Anis Charfi

Aspect-Oriented Web Service Composition with AO4BPEL

Web services have become a universal technology for integration of distributed and heterogeneous applications over the Internet. Many recent proposals such as the Business Process Modeling Language (BPML) and the Business Process Execution Language for Web Services (BPEL4WS) focus on combining existing web services into more sophisticated web services. However, these standards exhibit some limitations regarding modularity and flexibility. In this paper, we advocate an aspect-oriented approach to web service composition and present AO4BPEL, an aspect-oriented extension to BPEL4WS. With aspects, we capture web service composition in a modular way and the composition becomes more open for dynamic change.

AO4BPEL: An Aspect-oriented Extension to BPEL

Process-oriented composition languages such as BPEL allow Web Services to be composed into more sophisticated services using a workflow process. However, such languages exhibit some limitations with respect to modularity and flexibility. They do not provide means for a well-modularized specification of crosscutting concerns such as logging, persistence, auditing, and security. They also do not support the dynamic adaptation of composition at runtime. In this paper, we advocate an aspect-oriented approach to Web Service composition and present the design and implementation of AO4BPEL, an aspect-oriented extension to BPEL. We illustrate through examples how AO4BPEL makes the composition specification more modular and the composition itself more flexible and adaptable.

Hybrid web service composition: business processes meet business rules

Over the last few years several process-based web service composition languages have erged, such as BPEL4WS and BPML. These languages define the composition on the basis of a process that specifies the control and data flow among the services to be composed. In this approach, the whole business logic underlying the composition including business policies and constraints is coded as a monolithic block. As a result, business rules are hard to change without affecting the core composition logic. In this paper, we propose a hybrid composition approach: The composition logic is broken down into a core part (the process) and several well-modularized business rules that exist and evolve independently. We also discuss two alternative technologies for implenting business rules in encapsulated units, using aspects and a rule-based engine. Our approach allows for a more modular and flexible web service composition.

Using aspects for security engineering of Web service compositions

Web Service composition languages promise a cheap and effective means for application integration over the Internet as in typical B2B interaction scenarios. BPEL is the upcoming standard for Web Service composition and several implementations of it are already available. However, for Web Service composition languages to keep their promises it is essential to provide more support for security. Companies will embrace Web Service composition languages only if their requirements of confidentiality, integrity, authentication, etc. are fulfilled. In this paper, we look at security in Web Services compositions and present a framework for securing BPEL compositions using WS-Security and WS-Policy. The main components of our framework are the process container implemented by a set of aspects in AO4BPEL, an aspect-oriented extension to BPEL, the security service and the deployment descriptor. We also introduce the notion of policy-based process deployment to check the compatibility of the security policies of the composition and its partners at deployment time.

A Plug-in Architecture for Self-Adaptive Web Service Compositions

Several approaches have been proposed to introduce self-management capabilities for web service compositions.However, most of these works are limited as they are not extensible, i.e., new self-adaptation features cannot be supported, and even if that is possible then still this cannot be done dynamically while the composite services are running.In addition, many of these works are not based on the service composition standard WS-BPEL. In this paper, we propose a plug-in architecture for self-adaptive web service composition, in which self-adaptation features are well-modularized in aspect based plug-ins. Our approach supports application-specific adaptation scenarios, is easily extensible, and allows self-adaptation logic to be hot-deployed on running process instances. We have implemented this architecture and several plug-ins using the dynamic aspect-oriented workflow language AO4BPEL.

Aspect-Oriented workflow languages

Most available aspect-oriented languages today are extensions to programming languages However, aspect-orientation, which is a paradigm for decomposition and modularization, is not only applicable in that context In this paper, we introduce aspect-oriented software development concepts to workflow languages in order to improve the modularity of workflow process specifications with respect to crosscutting concerns and crosscutting changes In fact, crosscutting concerns such as data validation and security cannot be captured in a modular way when using the constructs provided by current workflow languages We will propose a concern-based decomposition of workflow process specifications and present the main concepts of aspect-oriented workflow languages using AO4BPEL, which is an aspect-oriented workflow language for Web Service composition.

Reliable, Secure, and Transacted Web Service Compositions with AO4BPEL

Web service compositions in BPEL have several nonfunctional requirements such as security, reliable messaging, and transactions. Although many WS-* specifications address such non-functional concerns in the Web service context, they focus only on the messaging-level requirements without addressing the process-level requirements. In this paper, we discuss different non-functional requirements in BPEL workflows and observe that current orchestration engines lack support for the specification and enforcement of such requirements, especially for process-level requirements. To solve this problem, we present a container framework, which introduces an XML-based deployment descriptor to specify the non-functional requirements in a declarative way. To enforce these requirements, a process container intercepts the process execution and calls dedicated middleware Web services. We implemented the process container as a lightweight container using a set of A04BPEL aspects that are automatically generated from the deployment descriptor. In addition, we have implemented BPEL middleware Web services for reliable messaging, security, and transaction

An aspect-based process container for BPEL

In recent years, several WS-* specifications have been proposed to address the middleware requirements of web services such as security, reliable messaging, and transactions. On the other hand side, BPEL is the upcoming standard for composing existing web services into more complex ones. In this paper, we look at the middleware requirements of web service compositions and specifically those specified in BPEL. We argue that the WS-* specifications such as WS-Security and WS-Reliability do not address these requirements appropriately. We introduce a framework for providing middleware support in BPEL engines based on a process container, which intercepts the execution of BPEL processes and calls dedicated middleware services to plug in support for security, persistence, reliable messaging, etc. The container is implemented as a lightweight container using AO4BPEL aspects and the middleware requirements of the process are specified in a deployment descriptor.

Specifying and Monitoring Temporal Properties in Web Services Compositions

Current Web service composition approaches and languages such as WS-BPEL do not allow to define temporal constraints in a declarative and separate way. Also it is not possible to verify if there are contradictions between the temporal constraints implemented in the composition. These limitations lead to maintainability and correctness problems. In this paper, we tackle these problems through a novel approach to temporal constraints in Web service compositions, which combines formal methods and aspect-oriented programming. In this approach, we use a powerful and expressive formal language, called XTUS-Automata, for specifying time-related properties and we introduce specification patterns that ease the definition of such constraints. The formal specifications are translated automatically into AO4BPEL aspects, which ensure the runtime monitoring of the temporal constraints. Our approach enables a declarative, separate, and verifiable specification of temporal properties and it generates automatically modular enforcement code for those properties.

Aspect-Oriented business process modeling with AO4BPMN

Many crosscutting concerns in business processes need to be addressed already at the business process modeling level such as compliance, auditing, billing, and separation of duties. However, existing business process modeling languages including OMG’s Business Process Modeling Notation (BPMN) lack appropriate means for expressing such concerns in a modular way. In this paper, we motivate the need for aspect-oriented concepts in business process modeling languages and propose an aspect-oriented extension to BPMN called AO4BPMN. We also present a graphical editor supporting that extension.