Service-Oriented Computing - ICSOC 2014 Workshops

Service Oriented Architecture has become the architecture of choice providing a flexible and responsive enterprise computing architecture that addresses the business needs of modern organizations. However, developing SOA applications involves many challenges, in particular for large-scale projects that require highly skilled practitioners. In this paper we discuss the challenges associated with developing SOA applications and describe how such challenges are addressed using the uuApp framework.

Many organizations migrate their on-premise software systems to the cloud. However, current coarse-grained cloud migration solutions have made a transparent migration of on-premise applications to the cloud a difficult, sometimes trial-and-error based endeavor. This paper suggests a catalogue of fine-grained service-based cloud architecture migration patterns that target multi-cloud settings and are specified with architectural notations. The proposed migration patterns are based on empirical evidence from a number of migration projects, best practices for cloud architectures and a systematic literature review of existing research. The pattern catalogue allows an organization to (1) select appropriate architecture migration patterns based on their objectives, (2) compose them to define a migration plan, and (3) extend them based on the identification of new patterns in new contexts.

Cloud computing and the IoT are converging ever stronger, enabling the proliferation of diverse large-scale IoT cloud systems. Such novel IoT cloud systems offer numerous advantages for the variety of involved stakeholders. However, due to scale, complexity, and inherent geographical distribution of IoT cloud systems, governing new IoT cloud resources and capabilities poses numerous challenges. In this paper, we introduce GovOps – a novel approach and a conceptual model for cloud-based, dynamic governance of software-defined IoT cloud systems. By introducing a suitable

GovOps reference model

and a dedicated

GovOps manager

, it simplifies realizing governance processes and enables performing custom governance tasks more efficiently in practice. We introduce real-world case studies in the building automation and vehicle management domains, to illustrate the main aspects and principles of our approach to governance of large-scale software-defined IoT cloud systems.

Context-aware software for mobile and desktop users is an emerging field for software development. Due to the increasing market, most of the industry and scientific proposals in this field focus on solving context-aware adaptation issues for browser-based applications only. However, other applications, such as web services, also require context adaptation. This paper aims at providing a solution for context-aware web services and their desktop or mobile clients. In this regard, we provide a model-driven methodology for developing adaptable web services: from the initial system model, we will identify where context awareness is required and afterwards the main system skeleton code along with the context adaptation code will be automatically generated. Using this methodology, and also the provided tool, developers will be able to easily create well structured and modularized context-adaptable services, where final service code will be completely separate from context-related functionalities through an aspect-oriented implementation.

We propose a framework to allow the analysis of service interfaces, useful for interoperability in heterogeneous settings such as business networks. The framework supports analysis of large and overloaded operational signatures to derive focal artefacts, namely the underlying business objects of services. A more simplified and comprehensive service interface layer is created based on these, and rendered into semantically normalised interfaces, given an ontology accrued through the framework from service analysis history. This opens up the prospect of supporting capability comparisons across services, and run-time request backtracking and adjustment, as consumers discover new features of a service’s operations through corresponding features of similar services. This paper provides a first exposition of the service interface synthesis framework, describing algorithms for business object derivation and service behavioural interface generation. A prototypical implementation and analysis of web services drawn from commercial logistic systems are used to validate the algorithms and identify open challenges and future research directions.

Hybrid and Diversity-Aware Collective Adaptive Systems (HDA-CAS) form a broad class of highly distributed systems comprising a number of heterogeneous human-based and machine-based computing (service) units. These units collaborate in ad-hoc formed, dynamically-adaptive collectives. The flexibility of these collectives makes them suitable for processing elaborate tasks, but at the same time, building a system to support diverse communication types in such collectives is challenging. In this paper, we address the fundamental communication challenges for HDA-CAS. We present the design of a middleware for virtualizing communication within and among collectives of diverse types of service units. The middleware is able to handle numerous, intermittently available, human and software-based service units, and manages the notion of collectivity transparently to the programmer. A prototype implementation for validation purpose is also provided.

Satisfying privacy related obligations within IT systems that involve multiple organizations is one of the most important, yet challenging tasks in security engineering. When systems involve multiple actors, resources and computing devices, identifying data flows, actors’ liabilities and accesses on data become fundamental requisites for taking appropriate design choices to preserve privacy. To facilitate these tasks, principles such as Privacy by Design have been proposed. However, applying such principles implies rethinking the whole project development lifecycle in order to fulfil at the same time privacy, technical and administrative requirements from early stages of systems design.

This paper reports our work on a project undertaken by the Province of Trento (Italy) on integrating social, health and other assistance services for elders. Within the project, we used business processes to support systems’ design and development, from analysis to execution, while at the same time fulfilling privacy related objectives. Specifically, we show how by modelling cross-organization processes and by focusing on involved actors and managed resources, we can provide the necessary tools to involve analysts, designers, project managers and privacy experts during systems’ design and support them to satisfy both privacy and technical requirements. The resulting process models are also used for partial automation and integration of involved services.

Effective and efficient delivery of services requires tasks to be allocated to appropriate and available set of resources. Much of the research in task allocation, model a system of tasks and resources and determine which tasks should be executed by which resources. These techniques when applied to service systems with human resources, model parameters that can be explicitly identified, such as worker efficiency, worker capability based on skills and expertise, authority derived from organizational positions and so on. However, in real-life workers have complex behaviors with varying efficiencies that are either unknown or are increasingly complex to model. Hence, resource allocation models that equate human performance to device or machine performance could provide inaccurate results. In this paper we use data from process execution logs to identify resource allocations that have resulted in an expected service quality, to guide future resource allocations. We evaluate data for a service system with 40 human workers for a period of 8 months. We build a learning model using Support Vector Machine (SVM), that predicts the quality of service for specific allocation of tasks to workers. The SVM based classifier is able to predict service quality with 80 % accuracy. Further, a latent discriminant classifier, uses the number of tasks pending in a worker’s queue as a key predictor, to predict the likelihood of allocating a new incoming request to the worker. A simulation model that incorporates the dispatching policy based on worker’s pending tasks shows an improved service quality and utilization of service workers.

As business process models are widely used and essential for most organizations, the problem of redundantly modeled processes rises. This can happen when a process is modeled by different modelers or when organizations merge. In order to cope with this issue, typically process model similarity matching methods are used. Thereby, pure textual matching algorithms operating on single activities are often not suitable. One alternative is to include further information like data and resources and to check for M:N-matchings. The work at hand describes how to use resource information to match process models, even if they are modeled on different levels of granularity. The approach can be used for both human and non-human resources. Furthermore, the differences between intra- and inter-organizational matchings are pointed out.

Agile processes depend on human resources, decisions and expert knowledge and are especially versatile and comprise rather complex coherencies. Rule-based process models are well-suited for modeling these processes. There exist a number of process mining approaches to discover rule-based process models from event logs. However, existing rule-based approaches are typically based on a given set of rule templates and predominately consider control flow aspects. By only considering a given set of templates, contemporary approaches underlie a representational bias. The usage of a fixed language frequently ends into insuffcient languages. In this paper we propose an approach to automatically suggest adequate resource-aware rule templates for a given domain by pre-processing the provided event log using frequent pattern mining techniques. These templates can then be instantiated and checked by process mining methods.

Efficient business processes are a critical success factor for organizations in a competitive market environment. One of the key potentials to increase efficiency of business processes is the optimization of resource utilization. The contribution of this paper is a novel approach for combining activities across running process instances to optimize resource utilization; i.e., resources are shared across different process instances. The main benefits of the suggested approach are the identification, disclosure, and application of optimization potentials.

This paper presents a planning-based approach for the enumeration of alternative data-centric workflows specified in ASASEL (Abstract State mAchineS Execution Language), which define the coordination of data and computation services for satisfying data requirements. The optimization of data-centric workflows is associated to the exploration of the parallelization of the workflow activities. We address the exploration of parallelism formalizing the enumeration problem in the DLV-K language. Together, our ASASEL language and enactment engine along with our enumeration approach provide the foundation for a highly flexible mechanism for managing data-centric workflows.

With the emergence of contextual enterprise, organizations increasingly tend to analyze the adherence of the day to day execution of internal business processes with their stated goals. This is needed so that they can continuously evaluate and readjust their operating models and corresponding business strategies. However organizations often find it very difficult to discover and categorize the process variants in terms of their stated goal adherence from process execution logs. This is due to the challenges in resolving the extent of goal compliance as it necessitates the classification of process variants first in terms of the contextual factors associated with the process execution. In this paper, we propose our approach for discovering goal adherence of process variant instances mined from event logs. We first generate goal-service alignment models to establish correlation of process fragments with specific sub-goals of the organization’s goal model. Subsequently we discover the extent of goal adherence of individual process instances by the composition of correlated sub-goals. We also associate the contextual factors with each process instance that are goal preserving in nature. Leveraging the difference in correlation and association of contextual factors we classify the instances as goal preserving executed process variants. This bottom-up approach enables the organizations to study the depth and breadth of goal adherence in their organizations. Also the impact of any specific change in the goal decomposition models and the associated contextual factors can be studied with our approach. We evaluate our approach using a real industrial case study in IT Incident Management using a event log of 25000 records.

In an evolutionary environment, many changes can be triggered by enterprise in order to cope with increased development. These changes can be critical if they are not well identified and addressed. In this context, Enterprise Architecture (EA) operates to provide holistic and coherent enterprise vision and aims to guide enterprise change. One of these changes depends on competence which is related to actors’ performance assessment. In doing so, we define a formal approach that accompanies changes and provides strategic guidance based on actors performance assessments. Then, we identify the multilevel character of changes using hierarchical linear model (HLM) to compute linear correlation coefficient. Our method is based on the prediction and helps in anticipating the changing impacts. Finally, a prototype is developed to evaluate this approach in a case study.

Following the crisis in 2008, the financial industry has faced growing numbers of laws and regulations globally. The number and complexity of these regulations is creating significant issues for governance, risk and compliance management in almost all industrial sectors; however some of these sectors are characterized by being heavily-regulated including the financial industry. This paper proposes a semantically-enabled compliance management framework. In the heart of the framework is an integrated semantic repository incorporating regulatory, business and compliance knowledge; i.e.,

CMKB

. The approach is underpinned by legal Subject Matter Experts (SMEs) interpreting financial regulations and encoding them in the Semantics of Business vocabulary and Business Rule (SBVR) standard. As a proof-of-concept, we have integrated the SBVR and CMKB repositories with a validated compliance solution for design-time compliance verification. However, the approach could be integrated with other compliance solutions at different phases of the business process lifecycle.

In this paper we tackle the problem of reconstructing information about incomplete business process execution traces proposing an approach based on action languages.

The main objective of e-government information systems is to provide integrated, transparent, and efficient services to citizens by exploiting the potential of new information and communication technologies. The current trend in this field is the use of semantic technologies, especially semantic web services (SWS) which enable enriching E-Gov services description with additional semantic information. However, besides making available e-services, a number of gaps must be filled such as services discovery, integration and collaboration. In this paper, we propose a SWS approach to overcome these gaps in government-to-government (G2G) context which is distributed environment.

The fast development of Cloud-based services and applications have a significant impact on Service Oriented Computing as it provides an efficient support to share data and processes. The de-perimeterised vision involved by these Intelligent Service Clouds lead to new security challenges: providing a consistent protection depending on the business environment conditions and on the deployment platform specific threats and vulnerabilities. To fit this context aware protection deployment challenge, we propose a MDS@run.time architecture, coupling Model Driven Security (MDS) and Models@run.time approaches. By this way, security policies (that can be generated via a MDS process) are interpreted at runtime by a security mediator depending on the context. This proposition is illustrated thanks to a proof of concept prototype plugged on top of the FraSCAti middleware.

This paper proposes a monitoring framework that has business concepts at its core. Rather than relying on generic mechanisms to provide monitoring data, it proposes the notion of concept probes that fully match the business concepts used in the definition of business processes. These concept probes combine monitoring information from business process execution as well as service execution into aggregate information that makes sense from a business concept point of view. The approach has far-reaching implications: firstly, it provides superior understanding of the various execution parameters of the business concepts used in processes (including performance, correctness and context), with potential to aid Business Process Management (BPM) and Service Oriented Architecture (SOA) governance. Secondly, it helps with setting application-wide alarms and constraints potentially corresponding to Service-Level-Agreements, on a concept-level. For a given concept, such constraints can be set-up with immediate effect in all the business processes that use it. Thirdly, this approach gives technical users a deep understanding of the contribution of each of multiple application layers (BPM, SOA, operating system, various other technical layers) to the combined performance of a particular business concept. This can lead to faster reaction time in fixing problems, changes in business partners (that provide better services) or improvements in the underlying infrastructure or application parameters.

REST APIs have brought the power of reuse within reach of individuals and enterprises at Internet-scale through extreme consumability. An effective API strategy must consider not just how the API will be built, but how it will be sold and offered in the Cloud environments. Traditional models of software marketing omit the complexity associated with the multiple parties involved in the API value chain. New models are needed to help platform providers allocate resources for optimum return. This paper extends traditional software marketing models to include this multi-party complexity, and contrasts optimal strategies over a variety of possible model parameters. Our results show that system models can be used to differentiate platform marketing strategies. We expect that there is a wide range of application once such models are parameterized with measured platform adoption and marketing data.

The use of cloud services as a business solution keeps growing, but there are significant associated risks that must be addressed. Despite the advantages and disadvantages of cloud computing, service integration and alignment with existing enterprise architecture remains an ongoing priority. Typically, quality of services provided is outlined in a service level agreement (SLA). A deficient template for evaluating, negotiating and selecting cloud SLAs could result in legal, regulatory, and monetary penalties, in addition to loss of public confidence and reputation. This research emphasizes (or advocates) the implementation of the proposed SLA evaluation template aimed at cloud services, based on the COBIT 5 for Risk framework. A gap analysis of existing SLAs was done to identify loopholes, followed by a resultant template where identified gaps were addressed.

Due to advantages of cloud computing, services are increasingly deployed in cloud. It is a challenge to choose a proper service. Besides QoS requirements, customers expect more efficient services which provide better performance but with minimum cost. In this paper, we propose a non-parametric method to evaluate relative efficiency of cloud services based on Data Envelopment Analysis. It can classify cloud services into different efficiency levels and tell how to improve less efficient services. We illustrate the method with a case study.

Smartphones are widely used around the world, which are also equipped with some sensors that can be used for the awareness of their users’ state. These sensors include GPS, accelerometer, and microphone among others. In this paper, we present an empirical way to identify user’s state including daily activity like walking, running, accidental threats like falling-down, and emotional status like sadness, joy, and anger. The monitoring should be realized in a non-intrusive way. We realize this idea by the design and implementation of a comprehensive run time user state monitoring system on Android smartphones, as less instructive as possible. The experiments show that it has good performance in terms of both monitored state accuracy and footprint incurred while conduct monitoring. The evaluations also show that the power consumption of the monitoring system is even neglectable which proves the usability of the proposed monitoring system.

The convergence of cloud/service computing and M2M/IoT systems provides real-world sensing and actuation as globally distributed Web services. Context-aware services using such Web services (we call them

Web Context-Aware Services,

Web-CAS

) are promising in many systems. However, definition of contexts and Web services to be used highly depend on individual environments and preferences. Therefore, it is essential to have a place for self-management, where individual users can efficiently manage their own Web-CAS by themselves. In this paper, we develop a service platform, called

RuCAS platform

, which works as PaaS for self-managing Web-CAS. In the platform, contexts and actions are defined by adapting the distributed Web services, and every Web-CAS is managed in form of an

ECA (Event-Condition-Action) rule

. Through Web-API of RuCAS, individual clients can rapidly create, update, delete and execute custom contexts and services. To support non-expert users, we implement a GUI front-end of the RuCAS platform, called

RuCAS.me

. A case study of sustainable air-conditioning demonstrates practical feasibility. Finally, we discuss how the RuCAS platform works to achieve self-managing ecosystem of Web-CAS.

This paper proposes a semantic-based retrieval algorithm that allows the pervasive service system to find services able to return data about specific physical phenomenon (e.g. temperature, humidity), in a given location, with particular timeliness. This retrieval algorithm can be used to increase the capabilities of a self-managing pervasive systems, with specific focus on smart buildings, by providing a flexible solution to find sensors similar to a one that failed, or to find sensor data able to control actuators.

The service composition problem asks whether, given a client and a community of available services, there exists an agent (called the mediator) that suitably delegates the actions requested by the client to the available community of services. We address this problem in a general setting where the agents communication actions are parametrized by data over an infinite domain and possibly subject to constraints. For this purpose, we define

parametrized automata

(PAs), where transitions are guarded by conjunction of equalities and disequalities. We solve the service composition problem by showing that the simulation preorder of PAs is decidable.

In this work, we focus on the problem of virtual machines (VMs) placement in geographically distributed data centers, where tenants may require a set of networking VMs. The aim of the present work is to plan and optimize the placement of tenant’s VMs requests in a geographically distributed Cloud environment while considering location and system performance constraints. Thus, we propose ILP formulations which have as objective the minimization of traffic generated by networking VMs and circulating on the backbone network. The different experiments conducted on the proposed formulations show the effectiveness of our model for large-scale Cloud systems in terms of convergence time and computational resources.

In configurable business process model, an incorrect configuration may lead to behavioral issues. The researches of the configurable business process model focus on the control-flow perspective but lacking the perspective of the data-flow, which can’t reflect the constraints of data-flow during the configuration. To overcome this shortage, this paper uses the CPN as a formalism model to express the business process model and extends the business process model by adding the data-flow, which enables it to deal with the data semantic in business process model, then transforms business process model into the configurable business process model by adding configuration operations. Finally, we use the logic ASK-CTL to express the data constraints of configurable business process model, and then we apply the corresponding toolset of CPN to analyzing and verifying the data semantic constraint properties of this model, and the results of experiment show the validation of the proposed method.

Homology modeling (HM) plays an important role in drug discovery. HM analysis aims at predicting a 3D model from a biological sequence in order to discover new drugs. There are several problems in executing an HM analysis in large-scale, such as multiple software to be evaluated, the management of the parallel execution, and results analysis, e.g. browsing manually all results to find which structure was derived from which program with good quality. Scientific Workflow Management System (SWfMS) with parallelism and provenance support can aid the large-scale HM executions by addressing the result analysis. However, before submitting the HM workflow for execution, it has to be specified along with its several alternatives (also called variants), as considered in this paper. Managing HM workflow variations is a complex task to be accomplished even with the help of a SWfMS. In this paper, we propose SciSamma (

St

ructural

A

pproach and

M

olecular

M

odeling

A

nalyses), an abstract representation of HM workflows inspired in the concept of software product lines (SPL). SciSamma models HM workflow variants to execute with parallel processing in the cloud using SciCumulus SWfMS. We evaluated SciSamma with two common variants using 100 protease enzymes of protozoan genomes. Both variations presented scalability with performance improvements (dropping from 8 h to 27 min using 32 Amazon’s large virtual machines). While evaluating the two workflow variants, through provenance queries, they present the same quality in biological results, but the difference in execution time between them was around 40 %.

With the emergence of cloud computing, resources can be dynamically scaled. A common scaling approach is the addition and removal of virtual machines, known as horizontal scaling. Horizontal scaling can take several minutes but erratic and sudden changes in demand take place within seconds. Therefore, vertical scaling has been introduced, changing the resources of an existing virtual machine during run time and within one second or less. At the same time, more and more private clouds and cloud providers apply the open-source platform OpenStack. Hence, this paper evaluates the vertical scaling capability of OpenStack. For this purpose, we examine whether and to what extent common guest operating systems, popular hypervisors, and OpenStack itself support vertical scaling. Altogether, the considered operating systems and hypervisors support vertical scaling of almost all considered resources while OpenStack does not support vertical scaling at all. Based on our findings, we finally suggest steps to improve OpenStack.

This paper presents

S

$$^2$$

2

niffer

(Service Sniffer), a query-based system for discovering services.

S

$$^2$$

2

niffer

is a part of a broader project whose goal is, given mobile users’ needs (e.g., buying airplane tickets, booking a hotel room, renting a car, etc.) expressed in a text query, to discover and compose services to be executed. Behind the service discovery system is the idea to match the users’ queries with a set of documents in a corpus such that each document contains a service description given in free text, obtained from its corresponding profile given in a OWL-S file. A preliminar evaluation reveals that

S

$$^2$$

2

niffer

outperforms Latent Semantic Indexing and Vector Space Model.

One of the major goals of the Service Oriented Architecture is to support automatic Web Service (WS) composition and execution, allowing a user query to be satisfied by a Composite WS (CWS). User queries express functional and non-functional (

QoS

) requirements.

QoS

requirements indicate, for example, the maximum execution time or price allowed for a CWS execution. In this work, we propose a model to support CWS executions while maintaining the

QoS

requirements, even in presence of failures.

QoS

monitoring is performed during the entire execution of a CWS in order to satisfy

QoS

requirements, influencing the choice of the fault-tolerance strategy selection in case of failures.

With the prevalence of SOA, an increasing number of Web Services(WS) are created and composed to construct Web-Service Based Systems(SBS). WSs are independent of formulation of complex business process by multiple WS composition. With the steadily growing number of service providers the competition becomes more and more intense. In order to compose a SBS selecting appropriate service from among a collection independently developed services with the same functionality but different cost and Quality of Service (QoS) properties is essential to meet the client preferences. The existing planning and selection algorithms are mostly designed for service discovery. To our knowledge, there are only a few works that incorporate service selection with respect to end user’s dynamic QoS requirements. Further, in case of QoS variation of composed SBS at provisioning-time due to QoS variation of one or more component services, a proactive adaptation strategy is required to maintain the required overall QoS. In this ongoing PhD work we propose complete, flexible solution for the “Dynamic QoS requirement aware automatic service selection and provisioning-time adaptation”. This approach is a graph based multi-grain clustering and selection model for service composition.

Over the last decades, Internet has grown dramatically. As a result of this growth, a huge amount of Web services and applications have emerged to fulfill consumer’s requirements. At the same time, the mobile network industry has become ubiquitous as most consumers are now inseparable from their mobile terminals. The combination of mobile technology and web services provides new paradigm called mobile web services. In order to find services fulfilling the client’s requirement, a discovery mechanism is needed. However, discovering services from devices is still a significant challenge due to terminal constraints such as screen resolution, smaller memory, CPU, mobility of consumers and the lack of service descriptions. Thus, the challenge is to increase the accuracy of the relevant discovered services that meet the user’s need. In this paper, we present MobiDisc, our mobile web service discovery approach.

Data geo-location policies constrain the geographical locations at which personal data may be stored or processed. Data storage and processing locations are dynamically changed by cloud elasticity that migrates and replicates cloud services across data centers. Thus, cloud elasticity as well as data transfers of interacting services may re-locate data, which potentially violates data geo-location policies. To detect these violations, we develop a policy checking approach based on runtime models. We examine monitoring and model updating mechanisms for reflecting service composition and deployment changes caused by elasticity. Based on the updated runtime model we derive potential data transfers and check them against policies. Initial results indicate the effectiveness and high-performance of our approach.

With huge and ever-increasing number of services available on the Web, more non-domain experts are willing to chaining services for fulfilling their specific requirements. Users may get known more about their requirements gradually, which requires the solution identification at different levels of granularity. To address this challenge, we propose a remedy called

service map

, which aims to (i) organize services in a hierarchical fashion, such that different levels represent the functionalities of services in a different granularity, and (ii) to provide service chaining at a certain level of granularity with respect to user’s requirement.

With a growing number of web services, discovering services that can match with a user’s query becomes a big challenging task. It’s very tedious for a service consumer to select the appropriate one according to her/his needs. In this paper, we propose WS-Portal; An Enriched Web Services Search Engine which contains 7063 providers, 115 sub-classes of category and 22236 web services crawled from the Internet. In WS-Portal, severals technologies are employed to improve the effectiveness of web services discovery (i.e. web services clustering, tags recommendation, services rating and monitoring).

In this demo paper, we present

SUPER

standing for

S

ocial-based b

U

siness

P

rocess manag

E

ment f

R

amework that leverages social computing principles for the design and development of social business processes (

aka

business processes 2.0).

SUPER

identifies task, person, and machine as the core components of a business process. Afterwards,

SUPER

establishes a set of execution and social relations to illustrate how tasks (also persons and machines) are connected together. The social relations help build configuration network of tasks, social network of persons, and support network of machines that capture the ongoing interactions during business process execution.

In this demonstration paper, we present the first working version of

SmartPM

, a Process Management System that is able to automatically adapt dynamic processes at run-time when unanticipated exceptions occur, thus requiring no specification of recovery policies at design-time.