Isabelle M. Rouvellou

A trust management framework for service-oriented environments

Many reputation management systems have been developed under the assumption that each entity in the system will use a variant of the same scoring function. Much of the previous work in reputation management has focused on providing robustness and improving performance for a given reputation scheme. In this paper, we present a reputation-based trust management framework that supports the synthesis of trust-related feedback from many different entities while also providing each entity with the flexibility to apply different scoring functions over the same feedback data for customized trust evaluations. We also propose a novel scheme to cache trust values based on recent client activity. To evaluate our approach, we implemented our trust management service and tested it on a realistic application scenario in both LAN and WAN distributed environments. Our results indicate that our trust management service can effectively support multiple scoring functions with low overhead and high availability.

Thema: Byzantine-fault-tolerant middleware for Web-service applications

Distributed applications composed of collections of Web services may call for diverse levels of reliability in different parts of the system. Byzantine fault tolerance (BFT) is a general strategy that has recently been shown to be practical for the development of certain classes of survivable, client-server, distributed applications; however, little research has been done on incorporating it into selective parts of multi-tier, distributed applications like Web services that have heterogeneous reliability requirements. To understand the impacts of combining BFT and Web services, we have created Thema, a new BFT middleware system that extends the BFT and Web services technologies to provide a structured way to build Byzantine-fault-tolerant, survivable Web services that application developers can use like other Web services. From a reliability perspective, our enhancements are also novel in that they allow Byzantine-fault-tolerant services: (1) to support the multi-tiered requirements of Web services, and (2) to provide standardized Web services support for their own clients (through WSDL interfaces and SOAP communication). In this paper we study key architectural implications of combining BFT with Web services and provide a performance evaluation of Thema using the TPC-W benchmark.

GlueQoS: middleware to sweeten quality-of-service policy interactions

A holy grail of component-based software engineering is write-once, reuse everywhere. However, in modern distributed, component-based systems supporting emerging application areas such as service-oriented e-business (where Web services are viewed as components) and peer-to-peer computing, this is difficult. Non-functional requirements (related to quality-of-service (QoS) issues such as security, reliability, and performance) vary with deployment context, and sometimes even at run-time, complicating the task of re-using components. In this paper, we present a middleware-based approach to managing dynamically changing QoS requirements of components. Policies are used to advertise non-functional capabilities and vary at run-time with operating conditions. We also provide middleware enhancements to match, interpret, and mediate QoS requirements of clients and servers at deployment time and/or runtime.

Transaction policies for service-oriented computing

Service-oriented computing is emerging as a distributed computing model where autonomous services interact with each other using standard Internet technology. In addition to the application-specific functions that services provide (different) services may also support (different) sets of protocols and formats addressing extra-functional concerns such as transaction processing and reliable messaging. This raises the need for services to complement their functional service descriptions with descriptions of extra-functional capabilities, requirements, and/or preferences, which must be matched and enforced for service interactions. In this paper, we address the problem of transactional coordination in service-oriented computing. We argue for the use of declarative policy assertions to advertise and match support for different transaction styles (direct transaction processing, queued transaction processing, and compensation-based transaction processing), and introduce the concept of and system support for transaction coupling modes as the policy-based contracts guiding transactional business process execution. We focus on concrete, protocol-specific policies that apply to relevant Web services specifications. Using transaction policies and our middleware system, we are able to support a reliable SOC environment.

Combining Quality of Service and Social Information for Ranking Services

In service-oriented computing, multiple services often exist to perform similar functions. In these situations, it is essential to have good ways for qualitatively ranking the services. In this paper, we present a new ranking method, ServiceRank, which considers quality of service aspects (such as response time and availability) as well as social perspectives of services (such as how they invoke each other via service composition). With this new ranking method, a service which provides good quality of service and is invoked more frequently by others is more trusted by the community and will be assigned a higher rank. ServiceRank has been implemented on SOAlive, a platform for creating and managing services and situational applications. We present experimental results which show noticeable differences between the quality of service of commonly used mapping services on the Web. We also demonstrate properties of ServiceRank by simulated experiments and analyze its performance on SOAlive.

An Access Control System for Web Service Compositions

Service composition has emerged as a fundamental technique for developing Web applications. Multiple services, often from different organizations or trust domains, may be dynamically composed to satisfy a users request. Access control in the presence of service compositions is a challenging security problem. In this paper, we present an access control model and techniques for specifying and enforcing access control rules on Web service compositions. A key advantage of our approach is that past histories of service invocations can be used to make access control decisions. Our approach allows role hierarchies and separation of duty constraints. Access controls rules may be parameterized by one or more arguments. We have implemented our access control model via a declarative policy specification language which uses pure-past linear temporal logic (PPLTL). We describe an implementation of our approach using a supply chain management (SCM) application. Our experiments show that our approach can enforce expressive and flexible access control policies while incurring reasonable performance overhead on the application.

Extending business objects with business rules

It is common to embed business rules within the code of distributed object systems. When business practices and/or policies change, as they often do, it is difficult if not impossible to correctly reflect those changes in the applications implementing them. The paper describes a framework that enables enterprises to develop distributed business applications that systematically externalize the time- and situation-variable parts of their business logic as externally applied entities called business rules. Decoupling business rules from the application can provide a number of advantages. Because business rules are external to the applications that depend upon them, the variable business logic contained in them can easily be changed. Because the management of the externalized business rules is done explicitly through a rule management facility, it is easy to understand what rules exist and to locate those that need to be changed. The Accessible Business Rule (ABR) framework is available as early test function in IBM Component Broker 2.0 and 3.0 (a part of WebSphere Enterprise).

Reliable State Monitoring in Cloud Datacenters

State monitoring is widely used for detecting critical events and abnormalities of distributed systems. As the scale of such systems grows and the degree of workload consolidation increases in Cloud data centers, node failures and performance interferences, especially transient ones, become the norm rather than the exception. Hence, distributed state monitoring tasks are often exposed to impaired communication caused by such dynamics on different nodes. Unfortunately, existing distributed state monitoring approaches are often designed under the assumption of always-online distributed monitoring nodes and reliable inter-node communication. As a result, these approaches often produce misleading results which in turn introduce various problems to Cloud users who rely on state monitoring results to perform automatic management tasks such as auto-scaling. This paper introduces a new state monitoring approach that tackles this challenge by exposing and handling communication dynamics such as message delay and loss in Cloud monitoring environments. Our approach delivers two distinct features. First, it quantitatively estimates the accuracy of monitoring results to capture uncertainties introduced by messaging dynamics. This feature helps users to distinguish trustworthy monitoring results from ones heavily deviated from the truth, yet significantly improves monitoring utility compared with simple techniques that invalidate all monitoring results generated with the presence of messaging dynamics. Second, our approach also adapts to non-transient messaging issues by reconfiguring distributed monitoring algorithms to minimize monitoring errors. Our experimental results show that, even under severe message loss and delay, our approach consistently improves monitoring accuracy, and when applied to Cloud application auto-scaling, outperforms existing state monitoring techniques in terms of the ability to correctly trigger dynamic provisioning.

Using Message-Oriented Middleware for Reliable Web Services Messaging

Web Services hold the promise of a standards-based platform for automating the integration of applications over diverse networks, operating systems and programming languages. Reliable messaging is critical in this context; many enterprise systems require a messaging infrastructure that guarantees message delivery even in the presence of software and network failures. Using existing message-oriented middleware (MOM) for reliable Web services messaging seems natural. However, a variety of implementation challenges, including the support for specific reliable Web services messaging protocols, must be addressed. In this paper, we discuss the options for and implications of employing MOM to implement reliable messaging for Web services. In doing so, we contribute to the understanding of reliability for Web services in general.

A Service-oriented Middleware for Runtime Web Services Interoperability

A major goal of service-oriented architectures is to enable software interoperability in heterogeneous and dynamic environments. Web services standards and protocols aim to support this goal and middleware systems implementing these standards and protocols consequently are needed. Maintenance and administration of middleware is made difficult due to variations in standards and their constant evolution. In this paper, we introduce a new service-oriented middleware architecture for runtime Web services interoperability. Different from other middleware systems our approach applies service-oriented computing principles on the middleware layer, thereby establishing an on-demand model for middleware features. Clients can use middleware as services, dynamically discovering and using the services as interoperability requirements are determined. Further, middleware as services allows middleware to be provided and managed separately from its clients. We present the policy-based programming model, architecture, and details of our middleware, and discuss new challenges that arise in this context, such as distribution of middleware services. The approach is validated through a scenario integrating Web service transaction middleware