Secure overlay networks for federated service provision and management

This paper presents the components and formal information model enabling the dynamic creation and management of secure overlay networks. Special attention will be paid to the solution provided to two important open issues: the definition of a certificate path building and validation algorithm (to ease the trust establishment and negotiation processes) and the definition and negotiation of SLAs in inter-domain secure overlay scenarios. Given a set of already existing domains with certain trust relationships, each overlay network allows the secure sharing of some (or all) of its services. For this, the administrator of each administrative domain will define using a formal information model which services he wants to share with any other domain, and which ones is he expecting from these other domains. Time and other networking conditions can also be indicated allowing secure overlay networks to be dynamically and automatically established and managed.     

Context-aware agents for user-oriented web services discovery and execution

Service-oriented computing (SOC) suggests that the Internet will be an open repository of many modular capabilities realized as web services. Organizations may be able to leverage this SOC paradigm if their employees are able to ubiquitously incorporate such capabilities and their resulting information into their daily practices. It is impractical to assume that human users will be able to manually search vast distributed repositories at real-time. This paper presents an architecture, Software Agent-Based Groupware using E-services (SAGE), that incorporates the use of intelligent agents to integrate human users with web services. SAGE provides background search and discovery approaches, thus enabling human users to exploit service-based capabilities that were previously too time-consuming to locate and integrate. We present a multi-agent system where each agent learns the rule-based preferences of a human user with regards to their current operational “context” and manages the incorporation of relevant web services. Recommended by: Djamal Benslimane and Zakaria Maamar     

Deriving business processes with service level agreements from early requirements

When designing a service-based business process employing loosely coupled services, one is not only interested in guaranteeing a certain flow of work, but also in how the work will be performed. This involves the consideration of non-functional properties which go from execution time and costs, to trust and security. Ideally, a designer would like to have guarantees over the behavior of the services involved in the process. These guarantees are the object of Service Level Agreements.We propose a methodology to design service-based business processes together with Service Level Agreements that guarantee a certain quality of execution, with particular emphasis on security. Starting from an early requirements analysis modeled in the Secure Tropos formalism, we provide a set of user-guided transformations and reasoning tools the final output of which is a set of processes in the form of Secure BPELs together with a set of Service Level Agreements to be signed by participating services. To show the potential impact of the approach, we illustrate the functioning of the methodology on a collaborative procurement scenario derived from the application domain of a research project.     

基于ITIL体系的安全服务级别管理研究

通过引入IT服务管理的理念,将安全运营管理定位为IT基础设施库ITIL中的服务,同时综合借鉴BS7799、NIST SP800系列以及其它有关信息安全标准的特点,构建基于ITIL的网络安全运营管理体系,帮助解决安全运营管理平台相关技术和产品的研究开发过程缺乏标准和规范的问题.服务级别管理是基于ITIL的网络安全运营管理体系保证安全服务达到组织或客户的期望并获得认可的关键,是基于安全服务级别协议的协商、定案、监控、报告和总结的过程.详细阐述了安全服务级别管理的相关概念、流程以及与安全运营管理体系其它过程间的关系.     

Optimal precomputation for mapping service level agreements in grid computing

A complicated task running on the grid system is usually made up of many services, each of which typically offers a better service quality at a higher cost. Mapping service level agreements (SLAs) optimally is to find the most appropriate quality level for each service such that the overall SLA of a task is achieved at the minimum cost. This paper considers mapping the execution time SLA in the case of the discrete cost function, which is an NP-hard problem. Due to the high computation of mapping SLAs, we propose a precomputation scheme that makes the selection of each individual service level in advance for every possible SLA requirement, which can reduce the request response time greatly. We use a (1+ε)-approximation method, whose solution for any time bound is at most (1+ε) times of the optimal cost. Simulation results demonstrate the superiority of our method compared with others.     

A model-driven framework for enterprise service management

With a steady pace of adoption of service-oriented architecture, enterprises have made significant progresses in implementing various kinds of Web services and converting existing applications to service-oriented architecture. As a significant number of services have been put into actual use, many service-oriented enterprises are faced with the problem of how to manage these services efficiently. In this paper, we propose a model-driven framework for a more efficient management of these services. In this framework, the creation and maintenance of enterprise integration solutions are modeled by flows, finite state machines (FSMs), role-based access control (RBAC) among other formal systems models as well as appropriate decision models. For instance, each enterprise integration solution would be modeled as composite services that can be described by respective flow, FSM and RBAC models. These solution models can then be stored, and later retrieved for the execution of these composite services. Furthermore, formal systems and decision models are also used to maintain and update these service-oriented solutions to improve the efficiency and quality of service management by taking advantage of the underlying service-oriented architecture.     

Conformance analysis in networks with service level agreements

To achieve some level of Quality of Service (QoS) assurance, a network usually has Service Level Agreements (SLAs) with its users and neighboring domains, which describe the QoS level that the service provider is committed to provide, and the specification of traffic that users or neighboring domains are allowed to send. An interesting and important question arises as to whether a flow is still conformant to its original traffic specification after crossing the network since it may interact with other flows within the network. In this paper, we study analytically the extent to which a flow and an aggregate of flows become non-conformant through an analysis of the stochastic burstiness increase of flows after crossing a per-flow scheduling network and an aggregate scheduling network . The stochastic behavior of a server in aggregate scheduling networks is also studied to determine the conformance deterioration of individual flows, which provides the theoretical conformance deterioration bound and provides useful results for conformance analysis in an aggregate scheduling network with general topology. Our theoretical results are verified by extensive simulations.     

集成Agent技术和面向服务计算技术：现状和展望

Agent技术和面向服务计算技术是目前计算机科学与技术领域中的二项重要技术.这二种技术都试图为互联网软件系统的开发提供新颖的技术途径,但是它们的关注点、所采用的技术手段、优势和不足各不相同.将这二种技术相互集成有助于发挥各自的优势,同时弥补各自的不足.近年来有关集成Agent技术和面向服务计算技术的研究引起了人们的关注和重视,它将为部署在互联网上的动态、开放系统的开发提供新颖、有效的技术途径.分析了集成Agent技术和面向服务计算技术的背景和动机,综述了该领域的研究现状和已有的成果,并展望了其面临的问题和挑战.     

Service level agreement based adaptive Grid superscheduling

Grid computing brings heterogeneity and decentralization to the world of science and technology. It leverages every bit of idle computing resources and provides a straightforward middleware for integrating cross-domain scientific devices and legacy systems. In a super big Grid, job scheduling is challenging specifically when it needs to have access to vast amount of resources. The process of mapping jobs onto Grid resources requires significant consideration in terms of Grid architecture design, consumer demands and provider revenues. In this paper, we simultaneously utilize the legacy architecture of superscheduling, forwarding strategy, service level, success rate, and service pricing strategies and finally propose a service level agreement based on adaptive superscheduling (SAS) algorithm. SAS algorithm presents unified connectivity via efficient diffusion of jobs through the Grid infrastructure that is fueled from the previous scheduling events across the Grid. Moreover, by enforcing the service level agreement terms from a rich set of ask and bid prices, system performance, and load statistics, SAS successfully boosts revenue and utilization statistics. We perform an extensive experimental analysis for different Grid scales. Based on our experimental result, the SAS algorithm maximizes revenue while guarantees quality of service. More specifically, the quality of service is achieved through a high ratio of completed jobs and remarkable utilization of resources.     

Dynamic SLAs management in service oriented environments

The increasing adoption of service oriented architectures across different administrative domains, forces service providers to use effective mechanisms and strategies of resource management in order for them to be able to guarantee the quality levels their customers demands during service provisioning. Service level agreements (SLA) are the most common mechanism used to establish agreements on the quality of a service (QoS) between a service provider and a service consumer. The WS-Agreement specification, developed by the Open Grid Forum, is a Web Service protocol to establish agreements on the QoS level to be guaranteed in the provision of a service. The committed agreement cannot be modified during service provision and is effective until all activities pertaining to it are finished or until one of the signing party decides to terminate it. In B2B scenarios where several service providers are involved in the composition of a service, and each of them plays both the parts of provider and customer, several one-to-one SLAs need to be signed. In such a rigid context the global QoS of the final service can be strongly affected by any violation on each single SLA. In order to prevent such violations, SLAs need to adapt to any possible needs that might come up during service provision. In this work we focus on the WS-Agreement specification and propose to enhance the flexibility of its approach. We integrate new functionality to the protocol that enable the parties of a WS-Agreement to re-negotiate and modify its terms during the service provision, and show how a typical scenario of service composition can benefit from our proposal.     

A generic architecture for autonomic service and network management

As the Internet evolves into an all-IP communication infrastructure, a key issue to consider is that of creating and managing IP-based services with efficient resource utilization in a scalable, flexible, and automatic way. In this paper, we present the Autonomic Service Architecture (ASA), a uniform framework for automated management of both Internet services and their underlying network resources. ASA ensures the delivery of services according to specific service level agreements (SLAs) between customers and service providers. As an illustrative example, ASA is applied to the management of DiffServ/MPLS networks, where we propose an autonomic bandwidth sharing scheme. With the proposed scheme, the bandwidth allocated for each SLA can be automatically adjusted according to the measured traffic load and under policy control for efficient resource utilization, while SLA compliance over the network is always guaranteed.     

云环境下基于服务等级协议的信任评估模型

针对用户在交互过程中对云服务商缺乏信任的问题,提出了一个基于服务等级协议(SLA)的云计算信任模型。在该模型中,云服务商在向服务中心--可信的第三方平台注册时,首先提交自身的实力评估报告,说明其实力、运营、技术及提供的服务属性等,服务中心根据相关的评价标准对该云服务商进行评估,得到系统信任;其次把系统信任引入到传统的声誉机制中,把系统信任、直接信任和间接信任作为评估一个云服务提供商的三个重要因素,并计算出云服务商的综合信任度;最后用户根据云服务商提供的服务和综合信任度与其进行SLA协商,确定最终交互对象,屏蔽掉不诚实或信誉较低的云服务商。实验结果表明,在基于服务等级协议的信任模型中,由于引入了系统信任,云服务商综合信誉的获得更全面准确、有效地防止了云服务商的不诚信行为,提高了交互的成功率。     

Service level agreement specification for end-to-end IoT application ecosystems

With an ever-increasing variety and complexity of Internet of Things (IoT) applications delivered by increasing numbers of service providers, there is a growing demand for an automated mechanism that can monitor and regulate the interaction between the parties involved in IoT service provision and delivery. This mechanism needs to take the form of a contract, which, in this context, is referred to as a service level agreement (SLA). As a first step toward SLA monitoring and management, an SLA specification is essential. We believe that current SLA specification formats are unable to accommodate the unique characteristics of the IoT domain, such as its multilayered nature. Therefore, we propose a grammar for a syntactical structure of an SLA specification for IoT. The grammar is built based on a proposed conceptual model that considers the main concepts that can be used to express the requirements for hardware and software components of an IoT application on an end-to-end basis. We followed the goal question metric approach to evaluate the generality and expressiveness of the proposed grammar by reviewing its concepts and their predefined lists of vocabularies against two use cases with a considerable number of participants whose research interests are mainly related to IoT. The results of the analysis show that the proposed grammar achieved 91.70% of its generality goal and 93.43% of its expressiveness goal.     

Ontological map of service oriented architecture for shared services management

Service oriented architecture (SOA) and shared services (SS) have been widely studied in the information technology literature. However, there is a lack of tools for shared services management (SSM) to apply SOA. This paper proposes an ontological map for SSM to apply SOA. This mapping approach, based on the well-known Zachman framework of information architecture, specifies the ontological perspective of SOA for SSM. The ontological map semantically links all aspects of SOA for SSM. Through a case study, a design artifact of computerized ontological map of SOA demonstrates the usability of the artifact for SSM.     

Service level management with agent technology

This paper outlines a generic evaluation methodology for multimedia and real time applications. It concentrates on the application layer and the service aspect. Principles of software evaluation for quality assessment and measurement for networked services and distributed applications are used to present a specific method for measuring important characteristics. The method and the measurement procedure allow comparison of the actual characteristics of service quality with the required characteristics and thresholds. The proof of concepts will be made by the implementation of quality measurement agents following the approach outlined in this paper. Our approach of performing service level management (SLM) with agent technology is distributed, slim, minimizable to the maximum, independent in its methodology and offers comparable, objective results.     

Reverse engineering relational databases to identify and specify basic Web services with respect to service oriented computing

Service-oriented computing (SOC) is the computing paradigm that utilizes services as a fundamental building block. Services are self-describing, open components intended to support composition of distributed applications. Currently, Web services provide a standard-based realization of SOC due to: (1) the machine-readable format (XML) of their functional and nonfunctional specifications, and (2) their messaging protocols built on top of the Internet. However, how to methodologically identify, specify, design, deploy and manage a sound and complete set of Web services to move to a service-oriented architecture (SOA) is still an issue. This paper describes a process for reverse engineering relational database applications architecture into SOA architecture, where SQL statements are insulated from the applications, factored, implemented, and registered as Web services to be discovered, selected, and reused in composing e-business solutions. The process is based on two types of design patterns: schema transformation pattern and CRUD operations pattern. First, the schema transformation pattern allows an identification of the services. Then the CRUD operations pattern allows a specification of the abstract part of the identified services, namely their port types. This process is implemented as a CASE tool, which assists analysts specifying services that implement common, reusable, basic business logic and data manipulation.

动态Web服务合成中的服务选择算法研究

为了提高服务合成效率并更好的适应动态变化的应用环境,提出了基于流程修改的服务合成方案,使得复合服务的执行与服务发现过程并行化。提出了基于QoS属性的服务选择算法,该算法能够实现服务执行时选择服务,在考虑综合QoS信息及时间因素的基础上,通过不断更新用户需求来进行服务选择,提高了服务合成效率。实验结果表明,该选择算法可以获得满足用户需求且最优的服务,很好的保证了服务的可靠执行。     

基于Web Services的分布式模型管理方法研究

在分析了基于Intranet模型管理系统国内外研究现状的基础上,提出了一种基于WebServices在分布式环境下用于决策支持系统的模型管理方法。该方法充分利用了最新的WebServices技术,使处于分布式环境下的模型可以进行模型的组合、生成和调用,为建立实用的分布式模型管理系统提供了一种可行的方法。     

Modeling online service discontinuation with nonparametric agents

The internet and world wide web are an increasingly important resource, both as a market and as an information source, to both individual users and business entities. An estimated 120 million active web users exist in the United States alone. Access to these electronic marketplaces and information sources is accomplished through either a direct internet connection or through a service provider. Internet service providers (ISPs) enable internet and web access for most of these users either via dial-up modems (62.2 percent), or DSL connections (17 percent). Customers of ISPs frequently switch or discontinue service. The model selection perspective is used to extend previous work in this area through the development of a multi-agent system with neural network wrappers. The nonparametric (neural network) agents identify over 92 percent of those users that either stop or change service, which is a 15 percent increase over previous models.