Relooking at services science and services innovation

In lots of countries, service economy has become the dominant economy. Modern services industries require talents skillful at multidiscipline subjects including IT services, business models, management skills, psychology, etc. There is the rise of services science, service-oriented computing, and services computing. The multidiscipline features bring new challenges for services science. In this paper, we go beyond the traditional view of services and propose a three-layer framework for services science and services innovation. The framework covers service needs, service competencies, and service resources. We believe that these are the common building blocks and foundations for modern services industries. We use Amazon as an example to show the relevant of the framework for analyzing patterns of services innovation. We also use this framework to derive a set of service curricula for training talents for modern services.

The WSLA Framework: Specifying and Monitoring Service Level Agreements for Web Services

We describe a novel framework for specifying and monitoring Service Level Agreements (SLA) for Web Services. SLA monitoring and enforcement become increasingly important in a Web Service environment where enterprise applications and services rely on services that may be subscribed dynamically and on-demand. For economic and practical reasons, we want an automated provisioning process for both the service itself as well as the SLA managment system that measures and monitors the QoS parameters, checks the agreed-upon service levels, and reports violations to the authorized parties involved in the SLA management process. Our approach to these issues is presented in this paper. The Web Service Level Agreement (WSLA) framework is targeted at defining and monitoring SLAs for Web Services. Although WSLA has been designed for a Web Services environment, it is applicable as well to any inter-domain management scenario, such as business process and service management, or the management of networks, systems and applications in general. The WSLA framework consists of a flexible and extensible language based on XML Schema and a runtime architecture comprising several SLA monitoring services, which may be outsourced to third parties to ensure a maximum of objectivity. WSLA enables service customers and providers to unambiguously define a wide variety of SLAs, specify the SLA parameters and the way they are measured, and relate them to managed resource instrumentations. Upon receipt of an SLA specification, the WSLA monitoring services are automatically configured to enforce the SLA. An implementation of the WSLA framework, termed SLA Compliance Monitor, is publicly available as part of the IBM Web Services Toolkit.     

Modelling,validating, and ranking of secure service compositions

In the world of large‐scale applications, software as a service (SaaS) in general and use of microservices, in particular, is bringing service‐oriented architectures to a new level: Systems in general and systems that interact with human users (eg, sociotechnical systems) in particular are built by composing microservices that are developed independently and operated by different parties. At the same time, SaaS applications are used more and more widely by enterprises as well as public services for providing critical services, including those processing security or privacy of relevant data. Therefore, providing secure and reliable service compositions is increasingly needed to ensure the success of SaaS solutions. Building such service compositions securely is still an unsolved problem. In this paper, we present a framework for modelling, validating, and ranking secure service compositions that integrate both automated services as well as services that interact with humans. As a unique feature, our approach for ranking services integrates validated properties (eg, based on the result of formally analysing the source code of a service implementation) as well as contractual properties that are part of the service level agreement and, thus, not necessarily ensured on a technical level.     

Bailout forward contracts for edge-to-edge internet services

Despite the huge success of the Internet in providing basic communication services, its economic architecture needs to be upgraded so as to provide end-to-end guaranteed or more reliable services to its customers. Currently, a user or an enterprise that needs end-to-end bandwidth guarantees between two arbitrary points in the Internet for a short period of time has no way of expressing its needs. To allow these much needed basic services, we propose a single-domain edge-to-edge (g2g) dynamic capacity contracting mechanism, where a network customer can enter into a bandwidth contract on a g2g path at a future time, at a predetermined price. For practical and economic viability, such forward contracts must involve a bailout option to account for bandwidth becoming unavailable at service delivery time, and must be priced appropriately to enable Internet Service Providers (ISPs) manage risks in their contracting and investments. Our design allows ISPs to advertise point-to-point different prices for each of their g2g paths instead of the current point-to-anywhere prices, allowing discovery of better end-to-end paths, temporal flexibility and efficiency of bandwidth usage. We compute the risk-neutral prices for these g2g bailout forward contracts (BFCs), taking into account correlations between different contracts due to correlated demand patterns and overlapping paths. We apply this multiple g2g BFC framework on network models with Rocketfuel topologies. We evaluate our contracting mechanism in terms of key network performance metrics like fraction of bailouts, revenue earned by the provider, and adaptability to link failures. We also explore the tradeoffs between complexity of pricing and performance benefits of our BFC mechanism.     

Static and dynamic adaptations for service-based systems

Context

In service-oriented computing (SOC), service providers publish reusable services, and service consumers subscribe them. However, there exist potential problems in reusing services. Mismatch is a problem that occurs when a candidate service does not fully match to the feature expected. Fault is a problem that occurs when an invocation of services results in some abnormality at runtime. Without remedying mismatch problems, services would not be reusable. Without remedying fault problems, service invocations at runtime would result in failures. Static and dynamic adaptations are practical approaches to remedying the problems.

Objective

Our objective is to define a comprehensive framework which includes a design of service adaptation framework (SAF), and design of static and dynamic adapters.

Method

We design the SAF which governs dynamic adaptations, and define a service life-cycle with adaptation-related activities. Based on causal–effect relationships among mismatch, fault, cause, and adapter, we derive mismatches and faults, from which their relevant causes are identified. For the causes, we define six static adapters and five dynamic adapters. We specify instructions for designing static adapters, and provide step-wise algorithms for designing dynamic adapters based on enterprise service bus (ESB). And, we show a proof-of-concept (POC) of implementation to show applicability of the methods.

Results

The paper presents service life-cycle with adaptation-related activities, SAF design, and design of static and dynamic adapters.

Conclusion

Mismatch and fault problems in utilizing services present threats to high reusability of services. Static adaptations can remedy mismatch problems, and dynamic adaptations can remedy fault problems. In this paper, we presented technical insights of service adaption, SAF design, and definitions of static and dynamic adapters. By utilizing the proposed SAF and service adapters, reusability of services can be greatly enhanced.     

Efficient change management in long-term composed services

We present an efficient framework for managing changes in Long-term Composed Services (LCSs). Because we assume LCSs outsource their functionality from autonomous third-party Web service providers, there is a need to select the best Web service replacements when changes are induced at the LCS level. We propose a framework where managing changes in LCSs is modeled as a dual service query optimization process. In the first phase, reputation is used as a trust mechanism to weed out those Web services that do not exhibit acceptable reputation. In the second phase, the non-functional requirements represented in and by the Quality of Web Service (QoWS) are used to further narrow down the set of reputable Web services to those that also best adhere to the QoWS requirements.     

Building Manageable Multimedia Network Services

The paper addresses the problem of designing and realizing manageable multimedia network services. We argue that open interface between the service delivery and the service management systems can be defined using design patterns, i.e., generic object models. As an example, we introduce a generic object model that makes instances of a network service accessible to the management system. The model includes a set of cooperating objects that can be customized for particular service and management requirements. By applying this model to the design of mcast, an ATM multicast service, we enable the management system to monitor and control mcast sessions. To validate our approach, we have implemented mcast and the management functions on two different platforms: (1) on a high-performance emulation platform, which allows us to study the system's dynamic behavior and scaling properties in various scenarios; (2) on a broadband testbed, on which network services can be fully implemented, including the transport between multimedia devices. We outline a specific technique that allows us to run the same code, without changes, on both platforms.     

A generic architecture for autonomic service and network management

As the Internet evolves into an all-IP communication infrastructure, a key issue to consider is that of creating and managing IP-based services with efficient resource utilization in a scalable, flexible, and automatic way. In this paper, we present the Autonomic Service Architecture (ASA), a uniform framework for automated management of both Internet services and their underlying network resources. ASA ensures the delivery of services according to specific service level agreements (SLAs) between customers and service providers. As an illustrative example, ASA is applied to the management of DiffServ/MPLS networks, where we propose an autonomic bandwidth sharing scheme. With the proposed scheme, the bandwidth allocated for each SLA can be automatically adjusted according to the measured traffic load and under policy control for efficient resource utilization, while SLA compliance over the network is always guaranteed.     

Minimum-cost delegation in service composition

The paradigm of automated service composition through the integration of existing services promises a fast and efficient development of new services in cooperative service (e.g., business) environments. Although the “why” part of this paradigm is well understood, many key pieces are missing to utilize the available opportunities. Recently “service communities” where service providers with similar interests can register their services are proposed toward realizing this goal. In these communities, requests for services posed by users can be processed by delegating them to existing services, and orchestrating their executions. We use a service framework similar to the “Roman” model departing from it particularly assuming service requirements are specified in a sequence form. We also extend the framework to integrate activity processing costs into the delegation computation and to have services with bounded storage as opposed to finite storage. We investigate the problem of efficient processing of service requests in service communities and develop polynomial time delegation techniques guaranteeing optimality.     

A hierarchical, agent-based service oriented architecture for smart environments

Service Oriented Architectures, which allow for the integration of different subsystems and of applications running on different devices and platforms, may be very suitable to solve the problem of service personalization in large smart environments like cities, where the number of potential users and potentially available services is rapidly growing. Taking this into account, we have designed an agent-based service oriented architecture for smart spaces. Two of the greatest challenges in the design of such a solution are providing effective device, service and context federation and composition mechanisms and handling user mobility. For the first challenge, we have designed a hierarchical architecture and developed a set of inheritance, aggregation and access mechanisms for devices, services and context. To handle user mobility, we have followed three different strategies, using stationary, mobile or nomadic agents. In this paper, we describe the main aspects of our architecture and perform an experimental evaluation to determine the advantages and drawbacks of the different strategies.     

Self-organizing network services with evolutionary adaptation

This paper proposes a novel framework for developing adaptive and scalable network services. In the proposed framework, a network service is implemented as a group of autonomous agents that interact in the network environment. Agents in the proposed framework are autonomous and capable of simple behaviors (e.g., replication, migration, and death). In this paper, an evolutionary adaptation mechanism is designed using genetic algorithms (GAs) for agents to evolve their behaviors and improve their fitness values (e.g., response time to a service request) to the environment. The proposed framework is evaluated through simulations, and the simulation results demonstrate the ability of autonomous agents to adapt to the network environment. The proposed framework may be suitable for disseminating network services in dynamic and large-scale networks where a large number of data and services need to be replicated, moved, and deleted in a decentralized manner.     

INSIGNIA: An IP-Based Quality of Service Framework for Mobile ad Hoc Networks

We present the design, implementation, and evaluation of INSIGNIA, an IP-based quality of service framework that supports adaptive services in mobile ad hoc networks. The framework is based on an in-band signaling and soft-state resource management approach that is well suited to supporting mobility and end-to-end quality of service in highly dynamic environments where the network topology, node connectivity, and end-to-end quality of service are time varying. Architecturally INSIGNIA is designed to support fast reservation, restoration, and end-to-end adaptation based on the inherent flexibility and robustness and scalability found in IP networks. We evaluate the framework, paying particular attention to the performance of the in-band signaling system, which helps counter time-varying network dynamics in support of the delivery of adaptive services. Our results show the benefit of our framework under diverse mobility, traffic, and channel conditions.     

SpaceGlue: linking spaces for adaptive service location

We describe a mechanism called SpaceGlue for adaptively locating services based on the preferences and locations of users in a distributed and dynamic network environment. In SpaceGlue, services are bound to physical locations, and a mobile user accesses local services depending on the current space he/she is visiting. SpaceGlue dynamically identifies the relationships between different spaces and links or “glues” spaces together depending on how previous users moved among them and used those services. Once spaces have been glued, users receive a recommendation of remote services (i.e., services provided in a remote space) reflecting the preferences of the crowd of users visiting the area. The strengths of bonds are implicitly evaluated by users and adjusted by the system on the basis of their evaluation. SpaceGlue is an alternative to existing schemes such as data mining and recommendation systems and it is suitable for distributed and dynamic environments. The bonding algorithm for SpaceGlue incrementally computes the relationships or “bonds” between different spaces in a distributed way. We implemented SpaceGlue using a distributed network application platform Ja-Net and evaluated it by simulation to show that it adaptively locates services reflecting trends in user preferences. By using “Mutual Information (MI)” and “F-measure” as measures to indicate the level of such trends and the accuracy of service recommendation, the simulation results showed that (1) in SpaceGlue, the F-measure increases depending on the level of MI (i.e., the more significant the trends, the greater the F-measure values), (2) SpaceGlue achives better precision and F-measure than “Flooding case (i.e., every service information is broadcast to everybody)” and “No glue case” by narrowing appropriate partners to send recommendations based on bonds, and (3) SpaceGlue achieves better F-measure with large number of spaces and users than other cases (i.e., “flooding” and “no glue”). Tomoko Itao is an alumna of NTT Network Innovation Laboratories     

Objective Risk Evaluation for Automated Security Management

Network security depends on a number of factors. And a common characteristic of these factors is that they are dynamic in nature. Such factors include new vulnerabilities and threats, the network policy structure and traffic. These factors can be divided into two broad categories. Network risk and service risk. As the name implies, the former one corresponds to risk associated with the network policy whereas the later one depends on the services and software running on the system. Therefore, evaluating security from both the service and policy perspective can allow the management system to make decisions regarding how a system should be changed to enhance security as par the management objective. Such decision making includes choosing between alternative security architectures, designing security countermeasures, and to systematically modify security configurations to improve security. As there may be real time changes to the network threat, this evaluation must be done dynamically to handle such changes. In this paper, we provide a security metric framework that quantifies objectively the most significant security risk factors, which include existing vulnerabilities, historical trend of vulnerabilities of the remotely accessible services, prediction of potential vulnerabilities for these services and their estimated severity, unused address space and finally propagation of an attack within the network. These factors cover both the service aspect and the network aspect of risk toward a system. We have implemented this framework as a user-friendly tool called Risk based prOactive seCurity cOnfiguration maNAger (ROCONA) and showed how this tool simplifies security configuration management of services and policies in a system using risk measurement and mitigation. We also combine all the components into one single metric and present validation experiments using real-life vulnerability data from National Vulnerability Database (NVD) and show comparison with two existing risk measurement tools.     

A reputation assessment model for trustful service recommendation

Nowadays, software systems are mainly Web front-based, Cloud-deployed and accessible by a wide audience over the Internet. These online systems commonly rely on Service-oriented Architecture principles, where they are built as orchestrations of RESTful (and in some rare cases as SOAP-based) services. Integrating new services in an existing orchestration is a challenging and risky task because trustworthiness of these services is not guaranteed throughout their lifetime. Reputation of services is a good indicator about the overall quality of services, because it reflects consumer satisfaction regarding the service-offered functionality and quality. Thus, reputation of services could be considered in the selection and recommendation of trustworthy services. In this paper, we present a framework for the management of web service reputation to conduct a better service recommendation. We present a reputation assessment model that aggregates fair user feedback ratings. The model includes a mechanism that prevents the introduction of malicious feedback ratings, by penalizing detected specious users. In addition, this framework includes a bootstrapping technique for estimating reputation of newcomer services based on neighbor similarity and initial advertised QoS. A set of experiments has been conducted to evaluate the effectiveness of the proposed framework. The results of these experiments highlighted the potential of our framework. These are presented at the end of the paper.     

Web service API recommendation for automated mashup creation using multi-objective evolutionary search

Modern software development builds on external Web services reuse as a promising way that allows developers delivering feature-rich software by composing existing Web service Application Programming Interfaces, known as APIs. With the overwhelming number of Web services that are available on the Internet, finding the appropriate Web services for automatic service composition, i.e., mashup creation, has become a time-consuming, difficult, and error-prone task for software designers and developers when done manually. To help developers, a number of approaches and techniques have been proposed to automatically recommend Web services. However, they mostly focus on recommending individual services. Nevertheless, in practice, service APIs are intended to be used together forming a social network between different APIs, thus should be recommended collectively. In this paper, we introduce a novel automated approach, called SerFinder, to recommend service sets for automatic mashup creation. We formulate the service set recommendation as a multi-objective combinatorial problem and use the non-dominated sorting genetic algorithm (NSGA-II) as a search method to extract an optimal set of services to create a given mashup. We aim at guiding the search process towards generating the adequate compromise among three objectives to be optimized (i) maximize services historical co-usage, (ii) maximize services functional matching with the mashup requirements, and (iii) maximize services functional diversity. We perform a large-scale empirical experiment to evaluate SerFinder on a benchmark of real-world mashups and services. The obtained results demonstrate the effectiveness of SerFinder in comparison with recent existing approaches for mashup creation and services recommendation. The statistical analysis results provide an empirical evidence that SerFinder, significantly outperforms four state-of-the-art widely-used multi-objective search-based algorithms as well as random search.     

Improving service matching and selection in ubiquitous computing environments: a user study

In large ubiquitous computing environments it is hard for users to identify and activate the electronic services that match their needs. This user study compares the newly developed service matcher system with a conventional system for identifying and selecting appropriate services. The study addresses human factors issues such as usability, trust and service awareness. With the conventional system users have to browse a hierarchical list of currently available services and activate the service that they think satisfies their current needs. With the service matcher users just enter their current need using natural language, after which a wizard, emulating an existing service matcher algorithm, searches for and activates a matching service based on the given need and the users’ location and gaze direction. This study shows that with the hierarchical list, only 66% of the tasks are solved correctly, and females score significantly worse than males. With the service matcher, the performance increases significantly to 84% correctly performed tasks and the gender difference disappears.     

Efficient and reliable service selection for heterogeneous distributed software systems

The service-oriented paradigm is emerging as a new approach to heterogeneous distributed software systems composed of services accessed locally or remotely by middleware technology. How to select the optimal composited service from a set of functionally equivalent services with different quality of service (QoS) attributes has become an active focus of research in the service community. However, existing middleware solutions or approaches are inefficient as they search all solution spaces. More importantly, they inherently neglect QoS uncertainty owing to the dynamic network environment. In this paper, based on a service composition middleware framework, we propose an efficient and reliable service selection approach that attempts to select the best reliable composited service by filtering low-reliability services through the computation of QoS uncertainty. The approach first employs information theory and probability theory to abandon high-QoS-uncertainty services and downsize the solution space. A reliability fitness function is then designed to select the best reliable service for composited services. We experimented with real-world and synthetic datasets and compared our approach with other approaches. Our results show that our approach is not only fast, but also finds more reliable composited services.