Stefan Seltzsam

ObjectGlobe: Ubiquitous query processing on the Internet

Abstract. We present the design of ObjectGlobe, a distributed and open query processor for Internet data sources. Today, data is published on the Internet via Web servers which have, if at all, very localized query processing capabilities. The goal of the ObjectGlobe project is to establish an open marketplace in which data and query processing capabilities can be distributed and used by any kind of Internet application. Furthermore, ObjectGlobe integrates cycle providers (i.e., machines) which carry out query processing operators. The overall picture is to make it possible to execute a query with – in principle – unrelated query operators, cycle providers, and data sources. Such an infrastructure can serve as enabling technology for scalable e-commerce applications, e.g., B2B and B2C market places, to be able to integrate data and data processing operations of a large number of participants. One of the main challenges in the design of such an open system is to ensure privacy and security. We discuss the ObjectGlobe security requirements, show how basic components such as the optimizer and runtime system need to be extended, and present the results of performance experiments that assess the additional cost for secure distributed query processing. Another challenge is quality of service management so that users can constrain the costs and running times of their queries.

Reliable Web Service Execution and Deployment in Dynamic Environments

In this work, we present novel techniques for flexible and reliable execution and deployment of Web services which can be integrated into existing service platforms. The first technique, dynamic service selection, provides a layer of abstraction for service invocation offering Web services the possibility of selecting and invoking Web services at runtime based on a technical specification of the desired service. The selection can be influenced by using different types of constraints. The second technique, a generic dispatcher service capable of automatic service replication, augments Web services with load balancing and high availability features, without having to consider these features at the services’ development. We implemented these techniques within the ServiceGlobe system, an open Web service platform.

AutoGlobe: An Automatic Administration Concept for Service-Oriented Database Applications

Future database application systems will be designed as Service Oriented Architectures (SOAs) like SAP’s NetWeaver instead of monolithic software systems such as SAP’s R/3. The decomposition in finer-grained services allows the usage of hardware clusters and a flexible serviceto- server allocation but also increases the complexity of administration. Thus, new administration techniques like our self-organizing infrastructure that we developed in cooperation with the SAP Adaptive Computing Infrastructure (ACI) group are necessary. For our purpose the available hardware is virtualized, pooled, and monitored. A fuzzy logic based controller module supervises all services running on the hardware platform and remedies exceptional situations automatically. With this self-organizing infrastructure we reduce the necessary hardware and administration overhead and, thus, lower the total cost of ownership (TCO). We used our prototype implementation, called Auto- Globe, for SAP-internal tests and we performed comprehensive simulation studies to demonstrate the effectiveness of our proposed concept.

Security for Distributed E-Service Composition

Current developments show that tomorrows information systems and applications will no longer be based on monolithic architectures that encompass all the functionality. Rather, the emerging need for distribution and quick adaptation to new requirements stemming from, e.g., virtual enterprises, demands distributed systems that can be extended dynamically to compose new services from existing software components. However, usage of mobile code introduces specific security concerns which a security system must be aware of. We present a comprehensive security architecture for extensible, distributed systems using the example of an Internet query processing service which can be extended by user-defined operators. Before an operator is actually used in queries for the first time, our OperatorCheck server validates its semantics and analyzes its quality. This is done semi-automatically using an oracle-based approach to compare a formal specification of an operator against its implementation. Further security measures are integrated into the query processing engine: during plan distribution secure communication channels are established, authentication and authorization are performed, and overload situations are avoided by admission control. During plan execution operators are guarded using Javas security model to prevent unauthorized resource access and leakage of data. The resource consumption of operators is monitored and limited with reasonable supplementary costs to avoid resource monopolization. We show that the presented security system is capable of executing arbitrary operators without risks for the executing host and the privacy and integrity of data. In the paper we will concentrate on the OperatorCheck server, as this server can itself be viewed as an e-service that can be used by developers and independent associations.

Quality of service enabled database applications

In todays enterprise service oriented software architectures, database systems are a crucial component for the quality of service (QoS) management between customers and service providers. The database workload consists of requests stemming from many different service classes, each of which has a dedicated service level agreement (SLA). We present an adaptive QoS management that is based on an economic model which adaptively penalizes individual requests depending on the SLA and the current degree of SLA conformance that the particular service class exhibits. For deriving the adaptive penalty of individual requests, our model differentiates between opportunity costs for underachieving an SLA threshold and marginal gains for (re-)achieving an SLA threshold. Based on the penalties, we develop a database component which schedules requests depending on their deadline and their associated penalty. We report experiments of our operational system to demonstrate the effectiveness of the adaptive QoS management.

ServiceGlobe: distributing E-services across the internet

Publisher Summary The ServiceGlobe system provides a platform on which e-services (also called services or Web services) can be implemented, stored, published, discovered, deployed, and dynamically invoked at arbitrary Internet servers participating in the ServiceGlobe federation. The next generation of Internet applications—e-services—is emerging. By an e-service, one understands an autonomous software component that is uniquely identified by a Unique Resource Identifier (URI) and that can be accessed by using standard Internet protocols like eXtensible Markup Language (XML), SOAP, or Hypertext Transfer Protocol (HTTP). An e-service may combine several applications that a user needs, such as the different pieces of a supply chain architecture. For the end-user, however, the entire infrastructure will appear as a single application. Due to its potential of changing the Internet to a platform of application collaboration and integration, e-service technology gains more and more attention in research and industry; initiatives such as HP Web Services Platform [WSP], Sun ONE [Sun], or Microsoft .NET [NET] show this development.

Semantic caching for web services

We present a semantic caching scheme suitable for caching responses from Web services on the SOAP protocol level. Existing semantic caching schemes for database systems or Web sources cannot be applied directly because there is no semantic knowledge available about the requests to and responses from Web services. Web services are typically described using WSDL (Web Service Description Language) documents. For semantic caching we developed an XML-based declarative language to annotate WSDL documents with information about the caching-relevant semantics of requests and responses. Using this information, our semantic cache answers requests based on the responses of similar previously executed requests. Performance experiments—based on the scenarios of TPC-W and TPC-W Version 2—conducted using our prototype implementation demonstrate the effectiveness of the proposed semantic caching scheme.

A Comparison of Traditional and Soft-Computing Methods in a Real-Time Control Application

The paper presents a performance comparison of traditional (controller based on a physical model) and soft-computing methods (neural and fuzzy controller) applied to a real-time control problem. The pros and cons of the controller paradigms will be investigated in this paper by means of an application example. In this example a ball has to be navigated through a maze mounted on a board. The board can be tipped in any direction using two step motors. An image of the board is supplied by a CCD-camera and two signal processors are used to process the image sequences and to generate motor step sequences, respectively. The results show that the choice of a suitable controller for a specific task mainly is a trade-off between the accuracy of the motion, the ball’s speed and the execution time of the particular control algorithm.

Sicherheit in einem Java-basierten verteilten System autonomer Objekte

Diese Arbeit beschreibt die Integration verschiedener Sicherheitsmechanismen in ein persistentes, verteiltes System autonomer Objekte. Dieses System wurde fur den Einsatz in einer heterogenen WAN-Umgebung konzipiert und deshalb vollstandig in Java implementiert, um Plattformunabhangigkeit zu erreichen. Um den Zugriff der Benutzer auf die Objekte im System kontrollieren zu konnen, wird ein rollenbasiertes Autorisierungsverfahren integriert, das sowohl skalierbar als auch leicht administrierbar ist. Da das System Migration von Objekten unterstutzt, mussen sowohl Objekte vor unsicheren Rechnern, als auch Rechner vor feindlichen Objekten geschutzt werden. Ersteres erreicht man durch eine geeignete Kategorisierung der Rechner und Objekte, letzteres durch Anwendung des in Java integrierten Sandkasten-Sicherheitsmodells.