Wan Nurhayati Wan Ab. Rahman

Evaluating fault tolerance in security requirements of web services

It is impossible to identify all of the internal and external security faults (vulnerabilities and threats) during the security analysis of web services. Hence, complete fault prevention would be impossible and consequently a security failure may occur within the system. To avoid security failures, we need to provide a measurable level of fault tolerance in the security requirements of target web service. Although there are some approaches toward assessing the security of web services but still there is no well-defined evaluation model for security improvement specifically during the requirement engineering phase. This paper introduces a measurement model for evaluating the degree of fault tolerance (FTMM) in security requirements of web services by explicitly factoring the mitigation techniques into the evaluation process which eventually contributes to required level of fault tolerance in security requirements. Our approach evaluates overall tolerance of the target service in the presence of the security faults through evaluating the computational security requirement model (SRM) of the service. We measure fault tolerance of the target web service by taking into consideration the cost, technical ability, impact and flexibility of the security goals established to mitigate the security faults.

Semantic conflicts detection of heterogeneous messages of web services: Challenges and solution

Service Oriented Architecture (SOA) is a new design style that has promised to alleviate the semantic interoperability problem between Web services. Exchanging the messages seamlessly between heterogeneous Web services is required but, it is still difficult due to data heterogeneity. As a result, a noticeable number of works has been proposed with the aim of solving this problem, but yet, the problem has not been solved efficiently. Furthermore, it is important to observe the lack of sufficient approaches in the state of the art, whose purposes are semantic conflicts detection between heterogeneous messages of Web services. It is for these reasons we take a step back to the detection step before providing the solution. This study proposes a new ontology-based approach that aim at detecting semantic conflicts between heterogeneous messages of Web services. The main purposes of this approach are to detect any conflict types between the messages during message exchange process and to identify the conflict type for each detected conflict. The proposed approach plays as a vital step for improving the semantic interoperability between heterogeneous Web service messages, since it facilitate the process of addressing semantic conflicts. A real scenario was used in order to demonstrate the feasibility of the proposed approach.

A generic framework for e-commerce requirements to comply with Sharia in business-to-consumer perspective

The serious concern over fulfillment of the essential requirements of Sharia by the conventional e-commerce system constitutes a barrier to e-commerce adoption and use among many Muslims. Therefore, it is important to explore and understand the essential requirements for Sharia compliant e-commerce specifically in Business to Consumer (B2C) setting. Our research has identified the necessary requirements for e-commerce Sharia compliant. The requirements are categorised into two; Islamic law of contract, and Sharia prohibition in e-commerce. The requirements for Islamic law of contract those include compliant with form (offer and acceptance), contracting parties (buyer and seller), and subject matter (object and price). In addition, the requirements for prohibition in e-commerce are referred to the avoidance of fundamentally prohibited elements of riba, gharar, haram and maysir. Furthermore, we have developed a generic framework of requirements for B2C Sharia compliant e-commerce. This framework will serve as a guide to consumers in determining the legitimacy of an e-commerce transaction in the light of Sharia. Besides, e-commerce merchants, web application developers and other stakeholders will gain clear understanding of these requirements to improve the development and diffusion of Sharia compliant e-commerce application. Conclusively, this research postulates that, any e-commerce transaction or platform that complies with the Islamic law of contract and is devoid of any fundamentally prohibited element (riba, gharar, haram and maysir) is deemed Sharia compliant.

A Generic QoS Model for Web: Services Design

The development, registration, discovery, and invocation of quality Web services are vital for the successful implementation of applications using Web services. Considerable research focuses on quality for Web services. Unfortunately, current research on Quality of Service QoS for Web services is concentrated on service users and the implementation stage. This research highlights the importance of incorporating QoS at the design and development stages; the authors propose the introduction of QoS at the same time as functional requirements. However, Web Service Description Language WSDL describes the functional elements of a Web service, and QoS is significant for this description. Therefore, the authors propose an extension to the WSDL through a generic QoS metamodel, incorporating QoS specifications into the functionalities. This paper begins by defining the required QoS specifications for the development of quality Web services and explores the potential of the Unified Modeling Language as a technique and notation to specify QoS. To properly integrate QoS in the design, the authors propose extensions to the existing UML QoS profile. The paper concludes with the evaluation of the proposed framework and summarises its advantages.

FEATURE-BASED ANALYSIS INTO THE TREND OF SOFTWARE TECHNOLOGIES FROM TRADITIONAL TO SERVICE ORIENTED ARCHITECTURE AND SAAS CLOUD

There are issues of confusion between the concepts of Service Oriented Architecture (SOA) and Software as a Service (SaaS) which affect on the benefits th ey offer like cost reduction and agility. To solve this problem, the paper aims to explore the concepts of SaaS and SOA in order to give better understanding of these two technologies. Since SaaS cloud is getting more popular day by day and many companies are shifting to apply SaaS solutions, this motivates us to make a clear understanding of the concepts of S aaS delivery model and SOA architecture. Therefore, in this research we have reviewed the concepts and features of both SaaS cloud and SOA and then compared them with the traditional on-premise software.

An Analysis on SAWSDL and its Implementation Tools

Recently, Semantic Annotations for WSDL SAWSDL standard emerged as a W3C recommendation to add semantics to WSDL components. SAWSDL annotates WSDL components with different semantics in order to automate Web service tasks, such as service discovery, composition, mediation, and invocation. In fact, certain service task requires a specific service semantic that semantically describes the service. As a result, several tools and techniques have emerged to allow users to get maximum advantage of semantic Web service by implementing SAWSDL. This paper analyzes SAWSDL standard. The relationships between SAWSDL and WSDL components were revealed. The direct relationships between SAWSDL components and service tasks through service semantics were investigated and reported. This paper also reviews some well-known tools that are used for SAWSDL implementation.

Facilitate Recycle Activities via ICT and Physical Approach

Recycle, reuse and reduce are commonly heard as the activities to support for green environment. However, without or lack of self awareness and voluntary to contribute to the green it can cause a failure effort and projects from the government and other sectors. Furthermore, the public could not be expected to keep recycling without enough motivation, assistance and facility. Alternatively, we proposed a web application as an e-platform for the community and business entity including shopping mall, green business and other agencies to support and collaborate between each other in supporting for recycle and reuse. We have investigated through survey and interview with those involved including the public and representatives from the selected shopping malls to collect data of the current scenario regarding their awareness and willingness to contribute to green. Our solution called e-Reward for Recyclers purposely to motivate people to recycle their used items from home at one stop recycling centre by collaborating with shopping malls. Lastly, we wanted to connect people from the green business including recycle factory, reused company and welfare organization to the recycle centre for them to collect mass recycled items to be reused for their purposes.

Towards a Systematic Approach for Heterogeneous Web Service Messages

Establishing semantic interoperability between the heterogeneous messages of Web services has been a critical issue since the emergence of Web service. So far, many approaches that are aimed at solving semantic conflicts to achieve semantic interoperability of heterogeneous messages of Web service have been proposed. However, despite the significant contributions of the current approaches, semantic conflicts remain the critical problem that prevents exchanging the data between heterogeneous messages seamlessly. In this paper, we propose a new systematic approach to solve semantic conflicts of heterogeneous messages. The proposed approach revolves around three steps; semantic conflict identification, detection and solution.