Modeling and mining of dynamic trust in complex service-oriented systems

The global scale and distribution of companies have changed the economy and dynamics of businesses. Web-based collaborations and cross-organizational processes typically require dynamic and context-based interactions between people and services. However, finding the right partner to work on joint tasks or to solve emerging problems in such scenarios is challenging due to scale and temporary nature of collaborations. Furthermore, actor competencies evolve over time, thus requiring dynamic approaches for their management. Web services and SOA are the ideal technical framework to automate interactions spanning people and services. To support such complex interaction scenarios, we discuss mixed service-oriented systems that are composed of both humans and software services, interacting to perform certain activities. As an example, consider a professional online support community consisting of interactions between human participants and software-based services. We argue that trust between members is essential for successful collaborations. Unlike a security perspective, we focus on the notion of social trust in collaborative networks. We show an interpretative rule-based approach to enable humans and services to establish trust based on interactions and experiences, considering their context and subjective perceptions.     

基于事件驱动的SOA服务组合技术研究

传统基于Bpel的服务组合方式可以满足业务流程相对稳定的业务需求,但在灵活多变的业务环境中,流程可能会不定时变化,此时需要人工暂停服务、修改流程、生成Bpel文件、重新部署发布等繁琐操作,这显然难以满足快速灵活的业务部署需求。此外,为了支持有人工活动参与的服务,基于Bpel的SOA平台大多采用异步回调来实现,但这种实现手段通常需要保留回调句柄,无形中增加了平台构件之间的耦合性,不符合SOA的基本特性。文章研究了一种基于事件驱动的SOA服务组合方式,通过事件处理引擎驱动服务,并可以通过配置业务规则来实现服务之间组合协作,解决传统基于Bpel组合方式的不足。在此基础上,文章搭建了一个基于事件驱动的SOA平台Swift ED-SOA,并通过应用实例验证了ED-SOA的可行性。     

Taking value-networks to the cloud services: security services, semantics and service level agreements

Cloud services have become an emerging solution for organizations striving to address today’s need for agility, but little research has addressed transitioning multiple, collaborating organizations to what can be referred to as a “value-network cloud.” We know that organizations adopting cloud services to execute business processes must concomitantly reconfigure their security solutions for their integrated intra- and inter-organizational collaborations. We address the question, “What is needed to make it possible for an entire value-network to take secure, collaborative business process executions to the cloud?” Future value-network cloud solutions will require completely new security approaches that will leverage contracted brokering solutions operating as part of the cloud solution. We view value-network cloud security service provisioning as a bundle decision characterized by a mix of communication patterns relevant to intra- and inter-enterprise collaboration. We propose a cloud service broker model—using semantics and SLA based middleware—to serve as a trusted interface between the enterprise, cloud service providers and other organizations collaborating in a value-network. The approach enables IT governance for value-network cloud services. The architectural requirements adapt design principles for infrastructure management tailored from approaches to how business cartels historically conducted secure business dealings.     

A semantical framework to engineering WSBPEL processes

Web services promise the interoperability of various applications running on heterogeneous platforms over the Internet, and are gaining more and more attention. Web service composition refers to the process of combining Web services to provide value-added services, which has received much interest in supporting enterprize application integration. Industry standards for Web Service composition, such as WSBPEL, provide the notation and additional control mechanisms for the execution of business processes in Web service collaborations. However, these standards do not provide support for checking interesting properties related to Web Service and process behavior. In an attempt to fill this gap, we describe a formalization of WSBPEL business processes, that adds communications semantics to the specifications of interacting Web services, and uses a formal logic to model their dynamic behavior, which enables their formal analysis and the inference of relevant properties of the systems being built.     

B2B collaboration through web services-based multi-agent system

Web services open a door for better B2B collaboration in large distributed environment such as Internet. Process-oriented systems like workflow management systems have been taking the main role for web service-based B2B collaboration in such an environment. However, conventional workflow management systems don’t offer complete solutions for B2B collaborations considering many unsolved issues such as security, trust and complex and flexible interaction handling. In this paper, we propose a web service-based multi-agent platform, which can be used as a complementary solution for B2B collaborations. It fits naturally into the B2B interaction model and provides a very loosely coupled open system architecture.     

面向SOA的密码服务安全框架研究

SOA环境下用户管理的分布性、业务协作的动态性、以及服务的开放性给密码服务带来了极大的安全挑战。文章建立了一种安全框架,该框架定义了完整的安全服务集合和接口,可满足密码服务安全接入、访问控制、安全共享的特殊要求,为面向SOA的密码服务提供了安全保障。     

Taxonomy of trust relationships in authorization domains for cloud computing

Cloud computing is revealing a new scenario where different cloud customers need to collaborate to meet client demands. The cloud stack must be able to support this situation by enabling collaborative agreements between cloud customers. However, these collaborations entail new security risks since participating entities should trust each other to share a set of resources. The management of trust relationships in the cloud is gaining importance as a key element to establish a secure environment where entities are given full control in the definition of which particular services or resources they are willing to share. Entities can cooperate at different levels of trust, according to their willingness of sharing information. This paper analyses these collaboration agreements defining a taxonomy of different levels of trust relationships among customers for the cloud. Privacy concerns, assumed risk, as well as easiness in the definition of the trust relationships have been taken into account. A set of different trust relationships have been identified and modeled, enabling entities to control the information they share with others in the cloud. The proposed model has been validated with a prototypical implementation. Likewise, some examples to illustrate the application of these trust models to common cloud collaboration scenarios are provided.     

一个基于服务层叠网的分层服务组合框架

随着Internet上Web服务数量的不断增长,这些服务能够互联形成一个应用层的逻辑网络--服务层叠网(service overlay network,简称SON).基于SON,通过服务的组合提供增值服务,是满足用户动态、多变的功能及非功能需求的一种有效的方法.但是,已有基于SON的QoS感知的服务组合研究主要是面向服务间具有简单交互行为的应用领域,难以支持电子商务等具有复杂业务协作特征的应用场景.为此,通过使用业务协议刻画服务间的组合关系,从而构建更具普适性的SON;建立主动服务层叠网(active service overlay network,简称ASON)以实现可编程的服务层叠网,支持按需的服务组合;提出了一个基于主动服务层叠网的分层服务组合框架(hierachical service composition framework based on service overlay networks,简称HOSS),通过将业务协议(而不是消息)作为需求描述的基本单元,提升软件开发效率,并将服务组合需求映射为SON的动态用户视图以实现按需的组合.     

Dynamic composition and optimization of Web services

Process-based composition of Web services has recently gained significant momentum for the implementation of inter-organizational business collaborations. In this approach, individual Web services are choreographed into composite Web services whose integration logics are expressed as composition schema. In this paper, we present a goal-directed composition framework to support on-demand business processes. Composition schemas are generated incrementally by a rule inference mechanism based on a set of domain-specific business rules enriched with contextual information. In situations where multiple composition schemas can achieve the same goal, we must first select the best composition schema, wherein the best schema is selected based on the combination of its estimated execution quality and schema quality. By coupling the dynamic schema creation and quality-driven selection strategy in one single framework, we ensure that the generated composite service comply with business rules when being adapted and optimized.     

Dynamic SOA Framework to Support Ad Hoc Enterprise Alliance Formation

Collaboration among businesses is needed to successfully fulfill a given task and goal. Service-Oriented Architecture (SOA) has been regarded as an efficient platform to support flexible interoperability among various enterprises by discovering, selecting and composing services. However, since a large number of enterprises have been participating in this SOA platform, relationships among these enterprises are getting too complicated to obtain flexibility and scalability for efficient collaboration. Thereby, in this paper, we propose a dynamic SOA platform to discover service chains for building ad hoc enterprise alliances where the only relevant enterprises are sorted out and merged. As a result, given an event, decision makers can find out which enterprises (and services from the enterprises) might be selected for their collaboration. The proposed SOA platform has been applied to mobile advertisement application as a case study. With respect to two indicators (i.e., precision and agility), we have shown that the proposed SOA outperforms traditional enterprise collaboration schemes.     

面向跨企业多方协同应用的Web服务安全模型

现有的Web服务安全工具仅提供单个服务的安全策略配置功能,忽略了业务流程层面的安全需求。为此,提出一种面向跨企业多方协同应用的Web服务安全模型,将Web服务安全建模、部署与监控过程,融合到企业业务流程管理过程中。在此基础上构造基于Secure-WSCDL的建模工具、转换工具和监控工具,实现SOA架构下业务模型与安全建模在软件工程生命周期中的同步。通过简化的国际贸易进出口流程实例,验证了该模型与相应工具的有效性。     

Business processes oriented heterogeneous systems integration platform for networked enterprises

Supply chains, dynamic alliances, e-business, extended enterprises, and virtual organizations are typical networked enterprises which are formed based on partner companies’ core competencies. Different partners have different infrastructures; the interoperability among heterogeneous systems is the solid foundation for the networked enterprise to work seamlessly and effectively. Due to the distributed and heterogeneous characteristics of different partner companies, it is a big challenge to implement a satisfying and cost effective solution in the networked enterprise.Aiming at the problems of system integration and cross-system interoperability, Service-Oriented Architecture (SOA) provides a new integration pattern and relative system infrastructure. The key for the development and implementation of SOA is services encapsulation and orchestration of applications through certain mechanism to operate a complex business. However, cross infrastructures services access protection and relative services orchestration are still the bottleneck for the SOA implementation.This paper develops a business processes oriented heterogeneous systems integration platform with relative methodology for networked enterprises integration. The platform is a space distributed and management centralized platform for networked enterprises. The service access agent (SAA) mechanism is developed to realize cross-domains identity authentication, service authorization, and information transmission security. Every Web service or SAA in the platform has a unique ID. The interoperating process only relies on IDs, which endows the platform with a loose coupling feature. Aiming at service orchestration, a graphic service process modelling method is developed, with which the developed process model can link atom Web services and form a complex service. The Java based service orchestration tool provides an ESB (Enterprise Service Bus) independent service orchestration and deployment. Those services that are results of orchestration can be orchestrated as an atom service in another orchestrating process. Thus, the platform can support orchestration decomposition. The structure approach of the business process modelling based platform implementation is developed, which provides a guideline for platform installation, services modelling, service encapsulation, service orchestration, and service deployment. Two cases are provided to illustrate the usage of the platform in industries. The development of this platform is an open source project.     

基于区块链的物联网任务协作信任管理方案

在物联网智能设备任务协作场景中,为解决设备交互不受信以及存在恶意设备破坏协作的问题,提出一种基于区块链的信任管理方案。半分布式的架构克服了集中式和分布式架构的不足,任务协作过程中兼顾了双方的信任,并设计了审查机制确保任务评价的真实可靠。信任的衡量中使用狄利克雷分布模拟任务评价的多样性,构建信任为数个状态,并利用马尔可夫链评估信任状态和全局信任。仿真结果表明,提出的方案可以客观衡量设备的信任,同时在检测恶意设备、提高协作任务成功率及避免误判方面具有优势,因此可以有效确保任务交互的可信和协作环境的安全。     

Testing and verification in service‐oriented architecture: a survey

Service‐oriented architecture (SOA) is gaining momentum as an emerging distributed system architecture for business‐to‐business collaborations. This momentum can be observed in both industry and academic research. SOA presents new challenges and opportunities for testing and verification, leading to an upsurge in research. This paper surveys the previous work undertaken on testing and verification of service‐centric systems, which in total are 177 papers, showing the strengths and weaknesses of current strategies and testing tools and identifying issues for future work. Copyright © 2012 John Wiley & Sons, Ltd.     

Domain-specific portal for the precision component and tooling industry in Singapore—needs analysis and a test-bed implementation

This paper presents the observations and implications of Internet-based collaborative design and manufacturing in Singapore for targeted domain-specific areas—more specifically, the die and mould industry. Based on a survey, the issues faced by local companies are summarized and possible solutions are proposed. To promote the use of Internet for collaborative design, manufacturing and business in the local manufacturing industry, a test-bed domain-specific portal has been developed to facilitate collaborations among companies with their customers, suppliers and partners. Various technologies for value-added collaboration services are investigated and developed. These aim to facilitate business collaboration, such as partner selection, order process collaboration and collaborative planning, as well as engineering collaboration, such as collaborative product and tooling design and rapid prototyping over the Internet. The architecture of the e-manufacturing portal is presented and the collaborative technologies are introduced.     

The process map as an instrument to standardize processes: design and application at a financial service provider

The standardization of processes and the identification of shared business services in a service-oriented architecture (SOA) are currently widely discussed. Above all in practice, however, there still is a lack of appropriate instruments to support these tasks. In this paper an approach for a process map is introduced which allows for a systematic presentation—as complete as possible—of the processes in an enterprise (division). After a consistent refinement of the process has taken place by means of aggregation/disaggregation respectively, generalization/specialization relations, it is possible to identify primarily functional similarities of the detailed sub-processes. The application of the process map at a financial service provider (FSP) highlights how these similarities can be taken as a basis to standardize processes and to identify shared services.     

The influence of SOA governance mechanisms on IT flexibility and service reuse

While many firms have introduced SOA, only one in five have achieved anticipated benefits such as increased IT flexibility or reuse. Industry analysts assume that a lack of SOA governance is the main reason why SOA projects fail. Addressing the substantial research gap on SOA governance this paper theoretically and empirically investigates which SOA governance mechanisms are needed to achieve the benefits of SOA, such as increasing IT flexibility and reusing services. The proposed theoretical SOA governance model is evaluated using data from 81 SOA-using organizations.Overall, the results confirm the relevance of a variety of SOA governance mechanisms (structures, processes, and employees/relations), but at the same time, that IT infrastructure flexibility and service reuse are influenced by different mechanisms. Key governance mechanisms that show a strong effect on infrastructure flexibility are using standards, service management processes, educating employees, and IT/business communication while reuse can only be increased through service management, standards and qualification. Contrary to expectations, implementing new, dedicated decision-making bodies for SOA hampers organizations in achieving higher degrees of IT flexibility and reuse, and a firm is better off using existing IT decision-making bodies.     

基于SOA 构建企业信息化流程集成平台

由于历史原因,国内各企业已建设的业务流程管理系统多数情况下是互相割裂的,很难做到数据、信息、流程、业务的共享,无法支撑跨系统的端到端流程。为了解决贯穿多系统、多部门复合流程实现困难的问题,本文基于SOA的设计理念,结合目前成熟的技术,提出了跨系统的企业信息化流程集成平台解决方案,并给出了该平台的架构设计思路,通过集成平台的建设可以最终实现共享数据服务和共享业务流程服务的目的。