Model-Driven Service Level Management

Abstract. Service-level agreements (SLA) definition and monitoring are open issues within the IT Service Management (ITSM) domain. Our main goals are to propose a model-based approach to IT services SLA specification and compliance verification. The specification part will be accomplished by proposing a SLA language -a domain specific language (DSL) for defining quality attributes as non functional requirements (NFRs) in the context of ITSM. Its metamodel will be an extension of the meta-model of an adopted process modeling language for IT services. As such, it will be possible to ground SLA definition on the corresponding IT service model constructs. This will allow that SLA monitoring and compliance validation could occur at a level of abstraction that is understood by all the stakeholders involved in the service specification

QoS-aware Mobile Web Services Discovery Using Utility Functions

Existing QoS-aware Web Services discovery architectures tend to focus solely on fulfilling the requirements of either the client or the provider. However, the interests of the provider and client are not equivalent. The provider’s goal is to maximize the profit and consume the least amount of resources. On the other hand, the client’s selection is determined by their own requirements which do not always reflect the real resource overheads. This research aims to provide a novel mobile Web Services discovery and selection method based on utility functions to balance the requirements for clients and providers. In the mobile environment, it is critical to conserve resource consumption in addition to fulfilling user requirements, as resources such as wireless network bandwidth and mobile device power are precious. The proposed service selection strategy enables service providers to balance the cost/performance ratios and utilize the network bandwidth more effectively, while the clients can still attain the functional and quality levels specified in the service request

Service-level agreements for electronic services

The potential of communication networks and middleware to enable the composition of services across organizational boundaries remains incompletely realized. In this paper, we argue that this is in part due to outsourcing risks and describe the possible contribution of Service-Level Agreements (SLAs) to mitigating these risks. For SLAs to be effective, it should be difficult to disregard their original provisions in the event of a dispute between the parties. Properties of understandability, precision, and monitorability ensure that the original intent of an SLA can be recovered and compared to trustworthy accounts of service behavior to resolve disputes fairly and without ambiguity. We describe the design and evaluation of a domain-specific language for SLAs that tend to exhibit these properties and discuss the impact of monitorability requirements on service-provision practices

A theory and model for the evolution of software services

Software services are subject to constant change and variation. To control service development, a service developer needs to know why a change was made, what are its implications and whether the change is complete. Typically, service clients do not perceive the upgraded service immediately. As a consequence, service-based applications may fail on the service client side due to changes carried out during a provider service upgrade. In order to manage changes in a meaningful and effective manner service clients must therefore be considered when service changes are introduced at the service provider's side. Otherwise such changes will most certainly result in severe application disruption. Eliminating spurious results and inconsistencies that may occur due to uncontrolled changes is therefore a necessary condition for the ability of services to evolve gracefully, ensure service stability, and handle variability in their behavior. Towards this goal, this work presents a model and a theoretical framework for the compatible evolution of services based on well-founded theories and techniques from a number of disparate fields.

Ensuring Service Level Agreements for Composite Services by Means of Request Scheduling

Building distributed systems according to the Service-Oriented Architecture (SOA) allows simplifying the integration process, reducing development costs and increasing scalability, interoperability and openness. SOA endorses the reusability of existing services and aggregating them into new service layers for future recycling. At the same time, the complexity of large service-oriented systems negatively reflects on their behavior in terms of the exhibited Quality of Service. To address this problem this thesis focuses on using request scheduling for meeting Service Level Agreements (SLAs). The special focus is given to composite services specified by means of workflow languages. The proposed solution suggests using two level scheduling: global and local. The global policies assign the response time requirements for component service invocations. The local scheduling policies are responsible for performing request scheduling in order to meet these requirements. The proposed scheduling approach can be deployed without altering the code of the scheduled services, does not require a central point of control and is platform independent. The experiments, conducted using a simulation, were used to study the effectiveness and the feasibility of the proposed scheduling schemes in respect to various deployment requirements. The validity of the simulation was confirmed by comparing its results to the results obtained in experiments with a real-world service. The proposed approach was shown to work well under different traffic conditions and with different types of SLAs

Uncertainty and uncertainty tolerance in service provisioning

PhDService, in general term is a type of economic activity where the consumers utilize labour and/or expertise of others to perform a specific task. The birth and continued growth of the Internet provide a new medium for services to be delivered, and enable services to become widely and readily available. In recent years, the Internet has become an important platform to provide services to the end users. Service provisioning, In the context of computing, is the process of providing users with access to data and technology resources. In a perfect operating environment, the entities involved can expect the system will perform as intended or up to an accepted level of quality. Unfortunately, disruptions or failures can occur which can affect the operation of the service. Thus, the entities involved, in particular the service requester faces a situation whereby the service requester’s belief towards certain process in the service provisioning life cycle is affected, i.e. deviates from the actual truth. This situation whereby the service requester’s belief is affected is referred as an uncertainty. in this thesis, we discuss and explore the issue of uncertainty throughout the service provisioning life cycle and provide a measure to tolerate uncertainty in service provisioning offer through the application of subjective probability framework. This thesis provides several key contributions to address the uncertainty issues in service provision- Ing system in particular, for a service requester to overcome the negative consequence of uncertainty. The key contributions are: (1) introduction to the issue of uncertainty in service provisioning system, (2) a new classification scheme for uncertainties in service provisioning system, (3) a unified view of uncertainty in service provisioning system based on temporal classification, which is linked to service requester’s view, (4) a concept of uncertainty tolerance for service provisioning, (5) an approach and framework for automated uncertainty tolerance in service provisioning offer. The approach and framework for uncertainty tolerance in service provisioning offer presented in this thesis is evaluated through an empirical study. The result from the study shows the viability of the approach and framework of the uncertainty tolerance Mechanism through the application of subjective probability theory. The result also shows the positive outcome of the mechanism in term of higher cumulative utility, and better acceptance rate for the service requester.UNIMAS(Universiti Malaysia Sarawak) Government of Malaysi

Extending Web Service Architecture with a Quality Component: Web Service Architecture and Quality Component

The Web service technology provides standard mechanisms for describing the interface of the services available on the Web, as well as protocols for locating such services and invoking them. Each Web service has an associated Web Services Description Language (WSDL) document which describes how it works and how to invoke it. Such document is registered at a Universal Description, Discovery and Integration (UDDI) registry that provides a discovery service for the WSDL descriptions. The Web services architecture consists of three components: Service Provider, Service Requester and UDDI Registry, and the interactions between them through publish, find, and bind operations. Between finding and binding steps there is another crucial step, which is not fully considered by current approaches. This is the step of selection. The UDDI service registry hosts hundreds of similar Web services, which makes it difficult for the service requesters to choose from them, as the selection is based on the functional properties only. However, many similar services are differentiated by their quality criteria. Therefore, quality criteria are important to be considered in the web service selection. This thesis proposes a quality-based Web service architecture (QWSA) that extends the current Web service architecture with a quality server. The quality server consists of four main components: quality manager, quality matchmaker, quality report analyzer, and quality database. The main purpose of quality server is to assist service requester to select the best available service that fulfils his/her preference by matching between a service requester’s quality requirement and the service providers’ quality specifications. In addition, this thesis reports the development of a quality matchmaking process (QMP) based on the proposed architecture by building a quality service selection system (QSSS). This QSSS has been verified and validated using a case study of Amazon E-commerce service (ECS)

Application of service composition mechanisms to Future Networks architectures and Smart Grids

Aquesta tesi gira entorn de la hipòtesi de la metodologia i mecanismes de composició de serveis i com es poden aplicar a diferents camps d'aplicació per a orquestrar de manera eficient comunicacions i processos flexibles i sensibles al context. Més concretament, se centra en dos camps d'aplicació: la distribució eficient i sensible al context de contingut multimèdia i els serveis d'una xarxa elèctrica intel·ligent. En aquest últim camp es centra en la gestió de la infraestructura, cap a la definició d'una Software Defined Utility (SDU), que proposa una nova manera de gestionar la Smart Grid amb un enfocament basat en programari, que permeti un funcionament molt més flexible de la infraestructura de xarxa elèctrica. Per tant, revisa el context, els requisits i els reptes, així com els enfocaments de la composició de serveis per a aquests camps. Fa especial èmfasi en la combinació de la composició de serveis amb arquitectures Future Network (FN), presentant una proposta de FN orientada a serveis per crear comunicacions adaptades i sota demanda. També es presenten metodologies i mecanismes de composició de serveis per operar sobre aquesta arquitectura, i posteriorment, es proposa el seu ús (en conjunció o no amb l'arquitectura FN) en els dos camps d'estudi. Finalment, es presenta la investigació i desenvolupament realitzat en l'àmbit de les xarxes intel·ligents, proposant diverses parts de la infraestructura SDU amb exemples d'aplicació de composició de serveis per dissenyar seguretat dinàmica i flexible o l'orquestració i gestió de serveis i recursos dins la infraestructura de l'empresa elèctrica.Esta tesis gira en torno a la hipótesis de la metodología y mecanismos de composición de servicios y cómo se pueden aplicar a diferentes campos de aplicación para orquestar de manera eficiente comunicaciones y procesos flexibles y sensibles al contexto. Más concretamente, se centra en dos campos de aplicación: la distribución eficiente y sensible al contexto de contenido multimedia y los servicios de una red eléctrica inteligente. En este último campo se centra en la gestión de la infraestructura, hacia la definición de una Software Defined Utility (SDU), que propone una nueva forma de gestionar la Smart Grid con un enfoque basado en software, que permita un funcionamiento mucho más flexible de la infraestructura de red eléctrica. Por lo tanto, revisa el contexto, los requisitos y los retos, así como los enfoques de la composición de servicios para estos campos. Hace especial hincapié en la combinación de la composición de servicios con arquitecturas Future Network (FN), presentando una propuesta de FN orientada a servicios para crear comunicaciones adaptadas y bajo demanda. También se presentan metodologías y mecanismos de composición de servicios para operar sobre esta arquitectura, y posteriormente, se propone su uso (en conjunción o no con la arquitectura FN) en los dos campos de estudio. Por último, se presenta la investigación y desarrollo realizado en el ámbito de las redes inteligentes, proponiendo varias partes de la infraestructura SDU con ejemplos de aplicación de composición de servicios para diseñar seguridad dinámica y flexible o la orquestación y gestión de servicios y recursos dentro de la infraestructura de la empresa eléctrica.This thesis revolves around the hypothesis the service composition methodology and mechanisms and how they can be applied to different fields of application in order to efficiently orchestrate flexible and context-aware communications and processes. More concretely, it focuses on two fields of application that are the context-aware media distribution and smart grid services and infrastructure management, towards a definition of a Software-Defined Utility (SDU), which proposes a new way of managing the Smart Grid following a software-based approach that enable a much more flexible operation of the power infrastructure. Hence, it reviews the context, requirements and challenges of these fields, as well as the service composition approaches. It makes special emphasis on the combination of service composition with Future Network (FN) architectures, presenting a service-oriented FN proposal for creating context-aware on-demand communication services. Service composition methodology and mechanisms are also presented in order to operate over this architecture, and afterwards, proposed for their usage (in conjunction or not with the FN architecture) in the deployment of context-aware media distribution and Smart Grids. Finally, the research and development done in the field of Smart Grids is depicted, proposing several parts of the SDU infrastructure, with examples of service composition application for designing dynamic and flexible security for smart metering or the orchestration and management of services and data resources within the utility infrastructure

Security policy architecture for web services environment

An enhanced observer is model that observes behaviour of a service and then automatically reports any changes in the state of the service to evaluator model. The e-observer observes the state of a service to determine whether it conforms to and obeys its intended behaviour or policy rules. E-observer techniques address most problems, govern and provide a proven solution that is re-usable in a similar context. This leads to an organisation and formalisation policy which is the engine of the e-observer model. Policies are used to refer to specific security rules for particular systems. They are derived from the goals of management that describe the desired behaviour of distributed heterogeneous systems and networks. These policies should be defended by security which has become a coherent and crucial issue. Security aims to protect these policies whenever possible. It is the first line of protection for resources or assets against events such as loss of availability, unauthorised access or modification of data. The techniques devised to protect information from intruders are general purpose in nature and, therefore, cannot directly enforce security that has no universal definition, the high degree of assurance of security properties of systems used in security-critical areas, such as business, education and financial, is usually achieved by verification. In addition, security policies express the protection requirements of a system in a precise and unambiguous form. They describe the requirements and mechanisms for securing the resources and assets between the sharing parties of a business transaction. However, Service-Oriented Computing (SOC) is a new paradigm of computing that considers "services" as fundamental elements for developing applications/solutions. SOC has many advantages that support IT to improve and increase its capabilities. SOC allows flexibility to be integrated into application development. This allows services to be provided in a highly distributed manner by Web services. Many organisations and enterprises have undertaken developments using SOC. Web services (WSs) are examples of SOC. WSs have become more powerful and sophisticated in recent years and are being used successfully for inter-operable solutions across various networks. The main benefit of web services is that they use machine-to-machine interaction. This leads initially to explore the "Quality" aspect of the services. Quality of Service (QoS) describes many techniques that prioritise one type of traffic or programme that operates across a network connection. Hence, QoS has rules to determine which requests have priority and uses these rules in order to specify their priority to real-time communications. In addition, these rules can be sophisticated and expressed as policies that constrain the behaviour of these services. The rules (policies) should be addressed and enforced by the security mechanism. Moreover, in SOC and in particular web services, services are black boxes where behaviour may be completely determined by its interaction with other services under confederation system. Therefore, we propose the design and implementation of the “behaviour of services,” which is constrained by QoS policies. We formulate and implement novel techniques for web service policy-based QoS, which leads to the development of a framework for observing services. These services interact with each other by verifying them in a formal and systematic manner. This framework can be used to specify security policies in a succinct and unambiguous manner; thus, we developed a set of rules that can be applied inductively to verify the set of traces generated by the specification of our model’s policy. These rules could be also used for verifying the functionality of the system. In order to demonstrate the protection features of information system that is able to specify and concisely describe a set of traces generated, we subsequently consider the design and management of Ponder policy language to express QoS and its associated based on criteria, such as, security. An algorithm was composed for analysing the observations that are constrained by policies, and then a prototype system for demonstrating the observation architecture within the education sector. Finally, an enforcement system was used to successfully deploy the prototype’s infrastructure over Web services in order to define an optimisation model that would capture efficiency requirements. Therefore, our assumption is, tracing and observing the communication between services and then takes the decision based on their behaviour and history. Hence, the big issue here is how do we ensure that some given security requirements are satisfied and enforced? The scenario here is under confederation system and based on the following: System’s components are Web-services. These components are black boxes and designed/built by various vendors. Topology is highly changeable. Consequently, the main issues are: • The proposal, design and development of a prototype of observation system that manages security policy and its associated aspects by evaluating the outcome results via the evaluator model. • Taming the design complexity of the observation system by leaving considerable degrees of freedom for their structure and behaviour and by bestowing upon them certain characteristics, and to learn and adapt with respect to dynamically changing environments.Saudi Arabian Cultural Burea

Service oriented computing for dynamic virtual learning environments

Using the Internet for teaching and learning has become a trend in modern higher education, facilitated through the exploitation of advanced computing technologies. Virtual Learning Environment (VLE) applications support online learning over the Internet, and VLEs have thus emerged as e-learning domains that are essential prerequisites in cutting edge design and implementation technologies in education. Service Oriented Computing (SOC), as a novel software development and implementation approach, has become an active area of research and development. Web services, as an example of SOC, support the integration of software applications in an incremental way, using existing platforms and languages that utilize and adopt existing legacy systems. Thus, VLEs should be particularly well suited to Web ser- vices through the SOC approach. VLE services is a field subjected to continuous development but VLEs as Web services are still not generally accessible for academic institutions, although they have been adopted by some scientific projects. The next generation of VLEs should address the limitations of the current online systems by providing a richer context for online learning, one that is sensitive to the specific domain requirements of e-learning. Web Services Matching and Selection (WSMS), as a part of the functional requirements of Web services, has received less attention from SOC researchers. It involves discovering a set of semantically equivalent services by filtering a set of available services based on service metadata, and instantaneously selecting the best possible service. WSMS is the discovery of a service by a user, where correspondence is established between the objectives of the consumer and the capabilities of the service. It thereby aims to match and select the optimal service that best meets the requestor's needs. The main aim of this doctoral work is to explore novel architectural designs for VLEs, based on the SOC paradigm and its related techniques. In addition, this investigation aims to extend the core ideas behind VLE tools, which are gradually becoming dominant within academic institutes. Another aim is to devise a policy- based technique to enforce security requirements for VLEs and to build a test-bed for VLE security based on Modular Moodle. The fundamental contribution of this thesis that it demonstrates that VLEs can be considered as services, which can be published, discovered and composed as perceived in the SOC paradigm. An additional contribution to the knowledge is that it has built a new extension to the structure of Web services: the Web Services Matching and Selection (WSMS) system. Another contribution to the knowledge is that traditional security requirements have been modified to cater for the highly mobile and changeable environment of VLEs; this has been achieved through policy- based techniques. These contributions to the body of knowledge have been published in learned journals and at conferences