Workflow Patterns for Service Oriented Computing in JOLIE

Il presente lavoro di tesi ha come punto focale la descrizione, la verifica e la dimostrazione della realizzabilità dei Workflow Patterns di Gestione del Flusso(Control-Flow) e Risorse (Resource) definiti da parte della Workflow Pattern Initiative (WPI)in JOLIE, un innovativo linguaggio di programmazione orientato ai servizi nato nell'ambito del Service Oriented Computing. Il Service Oriented Computing (SOC) è un nuovo modo di pensare la programmazione di applicazioni distribuite, i cui concetti fondamentali sono i servizi e la composizione. L’approccio SOC definisce la possibilità di costruire un’applicazione in funzione dei servizi che ne realizzano il comportamento tramite una loro composizione, definita secondo un particolare flusso di lavoro. Allo scopo di fornire la necessaria conoscenza per capire la teoria, le meccaniche e i costrutti di JOLIE utilizzati per la realizzazione dei pattern, il seguente lavoro di tesi è stato diviso in quattro parti, corrispondenti ad altrettanti capitoli. Nel primo capitolo viene riportata una descrizione generale del SOC e della Business Process Automation (BPA), che costituisce l’ambiente in cui il SOC è inserito. Per questo viene fatta una disamina della storia informatica sui sistemi distribuiti, fino ad arrivare ai sistemi odierni, presentando in seguito il contesto del BPA e delle innovazioni derivanti dalle sue macro-componenti, di cui il SOC fa parte. Continuando la descrizione dell’approccio Service Oriented, ne vengono presentati i requisiti (pre-condizioni) e si cerca di dare una definizione precisa del termine “servizio”, fino all'enunciazione dei principi SOC declinati nell’ottica delle Service Oriented Architectures, presentando in ultimo i metodi di composizione dei servizi, tramite orchestrazione e coreografia. L’ultima sezione del capitolo prende in considerazione il SOC in un’ottica prettamente industriale e ne evidenzia i punti strategici. Il secondo capitolo è incentrato sulla descrizione di JOLIE, gli aspetti fondamentali dell’approccio orientato ai servizi, che ne caratterizzano profondamente la definizione concettuale (SOCK), e la teoria della composizione dei servizi. Il capitolo non si pone come una descrizione esaustiva di tutte le funzionalità del linguaggio, ma considera soprattutto i concetti teorici, le strutture di dati, gli operatori e i costrutti di JOLIE utilizzati per la dimostrazione della realizzabilità dei Workflow Pattern del capitolo successivo. Il terzo capitolo, più lungo e centrale rispetto agli altri, riguarda la realizzazione dei workflow pattern in JOLIE. All'inizio del capitolo viene fornita una descrizione delle caratteristiche del WPI e dei Workflow Pattern in generale. In seguito, nelle due macro-sezioni relative ai Control-Flow e Resource pattern vengono esposte alcune nozioni riguardanti le metodologie di definizione dei pattern (e.g. la teoria sulla definizione delle Colored Petri Nets) e le convezioni adottate dal WPI, per passare in seguito al vero e proprio lavoro (sperimentale) di tesi riguardo la descrizione dei pattern, l’analisi sulla loro realizzabilità in JOLIE, insieme ad un codice di esempio che esemplifica quanto affermato dall'analisi. Come sommario delle conclusioni raggiunte sui pattern, alla fine di ognuna delle due sezioni definite in precedenza, è presente una scheda di valutazione che, con lo stesso metodo utilizzato e definito dalla WPI, permette di avere una rappresentazione generale della realizzabilità dei pattern in JOLIE. Il quarto capitolo riguarda gli esiti tratti dal lavoro di tesi, riportando un confronto tra le realizzazioni dei pattern in JOLIE e le valutazioni del WPI rispetto agli altri linguaggi da loro considerati e valutati. Sulla base di quanto ottenuto nel terzo capitolo vengono definite le conclusioni del lavoro portato avanti sui pattern e viene delineato un’eventuale scenario riguardante il proseguimento dell’opera concernente la validazione ed il completamento della studio. In ultimo vengono tratte alcune conclusioni sia riguardo JOLIE, nel contesto evolutivo del linguaggio e soprattutto del progetto open-source che è alla sua base, sia sul SOC, considerato nell’ambito del BPA e del suo attuale ambito di sviluppo dinamico.

Jolie - un linguaggio Service Oriented

Nella tesi vengono descritte le caratteristiche principali del linguaggio di programmazione service-oriented Jolie, analizzandone ampiamente la sintassi e proponendo esempi di utilizzo degli operatori e dei costrutti. Viene fatta una panoramica di SOC, SOA, Web Services, Cloud Computing, Orchestrazione, Coreografia, Deployment e Behaviour, gli ultimi due analizzati in diversi capitoli. La tesi si conclude con un esempio di conversione di servizi WSDL in Jolie, producendo un esempio di utilizzo del Web Service convertito. Nel documento vengono accennati i progressi storici del linguaggio ed i loro sviluppatori, nonché le API fornite dal linguaggio.

Domain-Specific Multi-Modeling of Security Concerns in Service-Oriented Architectures

As a common reference for many in-development standards and execution frameworks, special attention is being paid to Service-Oriented Architectures. SOAs modeling, however, is an area in which a consensus has not being achieved. Currently, standardization organizations are defining proposals to offer a solution to this problem. Nevertheless, until very recently, non-functional aspects of services have not been considered for standardization processes. In particular, there exists a lack of a design solution that permits an independent development of the functional and non-functional concerns of SOAs, allowing that each concern be addressed in a convenient manner in early stages of the development, in a way that could guarantee the quality of this type of systems. This paper, leveraging on previous work, presents an approach to integrate security-related non-functional aspects (such as confidentiality, integrity, and access control) in the development of services.

Multi Domain-Specific Modeling of the Security Concerns of Service-Oriented Architectures

Service-Oriented Architectures (SOA), and Web Services (WS), the technology generally used to implement them, achieve the integration of heterogeneous technologies, providing interoperability, and yielding the reutilization of pre-existent systems. Model-driven development methodologies provide inherent benefits such as increased productivity, greater reuse, and better maintainability, to name a few. Efforts on achieving model-driven development of SOAs already exist, but there is currently no standard solution that addresses non-functional aspects of these services as well. This paper presents an approach to integrate these non-functional aspects in the development of web services, with an emphasis on security.

Smart Spaces and Smart Objects interoperability Architecture (S3OiA)

The presented work aims to contribute towards the standardization and the interoperability off the Future Internet through an open and scalable architecture design. We present S³OiA as a syntactic/semantic Service-Oriented Architecture that allows the integration of any type of object or device, not mattering their nature, on the Internet of Things. Moreover, the architecture makes possible the use of underlying heterogeneous resources as a substrate for the automatic composition of complex applications through a semantic Triple Space paradigm. Created applications are dynamic and adaptive since they are able to evolve depending on the context where they are executed. The validation scenario of this architecture encompasses areas which are prone to involve human beings in order to promote personal autonomy, such as home-care automation environments and Ambient Assisted Living.

Analysis of service-oriented computing systems

La computación basada en servicios (Service-Oriented Computing, SOC) se estableció como un paradigma ampliamente aceptado para el desarollo de sistemas de software flexibles, distribuidos y adaptables, donde las composiciones de los servicios realizan las tareas más complejas o de nivel más alto, frecuentemente tareas inter-organizativas usando los servicios atómicos u otras composiciones de servicios. En tales sistemas, las propriedades de la calidad de servicio (Quality of Service, QoS), como la rapídez de procesamiento, coste, disponibilidad o seguridad, son críticas para la usabilidad de los servicios o sus composiciones en cualquier aplicación concreta. El análisis de estas propriedades se puede realizarse de una forma más precisa y rica en información si se utilizan las técnicas de análisis de programas, como el análisis de complejidad o de compartición de datos, que son capables de analizar simultáneamente tanto las estructuras de control como las de datos, dependencias y operaciones en una composición. El análisis de coste computacional para la composicion de servicios puede ayudar a una monitorización predictiva así como a una adaptación proactiva a través de una inferencia automática de coste computacional, usando los limites altos y bajos como funciones del valor o del tamaño de los mensajes de entrada. Tales funciones de coste se pueden usar para adaptación en la forma de selección de los candidatos entre los servicios que minimizan el coste total de la composición, basado en los datos reales que se pasan al servicio. Las funciones de coste también pueden ser combinadas con los parámetros extraídos empíricamente desde la infraestructura, para producir las funciones de los límites de QoS sobre los datos de entrada, cuales se pueden usar para previsar, en el momento de invocación, las violaciones de los compromisos al nivel de servicios (Service Level Agreements, SLA) potenciales or inminentes. En las composiciones críticas, una previsión continua de QoS bastante eficaz y precisa se puede basar en el modelado con restricciones de QoS desde la estructura de la composition, datos empiricos en tiempo de ejecución y (cuando estén disponibles) los resultados del análisis de complejidad. Este enfoque se puede aplicar a las orquestaciones de servicios con un control centralizado del flujo, así como a las coreografías con participantes multiples, siguiendo unas interacciones complejas que modifican su estado. El análisis del compartición de datos puede servir de apoyo para acciones de adaptación, como la paralelización, fragmentación y selección de los componentes, las cuales son basadas en dependencias funcionales y en el contenido de información en los mensajes, datos internos y las actividades de la composición, cuando se usan construcciones de control complejas, como bucles, bifurcaciones y flujos anidados. Tanto las dependencias funcionales como el contenido de información (descrito a través de algunos atributos definidos por el usuario) se pueden expresar usando una representación basada en la lógica de primer orden (claúsulas de Horn), y los resultados del análisis se pueden interpretar como modelos conceptuales basados en retículos. ABSTRACT Service-Oriented Computing (SOC) is a widely accepted paradigm for development of flexible, distributed and adaptable software systems, in which service compositions perform more complex, higher-level, often cross-organizational tasks using atomic services or other service compositions. In such systems, Quality of Service (QoS) properties, such as the performance, cost, availability or security, are critical for the usability of services and their compositions in concrete applications. Analysis of these properties can become more precise and richer in information, if it employs program analysis techniques, such as the complexity and sharing analyses, which are able to simultaneously take into account both the control and the data structures, dependencies, and operations in a composition. Computation cost analysis for service composition can support predictive monitoring and proactive adaptation by automatically inferring computation cost using the upper and lower bound functions of value or size of input messages. These cost functions can be used for adaptation by selecting service candidates that minimize total cost of the composition, based on the actual data that is passed to them. The cost functions can also be combined with the empirically collected infrastructural parameters to produce QoS bounds functions of input data that can be used to predict potential or imminent Service Level Agreement (SLA) violations at the moment of invocation. In mission-critical applications, an effective and accurate continuous QoS prediction, based on continuations, can be achieved by constraint modeling of composition QoS based on its structure, known data at runtime, and (when available) the results of complexity analysis. This approach can be applied to service orchestrations with centralized flow control, and choreographies with multiple participants with complex stateful interactions. Sharing analysis can support adaptation actions, such as parallelization, fragmentation, and component selection, which are based on functional dependencies and information content of the composition messages, internal data, and activities, in presence of complex control constructs, such as loops, branches, and sub-workflows. Both the functional dependencies and the information content (described using user-defined attributes) can be expressed using a first-order logic (Horn clause) representation, and the analysis results can be interpreted as a lattice-based conceptual models.

REST service testing based on inferred XML schemas

The concept of service oriented architecture has been extensively explored in software engineering, due to the fact that it produces architectures made up of several interconnected modules, easy to reuse when building new systems. This approach to design would be impossible without interconnection mechanisms such as REST (Representationa State Transfer) services, which allow module communication while minimizing coupling. . However, this low coupling brings disadvantages, such as the lack of transparency, which makes it difficult to sistematically create tests without knowledge of the inner working of a system. In this article, we present an automatic error detection system for REST services, based on a statistical analysis over responses produced at multiple service invocations. Thus, a service can be systematically tested without knowing its full specification. The method can find errors in REST services which could not be identified by means of traditional testing methods, and provides limited testing coverage for services whose response format is unknown. It can be also useful as a complement to other testing mechanisms.

Smart Monitoring Embedded Service for Energy-Efficient and Sustainable Management in Data Centers

Information technologies (IT) currently represent 2% of CO2 emissions. In recent years, a wide variety of IT solutions have been proposed, focused on increasing the energy efficiency of network data centers. Monitoring is one of the fundamental pillars of these systems, providing the information necessary for adequate decision making. However, today’s monitoring systems (MSs) are partial, specific and highly coupled solutions. This study proposes a model for monitoring data centers that serves as a basis for energy saving systems, offered as a value-added service embedded in a device with low cost and power consumption. The proposal is general in nature, comprehensive, scalable and focused on heterogeneous environments, and it allows quick adaptation to the needs of changing and dynamic environments. Further, a prototype of the system has been implemented in several devices, which has allowed validation of the proposal in addition to identification of the minimum hardware profile required to support the model.

Lessons learned from INTAMAP, an interoperable web service for the real-time interpolation of environmental variables

Interpolated data are an important part of the environmental information exchange as many variables can only be measured at situate discrete sampling locations. Spatial interpolation is a complex operation that has traditionally required expert treatment, making automation a serious challenge. This paper presents a few lessons learnt from INTAMAP, a project that is developing an interoperable web processing service (WPS) for the automatic interpolation of environmental data using advanced geostatistics, adopting a Service Oriented Architecture (SOA). The “rainbow box” approach we followed provides access to the functionality at a whole range of different levels. We show here how the integration of open standards, open source and powerful statistical processing capabilities allows us to automate a complex process while offering users a level of access and control that best suits their requirements. This facilitates benchmarking exercises as well as the regular reporting of environmental information without requiring remote users to have specialized skills in geostatistics.

A Framework for Design-Time Testing of Service-Based Applications at BPEL Level

Software applications created on top of the service-oriented architecture (SOA) are increasingly popular but testing them remains a challenge. In this paper a framework named TASSA for testing the functional and non-functional behaviour of service-based applications is presented. The paper focuses on the concept of design time testing, the corresponding testing approach and architectural integration of the consisting TASSA tools. The individual TASSA tools with sample validation scenarios were already presented with a general view of their relation. This paper’s contribution is the structured testing approach, based on the integral use of the tools and their architectural integration. The framework is based on SOA principles and is composable depending on user requirements.