Considerations of service assembly based on the analysis of data flows between services

Service composition research mostly focuses on the dynamic (workflow) aspects of compositions. In this paper we consider the static component of service composition and focus on analyzing the data flows between services within a composition. We argue that compatibility of service interfaces is a necessary precondition for service composability, and we show that data flow analysis can be applied to the problem of service composition design to identify compatible service interfaces and to minimize data coupling between services. © 2008 IEEE

Interim research assessment 2003-2005 - Computer Science

This report primarily serves as a source of information for the 2007 Interim Research Assessment Committee for Computer Science at the three technical universities in the Netherlands. The report also provides information for others interested in our research activities

Privacy-preserved security-conscious framework to enhance web service composition

The emergence of loosely coupled and platform-independent Service-Oriented Computing (SOC) has encouraged the development of large computing infrastructures like the Internet, thus enabling organizations to share information and offer valueadded services tailored to a wide range of user needs. Web Service Composition (WSC) has a pivotal role in realizing the vision of implementing just about any complex business processes. Although service composition assures cost-effective means of integrating applications over the Internet, it remains a significant challenge from various perspectives. Security and privacy are among the barriers preventing a more extensive application of WSC. First, users possess limited prior knowledge of security concepts. Second, WSC is hindered by having to identify the security required to protect critical user information. Therefore, the security available to users is usually not in accordance with their requirements. Moreover, the correlation between user input and orchestration architecture model is neglected in WSC with respect to selecting a high performance composition execution process. The proposed framework provides not only the opportunity to securely select services for use in the composition process but also handles service users’ privacy requirements. All possible user input states are modelled with respect to the extracted user privacy preferences and security requirements. The proposed approach supports the mathematical modelling of centralized and decentralized orchestration regarding service provider privacy and security policies. The output is then utilized to compare and screen the candidate composition routes and to select the most secure composition route based on user requests. The D-optimal design is employed to select the best subset of all possible experiments and optimize the security conscious of privacy-preserving service composition. A Choreography Index Table (CIT) is constructed for selecting a suitable orchestration model for each user input and to recommend the selected model to the choreographed level. Results are promising that indicate the proposed framework can enhance the choreographed level of the Web service composition process in making adequate decisions to respond to user requests in terms of higher security and privacy. Moreover, the results reflect a significant value compared to conventional WSC, and WSC optimality was increased by an average of 50% using the proposed CIT

Automated Realistic Test Input Generation and Cost Reduction in Service-centric System Testing

Service-centric System Testing (ScST) is more challenging than testing traditional software due to the complexity of service technologies and the limitations that are imposed by the SOA environment. One of the most important problems in ScST is the problem of realistic test data generation. Realistic test data is often generated manually or using an existing source, thus it is hard to automate and laborious to generate. One of the limitations that makes ScST challenging is the cost associated with invoking services during testing process. This thesis aims to provide solutions to the aforementioned problems, automated realistic input generation and cost reduction in ScST. To address automation in realistic test data generation, the concept of Service-centric Test Data Generation (ScTDG) is presented, in which existing services used as realistic data sources. ScTDG minimises the need for tester input and dependence on existing data sources by automatically generating service compositions that can generate the required test data. In experimental analysis, our approach achieved between 93% and 100% success rates in generating realistic data while state-of-the-art automated test data generation achieved only between 2% and 34%. The thesis addresses cost concerns at test data generation level by enabling data source selection in ScTDG. Source selection in ScTDG has many dimensions such as cost, reliability and availability. This thesis formulates this problem as an optimisation problem and presents a multi-objective characterisation of service selection in ScTDG, aiming to reduce the cost of test data generation. A cost-aware pareto optimal test suite minimisation approach addressing testing cost concerns during test execution is also presented. The approach adapts traditional multi-objective minimisation approaches to ScST domain by formulating ScST concerns, such as invocation cost and test case reliability. In experimental analysis, the approach achieved reductions between 69% and 98.6% in monetary cost of service invocations during testin