the greatest impact on automating serviceoriented application construction and management, focusing on critical challenges such as service quality assurance, reliability, and adaptability. The areas of service-oriented computing and Semantic Web services offer much of real interest to the multi-agent system community, including similarities in system architectures and provision processes, powerful tools, and the focus on many related issues including quality of service, security, and reliability. In addition, service-oriented computing and Semantic Web services offer various diverse application fields for both the concepts and methodologies of intelligent agent and multi-agent systems. Similarly, techniques developed in the multi-agent systems research community promise to have a strong impact on this fast growing technology. In particular, they enable services to be discovered and enacted across enterprise boundaries. If an organisation bases its success on services provided by others, then it must be able to trust that the services will perform as promised, whenever needed. Researchers in multi-agent systems have investigated such trust mechanisms

UML-SOA-Sec and Saleem's MDS Services Composition Framework for Secure Business Process Modelling of Services Oriented Applications

In Service Oriented Architecture (SOA) environment, a software application is a composition of services, which are scattered across enterprises and architectures. Security plays a vital role during the design, development and operation of SOA applications. However, analysis of today's software development approaches reveals that the engineering of security into the system design is often neglected. Security is incorporated in an ad-hoc manner or integrated during the applications development phase or administration phase or out sourced. SOA security is cross-domain and all of the required information is not available at downstream phases. The post-hoc, low-level integration of security has a negative impact on the resulting SOA applications. General purpose modeling languages like Unified Modeling Language (UML) are used for designing the software system; however, these languages lack the knowledge of the specific domain and "security" is one of the essential domains. A Domain Specific Language (DSL), named the "UML-SOA-Sec" is proposed to facilitate the modeling of security objectives along the business process modeling of SOA applications. Furthermore, Saleem's MDS (Model Driven Security) services composition framework is proposed for the development of a secure web service composition

A mediation framework for web services in a peer-to-peer environment

Centralized architectures based on the client server paradigm show their limits each time the Internet extends its capabilities. They present problems in terms of security, robustness, performance, high needs for administration. Short time solutions like load balancing and replication, or purchasing of more powerful hardware tend to cope with these limits for a while, but do not provide a definitive answer to these problems. Currently, different proprietary approaches hinder attempts to enabling communication between heterogeneous systems, while the Internet is developing toward a better interoperability with service-oriented architectures. Recent open source and standardization efforts allow building a framework providing an original answer to interoperability and scalability over the Internet. The use of Web Services (WS) as a means of communication between information systems, combined with a Peer-to-Peer (P2P) architecture for a more reliable network resources repartition and decentralization, forms a stable base for a new kind of distributed architecture. Furthermore, the composition and aggregation of multiple WS allow providers to supply with large scale meta-services. However, the use of heterogeneous WS in a dynamic context like P2P still faces challenges concerning the matching of WS and their respective interfaces. This paper discusses the use of mediation as an alternative to deal with the constant evolution of Web Services availability, and proposes a framework for a WS-enabled P2P platform. © 2005 IEEE

Model Based Development of Quality-Aware Software Services

Modelling languages and development frameworks give support for functional and structural description of software architectures. But quality-aware applications require languages which allow expressing QoS as a first-class concept during architecture design and service composition, and to extend existing tools and infrastructures adding support for modelling, evaluating, managing and monitoring QoS aspects. In addition to its functional behaviour and internal structure, the developer of each service must consider the fulfilment of its quality requirements. If the service is flexible, the output quality depends both on input quality and available resources (e.g., amounts of CPU execution time and memory). From the software engineering point of view, modelling of quality-aware requirements and architectures require modelling support for the description of quality concepts, support for the analysis of quality properties (e.g. model checking and consistencies of quality constraints, assembly of quality), tool support for the transition from quality requirements to quality-aware architectures, and from quality-aware architecture to service run-time infrastructures. Quality management in run-time service infrastructures must give support for handling quality concepts dynamically. QoS-aware modeling frameworks and QoS-aware runtime management infrastructures require a common evolution to get their integration

Quality-aware model-driven service engineering

Service engineering and service-oriented architecture as an integration and platform technology is a recent approach to software systems integration. Quality aspects ranging from interoperability to maintainability to performance are of central importance for the integration of heterogeneous, distributed service-based systems. Architecture models can substantially influence quality attributes of the implemented software systems. Besides the benefits of explicit architectures on maintainability and reuse, architectural constraints such as styles, reference architectures and architectural patterns can influence observable software properties such as performance. Empirical performance evaluation is a process of measuring and evaluating the performance of implemented software. We present an approach for addressing the quality of services and service-based systems at the model-level in the context of model-driven service engineering. The focus on architecture-level models is a consequence of the black-box character of services