Web Services – ICWS 2018

The traditional process-centric modeling approach often focuses on tasks with a fixed execution order. This modeling approach is difficult to describe business processes in which the number of steps and cases is varied depending on the case state and determined dynamically at run time. Motivated by modeling requirements from complex collaborative business scenarios in the internet, such as crowdsourcing, a concept of Business Object (BO) and BO-oriented Process Modeling (BOOPM) approach are proposed. We introduce the role element into standard Harel statechart to explicitly describe the life cycle of a BO whose state changes as tasks processed by different business roles. We also extend event communication mechanism into the statechart to support collaboration among multiple BOs to achieve a business goal. Meanwhile, the BO provides a suitable foundation to control the granularity of the process model properly. After that, the ability of BOOWM for process specification is evaluated based on a set of workflow patterns. Finally, we illustrate BOOPM approach using a crowdsourcing example and realize a prototype system to support the execution of a business process modeling by BOOPM approach.

The Internet has penetrated into all aspects of human society and economic life, not only changing people’s daily life, but also having a profound impact on the business model of traditional industry. However, the trans-boundary impact of Internet on the operating model of traditional industry is decided by a combination of a variety of factors. Currently, the appropriate assessment model and analysis methods are absent in this field. Based on this, “Service Bridge” method is proposed in the paper to evaluate the transboundary influence of Internet, which includes three main parts: supply-side model, demand-side model, and service matching model. Finally, this paper verifies the method with actual cases, and compares the trans-boundary influence of Internet on different daily consumption industries (O2O in beauty service and take-out food service industry). The results show that “Service Bridge” method can provide a new idea for the trans-boundary influence evaluation of Internet.

In this work, we show how time constraints can be specified with WED-flow – an alternative process modeling approach characterized as being transactional, event-based, and data-driven – and address the challenge of mapping processes modeled with WED-flow into colored Petri net structures. First, we show how time constraints can be specified with WED-flow. Although the correctness of so-called time-critical processes depends on the time their activities are performed, WED-flow has not been used for specifying time constraints up to now. As a concrete example, we specify a time constraint of SISAUT: a real-time system built using WED-flow techniques and tools that coordinates interacting parallel processes to collect and process materials from autopsies for research projects while questionnaires and consent forms are being filled out. We then address the challenge of mapping processes modeled with WED-flow into colored Petri net structures. We also show how to describe the temporal behavior of time-critical processes with time Petri nets. Therefore, we become able to reason about the functional (e.g., decide whether a certain state is definitely reached) and temporal (e.g., decide whether a deadline can be met) behaviors of instances of those processes through existing tools and methods of analysis. In SISAUT, for instance, timeliness is critical to success: the processing of collected materials must not take longer than 24 h from the declared time of death of the deceased. Up to now, the timeliness verification of SISAUT cases has been done manually, in an ad hoc manner. Thus, we present a method to automatically calculate the minimum time it takes to process the collected materials of a given SISAUT case through the analysis of an equivalent time colored Petri net.

Cyber Physical Social Systems (CPSS) has been rapidly developing in recent years because of the dramatic growth of mobile techniques and Internet-based technologies. As an emerging novel technical paradigm, cloud computing is becoming an efficient mechanism that has been broadly implemented in multiple fields with using Internet-enabled devices. Telehealth system is one of the crucial domains in applications of Cyber Physical Systems (CPS), which is also considered an important component in smart city. However, Personalized Cloud-based Telehealth (PCTH) is still facing a great challenge due to restrictions deriving from various perspectives, such as cloud resource allocations and real-time information transfers. This paper concentrates on the issue of optimizing the performance of the resource allocation for achieving smart tele-health with obtaining and analyzing real-time data within the dynamic application environment in cloud computing. The dynamic data environment is mainly associated with social connections generated by physicians or health organizations. Along with this focus, we propose a novel approach, entitled Smart Cloud-based Telehealth Cyber Physical Social Systems (SCT-CPSS), to enable mobile CPSS to offer users a real-time health information service based on the social networking behaviors and inputs. Main algorithms used in this proposed mechanism include Real-Time Matching with Dynamic Programming Algorithm (RTM-DPA) and Monte Carlo-based Real-Time Analysis Algorithm (MC-RTAA). Our experiment examination has evaluated the performance of the proposed paradigm.

With the rapid development of cloud computing, system and data security become concerns due to user losing control of his machines and internal attacks. Provenance is an essential approach to establish data and system trustworthiness for cloud computing services, as it summarizes the history of objects and the actions performed on them. However, the current existing provenance-aware solutions either depend on applications in the user-space or fail to convey a genuine provenance information to a cloud user to do a further analysis. Thus they are vulnerable to a malicious privileged administrator or adversary attacking in an untrusted network. In order to solve these problems, we design TProv to establish a trusted provenance-aware service with the help of Trusted Computing. In addition, we introduce Merkle Hash Tree to reduce the length of Chain of Trust and enable parallel validation for the trustworthiness of provenance information, thus TProv decreases the overhead of the huge size of provenance information and the cost of operating trusted hardware, e.g. Trusted Platform Module. The experimental results reflect TProv’s effectiveness and efficiency.

This paper introduces a novel attack that can covertly exfiltrate data from a compromised network to a blocked external endpoint, using public web services as the intermediaries and exploiting both HTTP requests and DNS queries. We first identify at least 16 public web services and 2 public HTTP proxies that can serve this purpose. Then we build a prototype attack using these public services and experimentally confirm its effectiveness, including an average data transfer rate of 361 bits per second. Finally, we present the design, implementation and evaluation of a proof-of-concept defense that uses information-theoretic entropy of the DNS queries to detect this novel attack.

Homomorphic Message Authentication Code (MAC) allows a user to outsource data to an untrusted server and verify that results of computation on the data returned by the server are correct. Recently, much effort has been independently focused on whether a homomorphic MAC scheme supports data confidentiality or the authenticators can be efficiently verified. In this paper, we address the question of whether it is possible for homomorphic MAC to simultaneously achieve both the privacy and the efficiency. The answer is affirmative and we propose a new cryptographic primitive, privacy-preserving homomorphic MACs with efficient verification that can guarantee the authenticator can not reveal the underlying message.More precisely, our contributions are three-fold: (i) we introduce the primitive of privacy-preserving homomorphic MAC (PHMAC) that provides both data confidentiality and efficient verification, (ii) We provide a PHMAC construction which supports homogeneous polynomials, and demonstrate it shows high efficiency, (iii) We investigate how our PHMAC primitive with efficient verification can be employed to homomorphic authenticator-encryption and verifiable computation.

Container technology has become an integral part of today’s major IT services. Although it offers several benefits, it also introduces new challenges for operating and maintaining secure container environments. One such challenge is to retain the ability to detect and address the containers’ vulnerabilities and compliance violations. However, designing an effective solution to enable this capability must be based on the accurate understanding of characteristics observed from actual container images and instances. To contribute toward this objective, we have built a general data processing framework, applying the principles of the state-of-the-art. It is a system that decouples the data collection process from the analysis so as to allow user to focus more on building new analysis logics rather than on the tools for monitoring agents. We applied it to the analysis of container images from the Docker Hub image repository, to learn about their security posture. In this work we present various interesting findings and new insights from analyzing the public image corpus. We have learned that more than 92% of the images contain compliance violations and/or vulnerable packages.

We study the problem of estimating the state of road infrastructure, which is the backbone of transportation system. Road infrastructure can suffer from various issues, including structural failures, such as potholes, and non-structural issues, such as broken traffic lights. However, it is infeasible to cover all roads with physical sensors for monitoring purposes. Instead, we propose to use social sensor big data to detect and estimate these issues based on the public’s activity. As a demonstration, we generate a map of detected road problems based on tweets. The map displays the currently detected hotspots, where for each hotspot we compute the overall sentiment provided by the public. In addition, we identify the peak of public activity during the evaluation period and investigate the key drivers of that peak. Finally, we analyze the most influential users using an extension of PageRank. The proposed approach adds a novel perspective on the state of road infrastructure and may be used to help guide decisions related to road infrastructure funding.

Blockchain is a decentralized distributed service network framework which ensures the consistency among service nodes in byzantine faulty network. However, the very restricted performance and enormous energy consumption makes blockchain faltering. In this paper, we proposed a sharding blockchain framework with linear scalability. Unlike other frameworks with sharding, our model needs no centralized organization to assemble messages from subcommittees. We also redesigned the block-generating algorithm to accelerate generating block. Our framework can reach nearly linear scalability with scale of service network while tolerating no more than 1/4 adaptive byzantine adversaries. Furthermore, we designed simulation experiments with up to 1000 virtual nodes to proof our theoretical scaling properties. In our experiments, our model performs better than Bitcoin-NG when the size of network more than around 400 nodes. But delay in Bitcoin-NG grows far more than ours. Also, our framework wins out over ELASTICO while our simulation platform contains less than 1000 nodes.

We have created an open access online platform for using semantic workflows to analyze artistic style in paintings. We have implemented workflows for both standard computer vision image processing techniques and state-of-the-art methods such as convolutional neural networks to analyze images. These workflows can be used online by non-experts without needing any technical knowledge other than being able to use a browser.We designed three artistically-relevant features to aid in the quantification of artistic style: the Discrete Tonal Measure, Discrete Variational Measure, and Convolutional Style Measure. These quantitative features can provide clues to the artistic elements that enable art scholars to categorize works as belonging to different artistic styles. We also created two new datasets of manually curated artworks selected especially for evaluating artistic style: one based on the school of art to which artists belong (Impressionism vs Hudson River) and one based on the medium used by a specific artist (tempera vs watercolors). Finally, we present an initial evaluation of these datasets and features for classifying paintings and also show results of a user study workshop for conducting such analyses online by humanities researchers, students, and professionals.

Parallel training is prevailing in Deep Neural Networks (DNN) to reduce training time. The training data sets and layered training processes of DNN are assigned to multiple Graphics Processing Units (GPUs) in parallel training. But there are some obstacles to deploy parallel training in GPU cloud services. DNN has a tight-dependent layering structure where the next layer feeds on the output of its former layer. It is unavoidable to transmit big output data between separated layered training processes. Since cloud computing offers separated storage services and computing services, data transmission through network harms the performance in training time. Thus parallel training leads to an inefficient training process in GPU cloud environment. In this paper, we construct a distributed DNN training architecture to implement parallel training for DNN in MapReduce. The architecture assigns GPU cloud resources as a web service. We also address the concern of data transmission by proposing a distributed DNN scheduler to accelerate the training time. The scheduler makes use of minimum cost flows algorithm to assign GPU resources, which considers data locality and synchronization into minimizing training time. Compared with original schedulers, experimental results reveal that distributed DNN scheduler decreases the training time by 50% with least data transmission and synchronizing parallel training.

Providing both optimal QoS and a minimum number of services simultaneously is a promising perspective of QoS-aware service composition, whereas most existing research studies are still unfavorable toward making an ideal trade-off between quality and efficiency, particularly in large-scale scenarios. To address this issue, this paper proposes a composition mechanism that effectively and efficiently minimizes the number of services in the composition result while achieving the optimal global QoS. We first transform the composition task into an equivalent one with decreased computing complexity, after which a chained dynamic programming algorithm, Chain-DP, is proposed to extract the optimal QoS with the minimum number of services. Finally, we further optimize the efficiency of the algorithm by adopting a global-local strategy of pruning. Experimental results on Web Service Challenge 2010’s datasets show that the proposed method outperforms the state-of-the-art approach by generating solutions containing fewer services for the optimal QoS with higher efficiency and better generalization on large-scale datasets.

The QoS of web service has been increasingly crucial due to the escalating number of services with similar or identical functionality, which leads to intensive researches on QoS-aware web service composition. Correspondingly, to optimize not only QoS but also service quantity in a composition has also been increasingly challenging. Currently, there are already many researches on service composition addressing the optimization of multiple QoS attributes, but it is still rare to take service quantity as an optimization objective as well. To address this issue, this paper proposes a novel supervised web service composition mechanism integrating multi-objective QoS optimization and the minimization of service quantity. Firstly a memory-based search algorithm is proposed to compute each single-objective optimal QoS, after which a knapsack-variant algorithm is applied to minimize the number of services without considering the QoS. Finally, a supervised multi-objective optimization is performed based on the above single-objective optimization results. Experimental results on both Web Service Challenge 2009’s datasets and substantial datasets randomly generated show that the proposed service composition method outperforms the state-of-the-arts by achieving a much better tradeoff among all the objectives.

In pervasive systems, data object is stored in distributed storage nodes. High performance indexing service plays an import rule in the efficient utilization of the data in ubiquitous computing. The embedded systems on the ubiquitous nodes, however, have constraint memory space and energy supply. How to design efficient index service with limited resource requirement on the embedded systems is a key technique in pervasive computing. In this paper, we compare two types of Bloom filter-based index services: Lightweight Bloom filter Array and Two-tier Bloom filter Array. The lookup time and the energy consumption are taken into consideration when measuring the performance of the two index services. We analyse the characteristics of the two algorithms with the analytical expressions. Further, experiments under the same conditions are performed and the results are analyzed. Finally, this paper gives the optimization suggestion for selecting one out of the two algorithms under different usage circumstances.

Meetup brings people with similar interests together to do things that matter to them. For example, it provides a platform for getting people who love hiking, coding, running marathons, learning foreign languages together so that they can help, teach and learn from each other. Thanks to the development of web and mobile technologies, organizing these Meetup groups has become much more easily than before. Meetup has become an ideal tool for enriching one’s social life. In this paper, we proposed a coupled linear and deep nonlinear method for Meetup services recommendation. Our method considers both historical user item interactions and group features by combining linear model with deep neural networks. In addition, we designed a pairwise training algorithm with dynamic negative sampling technique to further enhance the model performance. Experiments on two real-world datasets show that our approach outperforms the compared state-of-the-art methods by a large margin.

Social media has emerged as a free source of public data. Despite the diversity in social media platforms, current social media analysis tools consider them as a similar entity. Hence, these tools lack the flexibility to interpret the diversity of social media platforms and its analysis requirements. In order to interpret the diversity, we propose a novel service oriented approach to visualize and analyze social media platforms. Firstly, we formalize social media as a service and classify its functional and non-functional properties. Secondly, we conduct experiments on the real-world datasets for a variety of topics. We empirically quantify the functional and non-functional properties of social media platforms. We also present future directions and research challenges associated with the service orientation of social media.

Network community quality assessment (CQA) is essential for many applications. However, large scale communities detected from nowadays rapidly growing social networks present great challenge to its computation efficiency. Though parallel algroithms using message passing interface (MPI) have recently been introduced into the field, its computation efficiency needs further improvement. Meanwhile, the complexity of the MPI implementation handicaps data scientists from adopting it. In this paper, we first design a fast MPI-based metrics computation algorithm. Then we propose a RESTful framework to wrap the non-overlapping CQA metrics computation as a Web service, i.e., non-overlapping CommuMetrics, which makes it easy to use. Finally, experiments in empirical networks demonstrate the effectiveness of our method in terms of execution time and speedup.

Source localization, the process of estimating the originator of an epidemic outbreak or rumor propagation in a network, is an important issue in epidemiology and sociology. With the graph topology of the underlying social network, the localization can be realized with observations of a few designated nodes or a snapshot of the whole network at a certain time. Though there are several methods for this task, all of them have limitations. These approaches either place little weight on information about susceptible nodes or rely on extra information about the propagation process. In this paper, we take both susceptible and infected nodes into account, and put forward a novel metric called Classifying Quality (CQ) centrality to quantify the property of a node to separate the susceptible and infected sets. Inspired by Fisher criterion, CQ centrality makes a trade-off between the inner-class and the inter-class distances, which are based on length of the shortest path between nodes. CQ centrality can be calculated without any extra information about the spread process, hence, it can serve as a universal estimator for source localization. Moreover, we improve the proposed metric in case that the infection rates of edges have been already known. Simulation results on various general synthetic networks and real-world networks indicate that our methods lead to significant improvement of performance compared to existing approaches.

Exploiting temporal effect has empirically been shown to be a promising approach to improve the recommendation performance in recent years. In real-world applications, one-class data in the form of (user, item, timestamp) are usually more accessible and abundant than numerical ratings. In this paper, we focus on exploiting such one-class data in order to provide personalized next-item recommendation services. Specifically, we base our work on the framework of time-aware item-based collaborative filtering (ICF), and propose a sequence-oriented bidirectional item similarity (BIS) that is able to capture sequential patterns even from noisy data. Furthermore, we develop a compound weighting function that leverages the complementarity between the exponential weighting function and the user’s active session window. By applying the proposed weighting function and similarity measurement, we obtain a novel collaborative filtering method that achieves significantly better performance than the state-of-the-art methods in our empirical studies, showcasing its effectiveness in next-item recommendation.

Collaborative filtering (CF) is an important recommendation problem focusing on predicting users’ future preferences by exploiting their historical tastes. One typical training paradigm for this problem is called residual training (RT), which is usually built on two basic components of factorization- and local neighborhood-based methods in a sequential manner. RT has been well recognized with the ability of achieving higher recommendation accuracy than either factorization- or neighborhood-based method. In this paper, we design a new residual training paradigm called residual-loop training (RLT), which aims to fully exploit the complementarity of factorization, global neighborhood and local neighborhood in one single algorithm. Experimental results on three public datasets show the promising results of our RLT compared with several state-of-the-art methods.

Thanks to the development of big data, more and more context are available in web services. In this paper, we focus on recommendation with internal context (antithetical to external context such as social connections), which refers to ratings assigned by users to items only. Inspired by a very recent work that embeds the item neighborhood information represented by multiclass preference context (or simply “MPC”) into a model-based method, we further extend MPC to both user-based MPC for user neighborhood and item-based MPC for item neighborhood. In our new model termed matrix factorization with dual multiclass preference context (MF-DMPC), both user-based and item-based MPC are encoded in a matrix factorization framework. By studying the effectiveness of user-based MPC, item-based MPC, and our dual MPC through experiments on three public data sets, we find that our proposed model with dual MPC performs the best in accuracy. As a matter of fact, our model successfully strikes a balance between user-based and item-based neighborhood information, i.e., it exploits the complementarity well.

Semantic annotation framework that allows enriching locations or trajectories with semantic abstractions of the raw spatiotemporal data benefits understanding the semantic behavior of moving objects. Existing semantic annotation approaches mainly analyze specific parts of a trajectory, e.g. stops, in association with data from 3rd party geographic sources, e.g. (POI) points-of-interest, road networks. However, these semantic resources are static thus miss important dynamic event information. Recent location-based social networking provides a new dynamic and prevalent source of human activity data that can be a potential semantic resource for annotation. However, using the large-scale spatiotemporal data from online social media gives rise to privacy concerns. This paper thus presents a privacy-preserving semantic annotation framework P-SAFE that (i) identifies dynamic region of interest (DRI) from large-scale data provided by location based social networks whilst labelling of DRI into appropriate categories derived from spatial and temporal features of geotags, (ii) aligns trajectories to a set of DRI and enriches trajectories with semantics annotation derived from aligned DRI via THMM model, and (iii) embeds robust privacy-preserving mechanisms under differential privacy in each stage that accesses to raw data. P-SAFE approach tackles the privacy and utility trade-offs for meaningful geographic regions identification and labeling as well as trajectory semantic annotation under differential privacy whilst combining them into a single task. We demonstrate the effectiveness of P-SAFE approach on a dataset of large-scale geotagged tweets and a benchmark trajectory dataset for DRI construction and trajectory semantic annotation evaluation. The experimental results illustrate that P-SAFE not only provides robust privacy guarantees but remains approximate 45–56% accuracy for meaningful geographic regions labelling and 62–76% accuracy for trajectory semantic annotation.

Trust metric as an effective manner to deal with diverse attacks has been successfully applied in realistic interactional networked systems, such as eBay, Amazon, etc. Nevertheless, the existence of strategically malicious behaviors, such as colluding and disguise attacks, prevents most existing trust metrics from inferring rational trust taking into account they markedly promotes the trust of misbehaved participants through collaborating with each other, hence relying only on the trust to conduct interactional behaviors among strange participants becomes inappropriate. In this paper, we propose a misbehavior identification mechanism TrustId through clustering different categories of participants into appropriate communities. The primary contributions include: (i) we propose an information entropy-controlled cluster algorithm with respect to diverse sophisticated interactional participants; (ii) we extract three facets of attributes to derive clustering for trust-enabled interactional networks; (iii) we conduct extensive experiments to evaluate the efficiency of our proposed misbehavior identification mechanism, and the results exhibit our TrustId correctly identifies strategically misbehaved participants and significantly outperforms EigenTrust and PathTrust against the representative colluding and disguise attacks.

Diverse strategically misbehaved entities have severely degraded the core-functions of trust-enabled interactional networks. At present, it is still a hard problem to identify them owing to the complexities of malicious behaviors, such as on-off attack, colluding attack, etc. In this paper, we propose a belief propagation-based algorithm MapTrust to quantitatively and qualitatively infer entity’s trustworthiness and untrustworthiness. Three primary contributions are included: (i) we define removal probability for each pair of interacted entities via pairwise feedback-ratings; (ii) we propose a novel cross-iteration fashion to infer trustworthiness and untrustworthiness values. The cross-iteration fashion not only declines time overhead compared to sequential iteration method, but it also supports a convenient manipulation, i.e. we can flexibly initiate group affinity; (iii) we launch extensive experiments using synthetic and real-world datasets to verify the efficiency of our proposed MapTrust. The experimental results show our proposed MapTrust dramatically outperforms Monte Carlo Markove Chain and Random algorithms against four representative attacks.

Process-Aware Information Systems (PAIS), which include Business Process Management (BPM) systems and Workflow Management systems, have been evolving to fulfill the requirements of increasingly complex business and scientific applications. In spite of all efforts, traditional approaches still struggle to provide a seamless integration between the structural design and implementation of such systems. Formal approaches (e.g. Process Algebras and Petri Net) are sufficient to specify systems that can be formally verifiable, albeit unwieldy to implement. The widespread BPMN notation is remarkably effective and a easy to use tool for modeling despite setting aside implementation aspects. On the other hand, the WS-BPEL is a language for execution control of business process that lacks support for modeling. Furthermore, none of these approaches are ideal to handle adaptive strategies that result in recurrent application structural changes, which remain an important challenge to be overcome once they are becoming the new standard in modern PAIS development. In this context, the WED-flow approach emerges as a prevailing and more flexible Domain Specific Language (DSL) for modeling and implementation of PAIS. Due to its high level of abstraction, WED-flow models have been shown difficult to implement. In order to fill this gap between modeling and implementation, we present WED-SQL: an intermediate declarative language for execution of WED-flow models in a transaction environment.

Lots of events happened everyday make social big data have plenty of topics. A topic usually comprises a series of stories. Clues of associations among stories are usually clear, but hidden associations among topics are not always intuitive. It is challenging to find topic associations due to intrinsic complexities of social big data, while analyzing relationships among topics is valuable to explore and reach to origination sources of specific events. Existing research rarely pay attention to analyze multiple-topic relationships. This paper proposes a mining approach for topic relationships detection based on parallel association rules, namely PARMTRD (Parallel Association Rules based Multiple-Topic Relationships Detection). PARMTRD obtains association keyword sets for each topic using parallel association rules based on large-scale frequent keyword sets, which mines association rules for multiple topics in parallel. PARMTRD detects the relevance among multiple topics by selecting and assembling association keywords from association keyword sets, which help to find sources of events. Experiments show that PARMTRD can detect the hidden relationships among multiple topics accurately and efficiently.

Reachability query is an important graph operation in graph database which answers whether a vertex can reach another vertex through a path over the graph, and it is also fundamental to real applications involved with graph-shaped data. However, the increasingly large amount of data in real graph database makes it more challenging for query efficiency and scalability. In this paper, we propose Min-Forest approach to handle with reachability problem in large graphs. We present Min-Forest structure to transfer and label the original DAG, and introduce a 4-tuple labeling scheme to construct index for each vertices, which integrate interval labels for trees and non-tree labels. We design efficient reachability query algorithms for Min-Forest approach on the Cloud Platform of Spark. The experiment results show that query time of Min-Forest approach is also on average about 10−4 ms for large dense graphs, and query time and index construction time of our approach are linear for both sparse graphs and dense graphs. It can answer reachability queries much faster than the state-of-art approaches on real graphs database, especially on large and dense ones.

The Internet of Things (IoT) is exploding, and this new technology affects all the layers in any enterprise architecture, from infrastructure to business. To survive this new evolution and make the most out of this paradigm shift, a communication channel must be created between Business Process Management (BPM) domain and IoT domain in order to bridge the gap between the business layer and the IoT physical layer. The allocation of business process resources to IoT events is an important step towards an end-to-end IoT-BPM integration approach to assist organizations in their scheduling and incident management journey. In this paper, we propose a combination approach which is based on (i) unsupervised machine learning algorithms to generate clusters of priorities, used to estimate incoming events priority, and to ensure a learning feedback loop that feeds forward insight to continuously adjust decisions made at each layer, and (ii) genetic algorithm (GA) to guarantee the assignment of the most critical IoT generated event to the qualified human resource while respecting several constraints such as resource availability and reliability, and taking into consideration the priority of each event that launch process instances. A case study is presented and the obtained results from our experimentations demonstrate the benefit of our approach and allowed us to confirm the efficiency of our assumptions.

This paper presents a new methodology using software reflection to prevent, detect, and mitigate internal attacks to a running Internet Web server. This methodology is very suitable to design such systems as secure by default, that is, when designing the software some parts are marked as secured, and any change/modification of these parts will be an unexpected behavior that needs to be analyzed. If these changes turn out to be attacks, then some remediation techniques are activated, in order to guarantee that the system will continue to work even in the presence of an attack. In addition of providing the methodology, we show how this technique has been used as the basis to develop a real information system. Our experiments are convincing and argue for a secure design to develop complex systems in order to facilitate their protection, and to help to prevent attacks and intrusions.

We propose a ‘Big Social Data as a Service’ (BSDaaS) composition framework that extracts the data from social information services, and transforms it into useful information. We propose a novel service quality model to capture the dynamic features of social information services. We devise a quality model driven composition mechanism by using graph-planning. We use social information services based sentiment analysis as our motivating scenario. Experiments are conducted on real-world datasets and results show the efficiency of our approach.

Modern service selection in a cloud has to consider multiple requests to various service classes by multiple users. Taking into account quality-of-service requirements such as response time, throughput, and reliability, as well as the processing capacities of the service instances, we devise an efficient algorithm for minimum-cost mapping of mutually independent requests to the corresponding service instances. The solution is based on reduction to transportation problems for which we compare the optimal and a suboptimal but faster solution, investigating the tradeoff. In comparison to the alternative service selection models, the evaluation results confirm the efficiency and scalability of the proposed approach(es).