Advanced Web Services

In this chapter we describe a design of compensations using forward recovery within Web service transactions. We introduce an approach to model compensation capabilities and requirements using feature models, which are the basis for defining compensation rules. These rules can be executed in a Web service environment that we extend with the concept of an abstract service, which is a management component for flexible compensation capabilities. We describe the design and also discuss advantages and disadvantages of such an approach.

Relationship-focused and credential-focused identity management are both user-centric notions in Service-oriented architecture (SOA). For composite services, pure user-centric identity management is inefficient because each sub-service may authenticate and authorize users and users need to participate in every identity provisioning transaction. If the above two paradigms are unified into universal identity management, where identity information and privileges are delegatable, user-centricity will be more feasible in SOA. The credential-focused system is a good starting point for constructing a universal identity management system. However, how to implement a practical delegation scheme is still a challenge although some delegatable anonymous credential schemes have been theoretically constructed. This paper aims to propose a practical solution for universal identity management. For this, a pseudonym-based signature scheme is firstly designed, where pseudonyms are self-generated and unlinkable for realizing user privacy. Next, a proxy signature is presented with the pseudonyms as public keys where delegation can be achieved through certificate chains. Finally, the WS-Federation is extended to build a universal identity management solution.

In the 1980s and 1990s, the issue of trust in many aspects of life has drawn much attention in a significant number of studies in social science. Nowadays, with the development of Web applications, trust evaluation has become a significant and important issue, especially when a client has to select a trustworthy one from a pool of unknown service providers. An effective and efficient trust evaluation system is highly desirable and critical to clients for identifying potential risks, providing objective trust results and preventing huge monetary losses.This research roadmap presents an overview of the general structure of trust, the bases of trust and the concepts of trust in different disciplines. Then the typical trust evaluation methods in each area of Web applications, including e-commerce, P2P networks, multi-agent systems, recommendation systems, social networks and service-oriented computing, are briefly introduced from technology, state of the art and scientific challenges standpoints. This roadmap provides not only the necessary background for on-going research activities and projects, but also the solid foundations for deciding on potential future research on trust evaluation in broader contexts.

Trust is one of the most concerned obstacles for the adoption and growth of cloud computing. Although several solutions have been proposed recently in managing trust feedbacks in cloud environments, how to determine the credibility of trust feedbacks is mostly neglected. In addition, guaranteeing the availability of the trust management service is a difficult problem due to the unpredictable number of cloud service consumers and the highly dynamic nature of cloud environments. In this chapter, we propose a framework that uses Web services to improve ways on trust management in cloud environments. In particular, we introduce an adaptive credibility model that distinguishes between credible and malicious feedbacks by considering the cloud service consumers’ capability and majority consensus of their feedbacks. We also present a replication determination model that dynamically decides the optimal replica number of the trust management service so that the trust management service can be always maintained at a desired availability level. The approaches have been validated by a prototype system and experimental results.

The widespread development of Service-Oriented Architecture (SOA) and web services is changing the traditional view of information technology. Today, software applications are increasingly distributed and consumed as a service, and business processes are implemented by selecting and composing services provided by different suppliers at run-time and with a minimal human intervention. In this scenario, where services are usually selected on the basis of clients’ functional preferences, the risk of providing powerful but insecure applications raises, and the problem of guaranteeing and preserving the security of services and business processes becomes stringent. To this aim, we put forward the idea that security certification techniques can be adopted to provide the evidence that a service system has some security properties and behaves as expected. However, existing security certification techniques are not well-suited to the service scenario, since they are designed for static and monolithic software and then cannot support the intrinsic SOA dynamics. In this chapter, we discuss recent developments in the area of extending security certifications to web services. In particular, we first review current certification approaches, and highlight requirements and challenges for applying them to the service ecosystem. We then present an advanced methodology for security certification based on testing, as a crucial part of a novel approach for security certification developed in the context of the FP7 EU project Advanced Security Service cERTificate for SOA (Assert4Soa).

The dynamic composition of services owned by different vendors demands a high degree of test automation, which must be able to cope with the diversity of service implementation techniques and to meet a wide range of test requirements on-the-fly. These goals are hard to achieve because of the lack of software artefacts of the composed services and the lack of the means of control over test executions and the means of observations on the internal behaviours of composed services. Yet, such integration testing on-the-fly must be non-intrusive and non-disruptive while the composed services are in operation. This chapter presents a test automation framework for such on-the-fly testing of service compositions to facilitate the collaboration between test services through utilisation of Semantic Web Services techniques. In this framework, an ontology of software testing called STOWS are used for the registration, discovery and invocation of test services. The composition of test services is realized by using test brokers, which are also test services but specialized in the coordination of other test services. The ontology can be extended and updated through an ontology management service so that it can support a wide open range of test activities, methods, techniques and types of software artefacts. We also demonstrate the uses of the framework by two running examples.

We propose a Web Service Change Management Language (SCML) to manage top-down changes in Long term Composed Services (LCSs). A LCS is a collaboration between autonomous Web services that collectively provide a value-added service. Due to the dynamic environment, managing changes is a fundamental challenge for the successful deployment of a LCS. We first propose a change taxonomy that classifies changes into different categories. Based on the taxonomy, we define a set of change operators that specify different types of changes in a precise and formal way. The change operators can be mapped to a set of SCML statements, which are declarative and easy-to-use. We describe a systematic procedure to process SCML statements. We then propose our prototype implementation for the proposed SCML.

Service organization has been considered as the key enabler for efficient web service management. It gives a high-level and structured view of the important features of web services, including their functionality and inter-service relationships, which can be leveraged to allow a top-down declarative way of querying and composing web services. Abstract services that conceptualize the functionality provided by web services, has been widely adopted as the kernel component of web service organization. However, how to generate abstract services is non-trivial. Current approaches either assume the existence of abstract services or adopt a manual process that demands intensive human intervention. We propose a novel approach to fully automate the generation of abstract services. We first explain the process of generating homogeneous service spaces, i.e., service communities, which consist of a set of functionally similar services. We then present a process of generating abstract services within a service community. We leverage semantics to address the issues raised by syntactical-level service descriptions. An comprehensive experimental study on real world web service data is conducted to demonstrate the effectiveness and efficiency of the proposed approach.

We propose a service-oriented framework for exploring networks of processes modeled as Web services. In particular, we apply this approach to biological processes that builds upon and extends existing biological representation methodologies. We present our prototype service exploration tool, named PathExplorer, to discover potentially interesting biological pathways linking service models of biological processes. We describe an innovative approach used by PathExplorer to identify useful pathways and its service-based simulation strategy to support predictive analysis.

With the recent advancements and adoption of Web Service technologies, improvements can be made for tendering processes to solve B2B interoperability and integration problems. In this paper, we detail our Tendering Process Meta-model (TPM) to improve inefficient manual or semi-automated tendering process. We further demonstrate our approach in a case study of the building and construction industries, where contracting authority invite tenderers to submit an estimate of prices, detailing the costs associated with completing a building. In this way, the contracting authority can base their decision on the tender submissions to select the most suitable contractor. Currently in Hong Kong, many of such tendering processes are still mainly manual and paper based. The tenderers need to collect the tender’s booklet, price it, and bring it back to the contracting authority’s office before the deadline. In this paper, we present a design and implementation of an e-tendering system (ETS) based on our TPM by using Web services for the automation of such tendering processes. We also show how e-tendering reduces the problems that occur in the manual process and helps decision making.

Many services and service providers compete with each other to provide similar services in the service-oriented Web (also known as Service Web). Selection of the best services or service providers is an important and challenging problem. Trust plays an important role in identifying the best service provider for a customer, where trust information is computed from customer feedback ratings for the services. Such rating provides a measure of previous consumers’ satisfaction with the services. The satisfaction value indicates the trustworthiness of a service provider in delivering the services as promised (also known as service trust). This situation exists in many E-Government applications where a large number of services are outsourced to the third party service providers and there is a need to select the best services for customers based on their current needs. In this chapter, we propose a community based approach of managing service trust for E-Government applications with the focus on a human services delivery system. We describe the architecture, implementation and a case study of the proposed service trust management framework in the context of delivering human services.

In recent years, Online Social Networks (OSNs) with numerous participants have been used as the means for rich activities. For example, employers could use OSNs to investigate potential employees, and participants could use OSNs to look for movie recommendations. In these activities, trust is one of the most important indication of participants decision making, greatly demanding the evaluation of the trustworthiness of a service provider along certain social trust paths from a service consumer. In this chapter, we first analyze the characteristics of the current generation of functional websites and the current generation of online social networks based on their functionality and sociality, and present the properties of the new generation of social network based web applications. Then we present a new selection model considering both adjacent and end-to-end constraints, based on a novel concept Quality of Trust and a novel complex social network structure. Moreover, in order to select the optimal one from a lot of social trust paths yielding the most trustworthy trust evaluation result, this chapter presents an effective and efficient heuristic algorithm for optimal social trust path selection with constraints, which is actually an NP-Complete problem. Experimental results illustrate that our proposed method outperforms existing models in both efficiency and the quality of delivered solutions. This work provides key techniques to potentially lots of service-oriented applications with social networks as the backbone.

This paper addresses the problem of applying the general network theory for analyzing qualitatively Web services networks. The paper reviews current approaches to analyzing Web services networks, generalizes the published approaches into a formal framework for analyzing Web services networks and demonstrates its applicability in practice. More specifically, two case studies are described where the presented framework has been applied. The first one considers identification of redundant data in large-scale service-oriented information systems, while the second one measures information diffusion between individual information systems.

Human capabilities have been incorporated into IT systems for solving complex problems since several years. Still, it is very challenging to program human capabilities due to the lack of techniques and tools. In this paper, we will discuss techniques and frameworks for conceptualizing and virtualizing human capabilities under programmable units and for provisioning them using cloud service models. We will discuss how elastic composite applications can be built by combining programmable units of software-based and human-based services in the Vienna Elastic Computing Model.

The success in Web services goes well beyond the building of loosely-coupled, interoperable software components. Nowadays, large-scale collaboration through social media (e.g., social networks) and new generation of service-oriented software have spurred the growth of Web service ecosystems. This chapter discusses how a social ecosystem of Web services can be realized by defining first, the necessary actors that take part in this ecosystem formation and second, the interactions that occur between these actors during this ecosystem management. Such ecosystem permits to track who does what and where and when it is done. Compared to (regular) Web services, Web services in a social ecosystem take different actions that allow them, for instance to establish and maintain networks of contacts with other peers and to form with some peers strong and long lasting collaborative groups. The actors in the ecosystem are referred to as providers of Web services, providers of social networks of Web services, consumers of Web services, and providers of social networks of consumers. They all engage in different types of interactions like making Web services sign up in social networks of Web services, supporting users seek advices from existing members in a social network of consumers, and combining social networks of consumers and of Web services to achieve users’ requests. Existing research initiatives on social Web services as well as open issues in the development of a social ecosystem of (social) Web services are also discussed in this chapter.

The computing and networking capabilities of today’s wireless mobile devices allow for seamlessly-networked, ubiquitous services, which may be dynamically composed at run-time to accomplish complex tasks. This vision, however, remains challenged by the inherent mobility of such devices, which makes services highly volatile. These issues call for a service-oriented middleware that should (i) deal with the run-time growth of the application in terms of involved services (flexibility), (ii) accommodate heterogeneous and unforeseen services into the running application (genericity), and (iii) discover new services at run time and rearrange the application accordingly (dynamism). This chapter discusses the design and implementation of ubiREST, a service-oriented middleware that leverages REST principles to effectively enable the ubiquitous networking of Services. ubiREST specifically defines a layered communication middleware supporting RESTful Services while exploiting nowadays ubiquitous connectivity.

The developments in the web services domain, the improved device capabilities of the smart phones, the increased transmission rates of the cellular networks and the ubiquity of the wifi networks have lead to the mobile web services (MWS). In MWS domain, the resource constrained smart phones can act as both web service clients and providers (Mobile Host), thus forming a Mobile Enterprise. Simultaneously, with the advent of cloud computing, mobiles tried to utilize cloud services which, most often, provide web service interfaces. The benefits of offloading tasks to the cloud include extended battery lifetime, improved storage capacity and increased processing power, for the mobile devices. This paper summarizes the research associated with mobile web and cloud services. The QoS aspects of the Mobile Host, like providing proper security and scalability, the discovery of the provided services, the integrational aspects of the different technological solutions and their migration to the cloud are thoroughly discussed. The paper also discusses Mobile Cloud Middleware (MCM), which eases the invocation of multiple cloud services from mobiles. MCM raises the necessity for an asynchronous notification mechanism and with the Mobile Host feature; this is as simple as providing one more service from the device.

Portability and automated management of composite applications are major concerns of today’s enterprise IT. These applications typically consist of heterogeneous distributed components combined to provide the application’s functionality. This architectural style challenges the operation and management of the application as a whole and requires new concepts for deployment, configuration, operation, and termination. The upcoming OASIS Topology and Orchestration Specification for Cloud Applications (TOSCA) standard provides new ways to enable portable automated deployment and management of composite applications. TOSCA describes the structure of composite applications as topologies containing their components and their relationships. Plans capture management tasks by orchestrating management operations exposed by the components.This chapter provides an overview on the concepts and usage of TOSCA.

The benefits of cloud computing approaches are well known but designing logical architectures for that context can be difficult. When there are insufficient inputs for a typical (product) approach to requirements elicitation, a process-level perspective is an alternative way for achieving the intended logical design. We present a V-Model based approach to derive logical architectural models to execute in the different cloud layers from a process-level perspective, instead of the traditional product-level perspective. This V-Model approach encompasses the initial definition of the project goals and the process-level perspective of the systems intended logical architecture. The approach application results in the creation of a validated process-level structure and behavior architectural models that create a context for eliciting requirements for a cloud product. Throughout this process, we assess our decisions based on the ARID method to identify process vulnerabilities and evaluate the quality of the derived logical architecture. We introduce a case study where our approach was applied and the resulting logical architectural model is presented.

Cloud-based systems are built and delivered using multi-level architectures, which may compose third-party services at the application level as well as at lower levels, such as the platform and the infrastructure ones. With this architectural style, the ability to automatically perform management operations, possibly in a cross-level way, is becoming more and more important as the technology matures, and its adoption increases. We argue that the multi-level management of cloud-based systems should be established at design time, and the service life cycles of the different services (and levels) should be managed accordingly. In this chapter, we present a conceptual model for manageable cloud-based systems, and a reference framework for implementing the foreseen management solutions.

In this chapter, we introduce an interesting type of Web services for “things”. Existing Web services are applications across the Web that perform functions mainly to satisfy users’ social needs “from simple requests to complicated business processes”. Throughout history, humans have accumulated lots of knowledge about diverse things in the physical world. However, human knowledge about the world has not been fully used on the current Web which focuses on social communication; the prospect of interacting with things other than people on the future Web is very exciting. The purpose of Web services for “things” is to provide a tunnel for people to interact with things in the physical world from anywhere through the Internet. Extending the service targets from people to anything challenges the existing techniques of Web services from three aspects: first, an unified interface should be provided for people to describe the needs of things; then basic components should be designed in a Web service for things; finally, implementation of a Web service for things should be optimized when mashing up multiple sub Web services.

We tackle the challenges faced by a Web service for things and make the best use of human knowledge from the following aspects. We first define a context of things as an unified interface. The users’ description (semantic context) and sensors (sensing context) are two channels for acquiring the context of things. Then, we define three basic modules for a Web service for things: ontology Web services to unify the context of things, machine readable domain knowledge Web services and event report Web services (such as weather report services and sensor event report services). Meanwhile, we develop a Thing-REST framework to optimally mashup structures to loosely couple the three basic modules. We employ a smart plant watering service application to demonstrate all the techniques we have developed .