Linking denotational semantics with operational semantics for web services

Web Services have become more and more important in these years, and BPEL4WS (BPEL) is a de facto standard for the web service composition and orchestration. It contains several distinct features, including the scope-based compensation and fault handling mechanism. The denotational semantics and operational semantics have been explored for BPEL. The two semantic models should be consistent. This paper considers the linking of these two semantics. Our approach is to derive the denotational semantics from operational semantics for BPEL, which aims for the consistency of the two models. Moreover, the derivation can be applied in exploring the program equivalence easily, especially for parallel programs.     

基于Cookie的Web服务安全认证系统

Web服务是一种崭新的分布式计算模式,是下一代电子商务的框架。但Web服务能否顺利发展的关键是其安全问题,对Web服务请求者的身份进行认证是解决安全问题的重要途径。为克服HTTP协议的无状态性,在对基于cookie的认证机制的实现原理和过程进行分析和研究的基础上,提出了一种基于Cookie的认证系统,详细介绍了其工作流程。谊认证系统具备单点登录和适应所有浏览器等特点,比较适合于Web服务在单域内的安全认证。     

Algebraic approach to linking the semantics of web services

Web services have become more and more important in these years, and BPEL4WS (BPEL) is a de facto standard for the web service composition and orchestration. It contains several distinct features, including the scope-based compensation and fault handling mechanism. We have considered the operational semantics and denotational semantics for BPEL, where a set of algebraic laws can be achieved via these two models, respectively. In this paper, we consider the inverse work, deriving the operational semantics and denotational semantics from algebraic semantics for BPEL. In our model, we introduce four types of typical programs, by which every program can be expressed as the summation of these four types. Based on the algebraic semantics, the strategy for deriving the operational semantics is provided and a transition system is derived by strict proof. This can be considered as the soundness exploration for the operational semantics based on the algebraic semantics. Further, the equivalence between the derivation strategy and the derived transition system is explored, which can be considered as the completeness of the operational semantics. Finally, the derivation of the denotational semantics from algebraic semantics is explored, which can support to reason about more program properties easily.     

Automated generation of composite web services based on functional semantics

Most of studies on the automated generation of composite Web services create composite services by chaining available services’ inputs and outputs, but do not consider their functional semantics. Therefore, unsatisfied results may be generated against users’ intentions. Furthermore, the time complexity is very high since every possible combination of available services should be considered. To resolve these problems, we propose a composition method that explicitly specifies and uses the functional semantics of Web services. Specifically, the proposed method is based on a graph model, which represents the functional semantics of Web services.     

Secure web services using two-way authentication and three-party key establishment for service delivery

With the advance of web technologies, a large quantity of transactions have been processed through web services. Service Provider needs encryption via public communication channel in order that web services can be delivered to Service Requester. Such encryptions can be realized using secure session keys. Traditional approaches which can enable such transactions are based on peer-to-peer architecture or hierarchical group architecture. The former method resides on two-party communications while the latter resides on hierarchical group communications. In this paper, we will use three-party key establishment to enable secure communications for Service Requester and Service Provider. The proposed protocol supports Service Requester, Service Broker, and Service Provider with a shared secret key established among them. Compared with peer-to-peer architecture and hierarchical group architecture, our method aims at reducing communication and computation overheads.     

关于Web服务组合的有效Web服务发现机制

随着Web Services的广泛流行,怎样发现适当Web Services来支持Web Services的组合已经成为一种挑战.由于传统的关键字搜索具有太低的记忆性和精确性,因此这种方法是很低效的.基于Web Services的描述信息,介绍了一种有效的Web Services发现机制.此服务发现方法是简单可用的,通过引入语义变得十分高效,因此该机制成功的在服务组合模型上得到了实现.     

Reflect: A practical approach to web semantics

To date, adding semantic capabilities to web content usually requires considerable server-side re-engineering, thus only a tiny fraction of all web content currently has semantic annotations. Recently, we announced Reflect (http://reflect.ws), a free service that takes a more practical approach: Reflect uses augmented browsing to allow end-users to add systematic semantic annotations to any web-page in real-time, typically within seconds. In this paper we describe the tagging process in detail and show how further entity types can be added to Reflect; we also describe how publishers and content providers can access Reflect programmatically using SOAP, REST (HTTP post), and JavaScript. Usage of Reflect has grown rapidly within the life sciences, and while currently only genes, protein and small molecule names are tagged, we plan to soon expand the scope to include a much broader range of terms (e.g., Wikipedia entries). The popularity of Reflect demonstrates the use and feasibility of letting end-users decide how and when to add semantic annotations. Ultimately, ‘semantics is in the eye of the end-user’, hence we believe end-user approaches such as Reflect will become increasingly important in semantic web technologies.     

A tentative commit protocol for composite web services

Composite web services provide promising prospects for conducting cross-organizational business transactions. Such transactions: are generally complex, require longer processing time, and manipulate financially critical data. It is therefore crucial to ensure stronger reliability, higher throughput and enhanced performance of transactions. In order to meet these requirements, this paper proposes a new commit protocol for managing transactions in composite web services. Specifically, it aims to improve the performance by reducing network delays and the processing time of transactions. The proposed protocol is based on the concept of tentative commit that allows transactions to tentatively commit on the shared data of web services. The tentative commit protocol avoids resource blocking thus improving performance. The proposed protocol is tested through various simulation experiments. The outcomes of these experiments show that the proposed protocol outperforms existing protocols in terms of transaction performance.     

A web services framework for distributed model management

Distributed model management aims to support the wide-spread sharing and usage of decision support models. Web services is a promising technology for supporting distributed model management activities such as model creation and delivery, model composition, model execution and model maintenance to fulfill dynamic decision-support and problem solving requests. We propose a web services based framework for model management (called MM-WS) to support various activities of the model management life cycle. The framework is based on the recently proposed Integrated Service Planning and Execution (ISP & E) approach for web services integration. We discuss encoding of domain knowledge (as individual models) and utilize the MM-WS framework to interleave synthesis of composite models with their execution. A prototypical implementation with an example is used to illustrate the utility of the framework to enable distributed model management and knowledge integration. Benefits and issues of using the framework to support model-based decision-making in organizational contexts are outlined.

A lightweight anonymous authentication scheme for secure cloud computing services

The Journal of Supercomputing - Cloud computing represents the latest technology that has revolutionized the world of business. It is a promising solution giving companies the possibility of...     

A dual-layered model for web services representation and composition

Nowadays more and more companies and organizations implement their business services in the Internet due to the tremendous progress made recently in the field of Web services. It becomes possible to publish, locate and invoke applications across the Web. Thus, the ability to select efficiently and integrate at runtime services located in different sites on the Web is an important issue. In some situations, if no single Web service can satisfy the request of the user, there should be a possibility to combine existing services together in order to meet the user’s request. This paper provides a dual-layered model for web services, where the first model layer captures the high-level functional specifications (namely goals, achievement contexts, and external behaviours), and the second model layer captures the low-level functional specifications (namely interfaces). This model allows the service composition process to be performed on both high-level and low-level specifications. We also introduce the composition operators (both high-level and low-level) to allow composition of virtual services.     

A game-theoretic approach for the web services scheduling problem

We address the design of an Internet-based business process composed of several web services by using multiobjective optimization and game-theoretic methods. Adopting a suitable representation for the business process, we present a mathematical optimization problem which considers several quality-of-service objectives: cost, execution time, reliability, availability and reputation. The web service scheduling problem is formulated as a multiobjective mixed-integer linear optimization problem and solved through a goal optimization method. The optimal solution of the scheduling problem assigns suppliers to all the tasks that comprise the business process, thus establishing the revenues – utilities – of all the suppliers. We then model the interaction between the suppliers as an incomplete information (Bayesian) game: the structure of the game is common knowledge of all the suppliers, but each supplier knows only his/her own utility function. A characterization of the Bayes–Nash equilibria of the game is provided. The paper includes numerical examples.     

A view-based monitoring for usage control in web services

Quality of service (QoS) can be a critical element for achieving the business goals of a service provider, and accepting a service by the customer. The criticality is more pronounced when the service provider handles the non-functional QoS attribute of privacy, i.e., privacy related to the customer’s personal data. In this regard, the customer needs some guarantee(s) from the service provider about confidentiality management, leading to overall quality characterization of the provided service. A service level agreement (SLA) is primarily intended to specify (in terms of clauses) the level of such non-functional QoS delivered to the customer. The aim is to provide customers with tools that show the fulfillment of QoS guarantees, through SLA monitoring process. In this paper, we address the problem of usage control of private data in service based applications ensuring end-to-end QoS capabilities. We propose a query containment based approach to support the monitoring of privacy-aware SLA compliance, that spells out a customer’s privacy rights, and shows how the customer’s private information must be handled by a Web service provider. We introduce the private data usage flow model upon which the monitoring is performed to observe the data usage flow, and capture the privacy vulnerabilities that may lead to non-compliance. The model is built on top of (i) properties and time-related privacy requirements to be monitored, and (ii) a set of identified privacy violations. As proof of concept, a privacy aware SLA monitoring system, which is an easy-to-use, and efficient tool for observing the dynamic private data usage flow is developed. Experiment results indicate the relevance and applicability of the proposed approach.     

A similarity measure for the negotiation in web services

This paper presents a new negotiation approach integrating a similarity-based metric to measure the client’s satisfaction level by quantifying the correspondence between the features required by the client and the ones proposed by the service. This negotiation process is integrated within an adaptation platform for multimedia presentations supporting different types of terminals. The negotiation and adaptation processes are based on the management of user’s and service’s profiles. We also propose an extension of the SIP protocol to ensure the communication between the client and the server by defining new functionalities.     

Quality models for web services: A systematic mapping

ContextQuality of Service (QoS) is a major issue in various web service related activities. Quality models have been proposed as the engineering artefact to provide a common framework of understanding for QoS, by defining the quality factors that apply to web service usage.ObjectiveThe goal of this study is to evaluate the current state of the art of the proposed quality models for web services, specifically: (1) which are these proposals and how are they related; (2) what are their structural characteristics; (3) what quality factors are the most and least addressed; and (4) what are their most consolidated definitions.MethodWe have conducted a systematic mapping by defining a robust protocol that combines automatic and manual searches from different sources. We used a rigorous method to elicitate the keywords from the research questions and a selection criteria to retrieve the final papers to evaluate. We have adopted the ISO/IEC 25010 standard to articulate our analysis.ResultsWe have evaluated 47 different quality models from 65 papers that fulfilled the selection criteria. By analyzing in depth these quality models, we have: (1) distributed the proposals along the time dimension and identified their relationships; (2) analyzed their size (visualizing the number of nodes and levels) and definition coverage (as indicator of quality of the proposals); (3) quantified the coverage of the different ISO/IEC 25010 quality factors by the proposals; (4) identified the quality factors that appeared in at least 30% of the surveyed proposals and provided the most consolidated definitions for them.ConclusionsWe believe that this panoramic view on the anatomy of the quality models for web services may be a good reference for prospective researchers and practitioners in the field and especially may help avoiding the definition of new proposals that do not align with current research.     

Bringing semantics to Web services

A key element to realizing the Semantic Web is developing a suitably rich language for encoding and describing Web content. Such a language must have a well defined semantics, be sufficiently expressive to describe the complex interrelationships and constraints between Web objects, and be amenable to automated manipulation and reasoning with acceptable limits on time and resource requirements. A key component of the Semantic Web services vision is the creation of a language for describing Web services. DAML-S is such a language it is a DAML+OIL ontology for describing Web services that a coalition of researchers created with support from DARPA.