Analysis and Management of Web Service Protocols

ACM Transactions on The Web, 2008

In Service-Oriented Architectures, everything is a service and everyone is a service provider. Web services (or simply services) are loosely coupled software components that are published, discovered, and invoked across the Web. As the use of Web services grows, in order to correctly interact with the growing services, it is important to understand the business protocols that provide clients with the information on how to interact with services. In dynamic Web services environments, service providers need to constantly adapt their business protocols for reflecting the restrictions and requirements proposed by new applications, new business strategies, and new laws, or for fixing problems found in the protocol definition. However, the effective management of such a protocol evolution raises critical problems: one of the most critical issues is how to handle instances running under the old protocol when it has been changed. Simple solutions, such as aborting them or allowing them to continue to run according to the old protocol, can be considered, but they are inapplicable for many reasons (e.g., the loss of work already done and the critical nature of work). In this paper, we present a framework that supports service managers in managing the business protocol evolution by providing several features, such as a variety of protocol change impact analyses automatically determining which ongoing instances can be migrated to the new version of protocol, and data mining techniques inferring interaction patterns used for classifying ongoing instances migrateable to the new protocol. To support the protocol evolution process, we have also developed database-backed GUI tools on top of our existing system. The proposed approach and tools can help service managers in managing the evolution of ongoing instances when the business protocols of services with which they are interacting have changed.

2010 IEEE International Conference on Web Services, 2010

Recently, describing behavior of web services is becoming more and more important. This behavior can be described by business protocols representing the possible sequences of message exchanges. Since a lot of web services use access control policies to restrict the access to authorized consumers, these policies should be part of the service description. Studying the behavior of web services by analyzing their business protocol after assigning the access control policies is the main contribution of this work. Access control policies will be presented using ontology which eases policy specification and management and add some flexibility in the policy comparison. This paper introduces notions of compatibility and replaceability w.r.t. business protocols with access control policies annotations, together with the corresponding verification algorithms.

Lecture Notes in Computer Science, 2008

In a service composition, it is necessary to ensure that the behaviour of a constituent service is consistent with the requirements of the composition. In an adaptive service composition those behavioural requirements may be continually changing. This paper shows how the behavioural requirements in abstract service definitions (roles) can be dynamically and incrementally defined using constraints. These constraints are then used to generate finite state automata, which are used to check the compatibility of candidate services that have their behaviour expressed in static interface descriptions such as OWL-S. In addition to the development of services, Service-Oriented Computing (SOC) application development is a process consisting of service discovery, evaluation and composition. To support the composition of services, a variety of standards such as WSDL and SOAP have helped resolve the heterogeneity in implementation platforms. However, standardisations in the syntactic interface description of services (e.g. WSDL) alone are not sufficient to ensure the correct interoperation of services. Previous work in component-based software engineering suggests that there are four levels of component interface specification: syntactic, behavioural, synchronisation and QoS (Quality of Service) . In Web services, the need for semantically rich descriptions of services has resulted in a number of initiatives such as OWL-S and WSMO. In this paper we focus on behavioural interoperability, in particular the sequence of exchanged messages (protocols) between services. Of the above initiatives OWL-S provides explicit semantics for specifying the behaviour of services in its process model. OWL-S specifies its interaction in terms of definitions for atomic, simple and composite processes. WSMO, on the other hand, specifies the behavioural protocol of a service by using Abstract State Machines as the underlying formalism to represent the service's orchestration and choreography. WSMO also provides the specification of mediators to solve the mismatches at the data, communication protocol, and process levels. In contrast, rather than stipulating the existence of a new type of component in the Web services infrastructure, OWL-S provides to Web services and their clients the information that is needed to find existing mediators that can reconcile their mismatches .

International Journal of Web Engineering and Technology, 2010

This article presents a mediation framework supporting the integration of web services in orchestrated and choreographed services and the conciliation of interaction protocol mismatches. Our framework supports a loosely-coupled interaction among web services, based on the publish and subscribe pattern. Moreover, it manages web services as event-driven systems, in order to enable them to perform their operations in context-dependent way. By decoupling the web service interaction, our framework addresses several interaction protocol mismatches, ranging from differences in the signatures of the messages, to the order and number of the messages to be exchanged, including cross-protocol mismatches involving more than two peers. main areas: multi-agent systems (with specific interest for distributed systems and web services), intelligent user interfaces (with specific attention to personalisation in web-based services) and cloud computing. Previously, she has worked for several years as a Software Engineer and Architect in large US and Italian computer companies and she was also a Visiting Scholar at the Stanford University.

IEEE Expert / IEEE Intelligent Systems, 2003

Electronic Notes in Theoretical …, 2004

Current Web service choreography proposals, such as BPEL4WS, BPSS, WSFL, WSCDL or WSCI, provide notations for describing the message flows in Web service collaborations. However, such proposals remain at the descriptive level, without providing any kind of reasoning mechanisms or tool support for checking the compatibility of Web services based on the proposed notations. In this paper we present the formalization of one of these Web service choreography proposals (WSCI), and discuss the benefits that can be obtained by such formalization. In particular, we show how to check whether two or more Web services are compatible to interoperate or not, and, if not, whether the specification of adaptors that mediate between them can be automatically generated -hence enabling the communication of (a priori) incompatible Web services.

2011

We describe an abstract protocol model suitable for modelling of web services and other protocols communicating via unreliable, asynchronous communication channels. The model is supported by a tool chain where the first step translates tables with state/transition protocol descriptions, often used e.g. in the design of web services protocols, into an intermediate XML format. We further translate this format into a network of communicating state machines directly suitable for verification in the model checking tool UPPAAL. We introduce two types of communication media abstractions in order to ensure the finiteness of the protocol state-spaces while still being able to verify interesting protocol properties. The translations for different kinds of communication media have been implemented and successfully tested, among others, on agreement protocols from WS-Business Activity.

… Theoretical Computer Science, 2004

Current Web service choreography proposals, such as BPEL4WS, BPSS, WSFL, WSCDL or WSCI, provide notations for describing the message flows in Web service collaborations. However, such proposals remain at the descriptive level, without providing any kind of reasoning mechanisms or tool support for checking the compatibility of Web services based on the proposed notations. In this paper we present the formalization of one of these Web service choreography proposals (WSCI), and discuss the benefits that can be obtained by such formalization. In particular, we show how to check whether two or more Web services are compatible to interoperate or not, and, if not, whether the specification of adaptors that mediate between them can be automatically generated -hence enabling the communication of (a priori) incompatible Web services.

IEEE intelligent systems, 2003

Seventh IEEE International Conference on E-Commerce Technology Workshops

Web Service protocol standards should be unambiguous and provide a complete description of the allowed behavior of the protocols' participants. Implementation of such protocols is an error-prone process, firstly because of the lack of precision and completeness of the standards, and secondly because of erroneous transformation of semantics from the specification to the final implementation. Applying the TLA+ paradigm we first consider the protocol on an abstract level. Safety properties taken from real world scenarios are compared to the facilities of the protocol. As result, we identified some limitation of applicability of the WS-BA protocol to abstract application use cases, modelled from the real world scenarios. These limitations are an omission of possible activities seen in the real world. Further, WS-C and WS-BA make assumptions about the internal structures of the participants, violating SOA paradigm. The former error could be detected by the use of formal methods. The latter can be circumvented by a sophisticated implementation strategy. The proposed strategy of implementing WS-Coordination and WS-BusinessActivity allows non-intrusive integration of the transactional framework, considering SOA requirements. This paper describes the results of analysis and some design decisions taken during the proof-of-concept implementation of WS-C and WS-BA frameworks.

2014 IEEE International Conference on Services Computing, 2014

In a typical web services environment, a web service framework supports the client and server interaction by, among other tasks, announcing the services interfaces and translating application-level service calls to SOAP messages. Although designed to support inter-operation, research and practice suggest that existing client-side and server-side frameworks, many times, cannot fully inter-operate. The problem is that, as web services are increasingly being deployed to support business-critical environments, interoperability issues may prevent or impact business transactions, potentially resulting in huge financial and reputation losses. In this paper we present an experimental evaluation of the interoperability of 1024 publicly available web services, against a set of diverse and well-known clientside web service frameworks. We have detected at least one severe interoperability issue in over 53% of the services tested and quite different inter-operation capabilities regarding the client-side frameworks. Results clearly show that, although providers frequently claim interoperability capabilities, urgent improvements are required.

Lecture Notes in Computer Science, 2002

Web services are hot. To make them workable in practice, however, is not easy. Often, successful implementations of Web services warrant that various applications on heterogeneous platforms participating in a service communicate correctly and effectively. But achieving seamless interoperability among participating entities in a Web service can be tricky. Despite the advances made by standards bodies like Web Services Interoperability Organization, many architectural and implementation level mismatches remain to be tackled. These mismatches stem mainly from the differences in the way various commercial and open-source Web services toolkits implement the core Web services protocols. In this paper, we look at the problems arising for accessing enterprise Java beans exposed through open source Apache SOAP server from Microsoft clients and suggest workarounds to achieve end-to-end interoperability. We demonstrate our approach through a toy application.

Practical Usage of Standards and Specifications, 2008

Web Services have gained considerable traction over the past several years, and are being increasingly leveraged within the academic, business and research communities. The Service Oriented Architecture (SOA) model engendered within Web Services provides a simple and flexible framework for building sophisticated applications. A slew of specifications addressing several core areas -such as reliable messaging, addressing, security etc -within distributed systems have emerged recently. The term WS-* is used as an umbrella term to collectively refer to these specifications. The use of XML throughout the Web Services stack of specifications facilitates interactions between services implemented in different languages, running on different platforms, and over multiple transports. This use of XML distinguishes Web Services from previous efforts such as CORBA (Common Object Resource Broker Architecture) to simply building distributed systems.

The Journal of Logic and Algebraic Programming, 2007

This work faces the problem of automatic selection and composition of web services, discussing the advantages that derive from the inclusion, in a web service declarative description, of the high-level communication protocol, that is used by the service for interacting with its partners, allowing a rational inspection of it. The approach we propose is set in the Semantic Web field of research and inherits from research in the field of multi-agent systems. Web services are viewed as software agents, communicating by predefined sharable interaction protocols. A logic programming framework based on modal logic is proposed, where the protocolbased interactions of web services are formalized and the use of reasoning about actions and change techniques (planning) for performing the tasks of selection and composition of web services in a way that is personalized w.r.t. the user request is enabled. We claim that applying reasoning techniques on a declarative specification of the service interactions allows to gain flexibility in fulfilling the user preference in the context of a web service matchmaking process.

2004

With the development of the semantic Web, the specification of Web services has evolved from a "remote procedure call" style to a behavioral description including standard constructors of programming languages. Such a transformation introduces new problems since traditional clients will not be able to interact with these sophisticated services. In this work, we develop a generic agent capable to fully control the interaction process with a Web service given its XLANG behavioral description (XLANG being one of these languages). At first, we give an operational semantic to XLANG in terms of timed transition systems. Then we define a relation between two communicating systems which formalizes the concept of a correct interaction and we propose an algorithm which either detects ambiguity of the Web service or generates a timed deterministic automaton which controls the agent behavior during the interaction with the service. Starting from these theoretical developments we have built a platform which ensures to a user the correct handling of any complex Web service dynamically discovered through the Web.