Olivier Perrin

An optimized derivation of event queries to monitor choreography violations

The dynamic nature of the cross-organizational business processes poses various challenges to their successful execution. Choreography description languages help to reduce such complexity by providing means for describing complex systems at a higher level. However, this does not necessarily guarantee that erroneous situations cannot occur due to inappropriately specified interactions. Complex event processing can address this concern by analyzing and evaluating message exchange events, to the aim of checking if the actual behavior of the interacting entities effectively adheres to the modeled business constraints. This paper proposes a runtime event-based approach to deal with the problem of monitoring conformance of interaction sequences. Our approach allows for an automatic and optimized generation of rules. After parsing the choreography graph into a hierarchy of canonical blocks, tagging each event by its block ascendancy, an optimized set of monitoring queries is generated. We evaluate the concepts based on a scenario showing how much the number of queries can be significantly reduced.

On evolving partitioned Web Service orchestrations

Many researches argue that centralized Web Service (WS) orchestrations stop short in dealing with key requirements such as scalability, privacy and reliability. Consequently, fragmentation and decentralization have been proposed to overcome these limitations. In detail, the centralized orchestration is fragmented into behaviorally equivalent distributed partitions such that their combined execution recreates the function of the original orchestration. However, the evolving nature of business processes created the need for an efficient change support. Since the decentralization leads to the distribution of the activities, the control and data flows, it becomes difficult to specify the changes directly on the derived partitions. Therefore, it is more judicious to specify the changes on the centralized orchestration model and propagate them to the derived partitions. In this paper, we propose a comprehensive change framework for partitioned WS orchestration scenarios and demonstrate how to specify and propagate the changes from the centralized model to its resulting decentralized partitions.

Service-Oriented Computing - ICSOC 2012 Workshops

Cloud is becoming the next-generation computing paradigm for enterprises to deploy services and run business. While most Cloud service providers promise some Quality of Service (QoS) through a Service Level Agreement (SLA), it is very hard for Cloud clients to know what impacts these QoS have on their businesses. In this paper, we study this issue by conducting a simple performance evaluation of two public Clouds. We selected TPC-C to benchmark three types of instances (Small, Medium and Large) provided by the Cloud providers in order to find out how the typical online transaction process systems perform on the cloud nodes. Our testing results show that the different Cloud environments deliver very different performance landscapes with different Cloud instances. Our work demonstrates the importance and opportunity to choose the appropriate Cloud instance in achieving an optimal cost-performance ratio for a class of cloud applications.

A Bounded Model Checking Approach for the Verification of Web Services Composition

In this paper, we propose a bounded model-checking based approach for the verification of declarative Web services composition processes using satisfiability solving SAT. The need for the bounded model-checking approach stems from the nature of declarative processes as they are defined by only specifying the constraints that mark the boundary of the solution to the composition process. The proposed approach relies on using Event Calculus EC as the modeling formalism with a sound and complete EC to SAT encoding process. The use of EC as the modeling also formalism allows for a highly expressive approach for both the specification of composition model and for the specification of verification properties. Furthermore, as the conflict clauses returned by the SAT solver can be significantly large for complex processes and verification requirements, we propose a filtering criterion and defined patterns for identifying the clauses of interest for process verification.

Access Control Framework Within a Collaborative PaaS Platform

Collaboration of organizations in professional context has become ubiquitous. However, the security issues still exist. In this paper, we propose a decentralised hybrid framework for managing identity and access control for collaborative platforms as a service PaaS. We propose an approach based on federations that ensure the interoperability within the platform while preserving organizations authentication and authorization mechanisms.

A Formal Approach for the Verification of AWS IAM Access Control Policies

Cloud computing offers elastic, scalable and on-demand network access to a shared pool of computing resources, such as storage, computation and others. Resources can be rapidly and elastically provisioned and the users pay for what they use. One of the major challenges in Cloud computing adoption is security and in this paper we address one important security aspect, the Cloud authorization. We have provided a formal Attribute Based Access Control (ABAC) model, that is based on Event-Calculus and is able to model and verify Amazon Web Services (AWS) Identity and Access Management (IAM) policies. The proposed approach is expressive and extensible. We have provided generic Event-Calculus modes and provided tool support to automatically convert JSON based IAM policies in Event-Calculus. We have also presented performance evaluation results on actual IAM policies to justify the scalability and practicality of the approach.

Name anomaly detection for ICN

Information leakages are one of the main security threats in todays Internet. As ICN is expected to become the core architecture for Future Internet, it is therefore mandatory to prevent this threat. This paper proves that some ICN configuration prevents information leakages via Data packets and shows that it is an open problem to prevent interest packets from carrying encoded crucial information in their names. Assuming that names in ICN will follow the current URL format commonly used in the Internet, we get the statistics of web URL based on extensive crawling experiments of main internet organizations. Then we propose a simple filtering technique based on these statistics for firewall to detect anomalous names in ICN. The experiment shows that our filtering technique recognizes 15% of names in our dataset as malicious. As the false positive rate is still high for this filter to be used in a real world operation, this work is an important step for detecting anomalous names and preventing information-leakage in ICN.

Trusternity: Auditing Transparent Log Server with Blockchain

Public key server is a simple yet effective way of key management in secure end-to-end communication. To ensure the trustworthiness of a public key server, transparent log systems such as CONIKS employ a tamper-evident data structure on the server and a gossiping protocol among clients in order to detect compromised servers. However, due to lack of incentive and vulnerability to malicious clients, a gossiping protocol is hard to implement in practice. Meanwhile, alternative solutions such as EthIKS are not scalable. This paper presents Trusternity, an auditing scheme relying on Ethereum blockchain that is easy to implement, scalable and inexpensive to operate.

Blockchain-Based Auditing of Transparent Log Servers

Public key server is a simple yet effective way of key management in secure end-to-end communication. To ensure the trustworthiness of a public key server, CONIKS employs a tamper-evident data structure on the server and a gossiping protocol among clients in order to detect compromised servers. However, due to lack of incentive and vulnerability to malicious clients, a gossiping protocol is hard to implement in practice. Meanwhile, alternative solutions such as EthIKS are too costly. This paper presents Trusternity, an auditing scheme relying on Ethereum blockchain that is easy to implement, inexpensive to operate and resilient to malicious clients. We also conduct an empirical study of system behaviour in face of attacks and propose a lightweight anomaly detection algorithm to protect clients against such attacks.

Risk analysis of information-leakage through interest packets in NDN

Information-leakage is one of the most important security issues in the current Internet. In Named-Data Networking (NDN), Interest names introduce novel vulnerabilities that can be exploited. By setting up a malware, Interest names can be used to encode critical information (steganography embedded) and to leak information out of the network by generating anomalous Interest traffic. This security threat based on Interest names does not exist in IP network, and it is essential to solve this issue to secure the NDN architecture. This paper performs risk analysis of information-leakage in NDN. We first describe vulnerabilities with Interest names and, as countermeasures, we propose a name-based filter using search engine information, and another filter using one-class Support Vector Machine (SVM). We collected URLs from the data repository provided by Common Crawl and we evaluate the performances of our per-packet filters. We show that our filters can choke drastically the throughput of information-leakage, which makes it easier to detect anomalous Interest traffic. It is therefore possible to mitigate information-leakage in NDN network and it is a strong incentive for future deployment of this architecture at the Internet scale.