基于Token选取的OpenStack单一平面网络建模方法

CPN形式化建模适合为包含大量并发、通信、同步共享行为的软硬件系统建立形式模型,并完成系统功能和性能等方面的行为分析。在传统的CPN建模中,token的选取采用穷举法,由此造成生成的token数量较多、CPN模型生成的状态空间相当庞大甚至状态空间爆炸等问题。针对上述问题,提出将符号执行与CPN建模相结合,并在CPN模型的执行过程中采用一种基于token选取的方法,进而得到CPN模型的状态可达图。通过对OpenStack云平台支持创建的单一平面网络进行CPN建模,针对传统方法和所提方法生成的状态空间,分析了其规模的变化,验证了所提方法的有效性。     

基于QoS和多级索引的Web服务发布订阅

发布订阅机制有利于实现对大规模Web服务的主动管理,提出了基于QoS的Web服务发布订阅模型和系统架构,设计了基于QoS和多级索引的Web服务匹配算法。Web服务的QoS属性和订阅的属性约束所形成相应的匹配关系构成模型的关键;将发布的Web服务及其QoS和服务订阅一起生成过滤矩阵,通过属性约束覆盖可以减少重复匹配;按QoS属性类型对发布的Web服务建立多级索引,生成属性到服务的映射,可以实现服务订阅的快速匹配。实验结果表明,该Web服务发布订阅系统比传统方法有较大提升,能够适应于大规模分布式Web服务管理。     

基于有限状态自动机的组合Web服务性能优化

组合Web服务的业务流程可以通过有限状态自动机来描述。传统的组合Web服务采用集中式的执行方式,它会带来不必要的网络流量和数据堵塞,造成大量的通信开销。提出一种基于有限状态自动机的非集中式的执行策略,在自动机的状态空间中运用启发式搜索算法执行总体代价最优的路径,从而有效减少消息传递数量,提高系统吞吐量。基于该方案设计了一个原型系统来验证系统整体性能的最优化。     

有色Petri网模型中死标志合理性分析与验证

针对使用CPN Tools对系统进行建模仿真得到的状态空间报告中出现的死标志是否会影响系统的安全性和模型的正确性进行了研究,提出了一种基于ASK-CTL及模型检验理论的死标志合理性验证算法.该算法采用模型检验技术通过ML语言编辑相关功能函数使用非标准状态空间查询法,进一步分析与研究CPN Tools仿真状态空问报告中出现的死标志,通过验证死标志存在的合理性来确保所建立CPN模型的准确性与系统的安全性.最后,以电梯门系统为例,使用CPN Tools建立电梯门系统的CPN模型,证明了算法的有效性.     

基于CPN的业务流程执行语言建模

提出了Web服务业务流程执行语言的CPN建模方法,描述了基于Web服务业务流程的工作流行为特性。在对BPEL4WS的基本活动和结构性活动进行分析的基础上,给出了利用CPN对流程进行建模的方法。然后结合具体实例阐述了利用该方法建模的详细过程,并对所生成的Petri网模型进行验证。     

一种面向多领域支持高可靠Web服务合成的服务发现模型

为支持高可靠的Web服务合成,如何发现合适的Web服务至关重要.然而,服务匹配的准确性直接影响合成的Web服务的质量,服务匹配的复杂度极大地影响服务合成执行的时间代价.本文阐述了面向多领域支持高可靠的Web服务合成模型的思想,提出了一种用于全方位描述服务的描述模式X WSDL.基于此,提出相应的基于本体的服务发现模型和匹配算法.服务发现模型包括概要匹配、功能匹配、非功能匹配和QoS匹配四部分,分服务发布匹配、服务发现匹配和服务QoS匹配三个阶段完成.通过将服务匹配部分工作分布于服务发布阶段完成,减少了合成服务执行的时间代价;按需基于约束的服务匹配增强了服务匹配的灵活性;QoS评价模型有效地保证了Web服务合成的质量.通过实际应用,验证了本文提出的服务匹配模型的有效性.     

基于ASK-CTL的有色Petri网模型检验算法研究

针对使用CPN Tools工具建立系统CPN(Colored Petri Net)模型并进行仿真所得到的状态空间报告中出现的死标识是否会影响系统的安全性和模型的正确性进行研究,提出基于ASK-CTL的有色Petri网模型检验算法及死标识合理性验证算法。算法描述了系统有色Petri网的建模与仿真过程,根据得到的状态空间报告判断是否存在死标识,对存在的死标识采用非标准状态空间查询法使用ML语言编辑相关功能函数以验证死标识的合理性,进而确保所建立CPN模型的正确性与系统的安全性。最后,以电梯门系统为例,证明了算法的有效性。     

基于Web服务的动态工作流系统的研究与实现

分析了面向服务的计算环境及服务组合的新特征和新问题,并在此基础上从面向业务用户的角度对基于Web服务的动态工作流进行了探讨,提出一种基于Web服务的动态工作流模型。以该模型为基础,设计了具有三层结构的基于Web服务的动态工作流系统,按照该架构并基于J2EE平台实现了系统,对基于Web服务的动态工作流应用提供了系统支撑与验证环境。     

基于相似度特征的Web服务匹配算法

针对Web服务查找与匹配困难问题,提出一种基于Petri网和QOS计算的Web服务模糊匹配算法.构建OWL-S过程模型,依靠该模型中的控制流、状态转移与信息转换,将Web服务以Petri网的形式表示,利用节点、网络架构与变迁的语义标准计算Petri网相似度,获取Petri网参数的最优匹配子图,通过计算Petri网的输出...     

REST Web服务及基于IBM WebSphere应用服务器的构建实例

表征状态转移(Representational State Transfer,REST)在Web领域已经得到了广泛的接受,是基于SOAP和Web服务描述语言的Web服务的更为简单的替代方法。越来越多的主流Web 2.0服务提供者已经开始了对REST的采用,这些提供者弃用或放弃了基于SOAP和WSDL的接口,而采用了更易于使用、面向资源的REST模型来公开其服务。介绍了REST的基本原理,并通过一个基于IBM WebSphere应用服务器的示例应用程序场景的设计与实现,展示了将JAXRS应用于WebSphere应用服务器上的应用程序。     

Planning and monitoring the execution of web service requests

Interaction with web services enabled marketplaces would be greatly facilitated if users were given a high level service request language to express their goals in complex business domains. This can be achieved by using a planning framework which monitors the execution of planned goals against predefined standard business processes and interacts with the user to achieve goal satisfaction. We present a planning architecture that accepts high level requests, expressed in a service request language known as XSRL. The planning framework is based on the principle of interleaving planning and execution. This is accomplished on the basis of refinement and revision as new service-related information is gathered from service repositories such as UDDI and web services instances, and as execution circumstances necessitate change. The planning system interacts with the user whenever confirmation or verification is needed.     

Colored Petri Net model with automatic parallelization on real-time multicore architectures

This paper proposes a novel Colored Petri Net (CPN) based dynamic scheduling scheme, which aims at scheduling real-time tasks on multiprocessor system-on-chip (MPSoC) platforms. Our CPN based scheme addresses two key issues on task scheduling problems, dependence detecting and task dispatching. We model inter-task dependences using CPN, including true-dependences, output-dependences, anti-dependences and structural dependences. The dependences can be detected automatically during model execution. Additionally, the proposed model takes the checking of real-time constraints into consideration. We evaluated the scheduling scheme on the state-of-art FPGA based multiprocessor hardware system and modeled the system behavior using CPN tools. Simulations and state space analyses are conducted on the model. Experimental results demonstrate that our scheme can achieve 98.9% of the ideal speedup on a real FPGA based hardware prototype.     

Formalization and analysis of the REST architecture from the process algebra perspective

As one of the most promising architectural styles, REpresentational State Transfer (REST) was proposed to support a scalable and reliable design for large-scale distributed hypermedia systems such as the World Wide Web (WWW). However, the rapid development of RESTful systems brings the misunderstanding and misapplying of the REST architecture. As a consequence, considerable confusions about REST exist and many examples of supposedly RESTful applications violate key REST constraints. Thus, it is of significant importance to give a better and explicit understanding of REST architecture to guide the design and implementations of RESTful systems.In this paper, we give a formalization and analysis of the REST architecture from the perspective of Communicating Sequential Processes (CSP), which is one of the most famous process algebras. In particular, we present a formal model to capture essential features for the REST architecture, where components (together with one connector) of RESTful systems are modeled as CSP processes. Besides, resources are also abstracted as CSP processes. Furthermore, all the REST constraints, including Client–Server, Cacheable, Stateless, Uniform Interface, Layered and Code-On-Demand, are described in our framework and implemented in the model checker Process Analysis Toolkit (PAT) to check whether a system breaks REST constraints or not. It is difficult to ensure that a system is RESTful system, because many unRESTful systems may also contain unRESTful properties besides satisfying the six REST constraints. Thus, a complementary approach is proposed in this paper to check the system from a different perspective; that is, if a system breaks any specification of the REST constraints, then it is not a RESTful system. Finally, to show the feasibility of our approach, we illustrate a case study about an application scenario for environment monitoring. One feature of the proposed framework for the REST architecture is that it not only confines to HyperText Transport Protocol (HTTP) but can also be applied to other REST-compliant protocols, e.g., Constrained Application Protocol (CoAP). Consequently, through the general framework, a better understanding of the REST architecture can be achieved, and moreover, implementations and designs of RESTful systems can benefit from it.     

Adaptive security architecture for protecting RESTful web services in enterprise computing environment

In this modern era of enterprise computing, the enterprise application integration (EAI) is a well-known industry-recognized architectural principle that is built based on loosely coupled application architecture, where service-oriented architecture (SOA) is the architectural pattern for the implementation of EAI, whose computational elements are called as “services.” Though SOA can be implemented in a wide range of technologies, the web services implementation of SOA becomes the current selective choice due to its simplicity that works on basic Internet protocols. Web service technology defines several supporting protocols and specifications such as SOAP and WSDL for communication with client and server for data interchange. A new architectural paradigm has emerged in SOA in recent years called REpresentational State Transfer (REST) that is also used to integrate loosely coupled service components, named RESTful web services, by system integration consortiums. This SOA implementation does not possess adequate security solutions within it, and its security is completely dependent on network/transport layer security that is obsolete owing to latest web technologies such as Web 2.0 and its upgraded version, Web 3.0. Vendor security products have major implementation constraints such as they need secured organizational environment and breach to SOA specifications, hence introducing new vulnerabilities. Herein, we examine the security vulnerabilities of RESTful web services in the view of popular OWASP rating methodologies and analyze the gaps in the existing security solutions. We hence propose an adaptive security solution for REST that uses public key infrastructure techniques to enhance the security architecture. The proposed security architecture is constructed as an adaptive way-forward Internet-of-Things (IoT) friendly security solution that is comprised of three cyclic parts: learn, predict and prevent. A novel security component named “intelligent security engine” is introduced which learns the possible occurrences of security threats on SOA using artificial neural networks learning algorithms, then it predicts the potential attacks on SOA based on obtained results by the developed theoretical security model, and the written algorithms as part of security solution prevent the SOA attacks. This paper is written to present one of such algorithms to prevent SOA attacks on RESTful web services along the discussion on the obtained results of the conducted proof-of-concept on the real-time SOA environment. A comparison of the proposed system with other competing solutions demonstrates its superiority.     

SFDCloud: top-k service faults diagnosis in cloud computing

With a variety of providers large and small delivering a number of cloud-based services, cloud computing is evolving into an important service delivery infrastructure. One of the challenges in this evolution is how to provide necessary fault handling for migration long-running or computationally-intensive application services into shared open cloud infrastructures. To minimize failure impact on services and application executions, we present a diagnostic architecture and a diagnosis method based on the service dependence graph (SDG) model and the service execution log for handling service faults. By decoupling diagnosis service components and sharing diagnosis resources, the scalability of diagnosis methods is improved by incorporating third-party diagnostic components into our architecture. By analyzing the dependence relations of activities in SDG model, our diagnosis method identifies the incorrect activities, and explains the root causes for the web service composition faults, based on the differences between successful and failed executions of composite service. Experimental results show that our method is effective in diagnosing faults in web service composition of various scales.     

An Intents-based approach for dynamic service discovery

Service discovery has been a very active research field attracting many researchers around the world. Most of the previous research efforts on service discovery have been based on the ternary classification of participant roles in web services, including service providers, brokers, and consumers. This classification is insufficient because it fails to make a difference between application developers and end users who both belong to service consumers. As a result, application developers usually take the responsibility of seeking services while end users who ultimately use the application are ignored. In order to address this issue, this paper presents an Intents-based approach for dynamic service discovery. The proposed approach is motivated from two industrial protocols: Android Intents and web Intents. It improves the two protocols by a generic model from the aspects of architecture, intent messages and their resolving process, Intents services, and user agents. It classifies the implicit intents into authoritative and naïve intents and is compatible with the current web service triangular architecture. This paper also illustrates a way of creating Intents services from SOAP and REST web services and presents two cases to demonstrate some benefits of the proposed approach.     

基于云模型的可信性评估模型*

软件应用领域极度扩展,促使软件可信问题被高度重视,但量化的软件可信性评估却是可信问题研究的难点。针对软件可信性量化问题,提出了基于云模型的可信性评估模型。以REST表述性状态转移超媒体分布式架构为背景,根据云模型理论定义了其组成构件的信任云以及系统综合信任云,用于评估构件的可信性和系统的可信性。从四个层面,探讨软件可信问题,以可信基础参数获取作为最底层输入,进而生成云模型,合并云模型,最终进入可信评估应用层面。实验结果表明,基于云模型的可信性评估模型是有效实用的,在可信度的不确定性方面增加了评估的灵活性。     

Verification of telecommunication systems specified using communicating finite-state automata using colored Petri nets

Uniform systems of communicating extended finite-state automata are considered. These systems can be used for the initial specification of telecommunication systems such as ring protocols and telephone networks. This paper aims to present an automata systems verifier tool (ASV) designed for the analysis and verification of automata specifications. It is based on an algorithm for the translation of automata systems into colored Petri nets (CPN) presented and justified in [4]. The ASV tool uses CPN Tools [10] for analysis and simulation of CPN, also it uses Petri Net Verifier [12] to verify CPN properties by applying the model checking method to CPN reachability graph with respect to the properties expressed in μ-calculus. The application of the ASV tool is described for the ring RE-protocol verification and the study of the feature interaction in telephone networks.     

基于颜色Petri网的服务组合建模与验证

Web服务组合技术能快速、灵活的满足复杂多变的业务需求,Web服务组合及其形式化描述和验证已经成为Web服务中一个非常重要的研究方向.给出了一个基于颜色Petri网(CPN)的Web服务和Web服务组合的形式化定义和描述,主要描述了4种组合结构:顺序、选择、并发和循环.给出了一个颜色Petri网建模Web服务组合的实例,并且对模型进行了简单的正确性分析.分析结果表明,该建模方法满足正确性要求.