Domain-Specific Multi-Modeling of Security Concerns in Service-Oriented Architectures

As a common reference for many in-development standards and execution frameworks, special attention is being paid to Service-Oriented Architectures. SOAs modeling, however, is an area in which a consensus has not being achieved. Currently, standardization organizations are defining proposals to offer a solution to this problem. Nevertheless, until very recently, non-functional aspects of services have not been considered for standardization processes. In particular, there exists a lack of a design solution that permits an independent development of the functional and non-functional concerns of SOAs, allowing that each concern be addressed in a convenient manner in early stages of the development, in a way that could guarantee the quality of this type of systems. This paper, leveraging on previous work, presents an approach to integrate security-related non-functional aspects (such as confidentiality, integrity, and access control) in the development of services.

Multi Domain-Specific Modeling of the Security Concerns of Service-Oriented Architectures

Service-Oriented Architectures (SOA), and Web Services (WS), the technology generally used to implement them, achieve the integration of heterogeneous technologies, providing interoperability, and yielding the reutilization of pre-existent systems. Model-driven development methodologies provide inherent benefits such as increased productivity, greater reuse, and better maintainability, to name a few. Efforts on achieving model-driven development of SOAs already exist, but there is currently no standard solution that addresses non-functional aspects of these services as well. This paper presents an approach to integrate these non-functional aspects in the development of web services, with an emphasis on security.

Smart Spaces and Smart Objects interoperability Architecture (S3OiA)

The presented work aims to contribute towards the standardization and the interoperability off the Future Internet through an open and scalable architecture design. We present S³OiA as a syntactic/semantic Service-Oriented Architecture that allows the integration of any type of object or device, not mattering their nature, on the Internet of Things. Moreover, the architecture makes possible the use of underlying heterogeneous resources as a substrate for the automatic composition of complex applications through a semantic Triple Space paradigm. Created applications are dynamic and adaptive since they are able to evolve depending on the context where they are executed. The validation scenario of this architecture encompasses areas which are prone to involve human beings in order to promote personal autonomy, such as home-care automation environments and Ambient Assisted Living.

Analysis of service-oriented computing systems

La computación basada en servicios (Service-Oriented Computing, SOC) se estableció como un paradigma ampliamente aceptado para el desarollo de sistemas de software flexibles, distribuidos y adaptables, donde las composiciones de los servicios realizan las tareas más complejas o de nivel más alto, frecuentemente tareas inter-organizativas usando los servicios atómicos u otras composiciones de servicios. En tales sistemas, las propriedades de la calidad de servicio (Quality of Service, QoS), como la rapídez de procesamiento, coste, disponibilidad o seguridad, son críticas para la usabilidad de los servicios o sus composiciones en cualquier aplicación concreta. El análisis de estas propriedades se puede realizarse de una forma más precisa y rica en información si se utilizan las técnicas de análisis de programas, como el análisis de complejidad o de compartición de datos, que son capables de analizar simultáneamente tanto las estructuras de control como las de datos, dependencias y operaciones en una composición. El análisis de coste computacional para la composicion de servicios puede ayudar a una monitorización predictiva así como a una adaptación proactiva a través de una inferencia automática de coste computacional, usando los limites altos y bajos como funciones del valor o del tamaño de los mensajes de entrada. Tales funciones de coste se pueden usar para adaptación en la forma de selección de los candidatos entre los servicios que minimizan el coste total de la composición, basado en los datos reales que se pasan al servicio. Las funciones de coste también pueden ser combinadas con los parámetros extraídos empíricamente desde la infraestructura, para producir las funciones de los límites de QoS sobre los datos de entrada, cuales se pueden usar para previsar, en el momento de invocación, las violaciones de los compromisos al nivel de servicios (Service Level Agreements, SLA) potenciales or inminentes. En las composiciones críticas, una previsión continua de QoS bastante eficaz y precisa se puede basar en el modelado con restricciones de QoS desde la estructura de la composition, datos empiricos en tiempo de ejecución y (cuando estén disponibles) los resultados del análisis de complejidad. Este enfoque se puede aplicar a las orquestaciones de servicios con un control centralizado del flujo, así como a las coreografías con participantes multiples, siguiendo unas interacciones complejas que modifican su estado. El análisis del compartición de datos puede servir de apoyo para acciones de adaptación, como la paralelización, fragmentación y selección de los componentes, las cuales son basadas en dependencias funcionales y en el contenido de información en los mensajes, datos internos y las actividades de la composición, cuando se usan construcciones de control complejas, como bucles, bifurcaciones y flujos anidados. Tanto las dependencias funcionales como el contenido de información (descrito a través de algunos atributos definidos por el usuario) se pueden expresar usando una representación basada en la lógica de primer orden (claúsulas de Horn), y los resultados del análisis se pueden interpretar como modelos conceptuales basados en retículos. ABSTRACT Service-Oriented Computing (SOC) is a widely accepted paradigm for development of flexible, distributed and adaptable software systems, in which service compositions perform more complex, higher-level, often cross-organizational tasks using atomic services or other service compositions. In such systems, Quality of Service (QoS) properties, such as the performance, cost, availability or security, are critical for the usability of services and their compositions in concrete applications. Analysis of these properties can become more precise and richer in information, if it employs program analysis techniques, such as the complexity and sharing analyses, which are able to simultaneously take into account both the control and the data structures, dependencies, and operations in a composition. Computation cost analysis for service composition can support predictive monitoring and proactive adaptation by automatically inferring computation cost using the upper and lower bound functions of value or size of input messages. These cost functions can be used for adaptation by selecting service candidates that minimize total cost of the composition, based on the actual data that is passed to them. The cost functions can also be combined with the empirically collected infrastructural parameters to produce QoS bounds functions of input data that can be used to predict potential or imminent Service Level Agreement (SLA) violations at the moment of invocation. In mission-critical applications, an effective and accurate continuous QoS prediction, based on continuations, can be achieved by constraint modeling of composition QoS based on its structure, known data at runtime, and (when available) the results of complexity analysis. This approach can be applied to service orchestrations with centralized flow control, and choreographies with multiple participants with complex stateful interactions. Sharing analysis can support adaptation actions, such as parallelization, fragmentation, and component selection, which are based on functional dependencies and information content of the composition messages, internal data, and activities, in presence of complex control constructs, such as loops, branches, and sub-workflows. Both the functional dependencies and the information content (described using user-defined attributes) can be expressed using a first-order logic (Horn clause) representation, and the analysis results can be interpreted as a lattice-based conceptual models.

REST service testing based on inferred XML schemas

The concept of service oriented architecture has been extensively explored in software engineering, due to the fact that it produces architectures made up of several interconnected modules, easy to reuse when building new systems. This approach to design would be impossible without interconnection mechanisms such as REST (Representationa State Transfer) services, which allow module communication while minimizing coupling. . However, this low coupling brings disadvantages, such as the lack of transparency, which makes it difficult to sistematically create tests without knowledge of the inner working of a system. In this article, we present an automatic error detection system for REST services, based on a statistical analysis over responses produced at multiple service invocations. Thus, a service can be systematically tested without knowing its full specification. The method can find errors in REST services which could not be identified by means of traditional testing methods, and provides limited testing coverage for services whose response format is unknown. It can be also useful as a complement to other testing mechanisms.

Desarrollo de una plataforma de gestión de un laboratorio automatizado

El presente TFG está enmarcado en el contexto de la biología sintética (más concretamente en la automatización de protocolos) y representa una parte de los avances en este sector. Se trata de una plataforma de gestión de laboratorios autónomos. El resultado tecnológico servirá para ayudar al operador a coordinar las máquinas disponibles en un laboratorio a la hora de ejecutar un experimento basado en un protocolo de biología sintética. En la actualidad los experimentos biológicos tienen una tasa de éxito muy baja en laboratorios convencionales debido a la cantidad de factores externos que intervienen durante el protocolo. Además estos experimentos son caros y requieren de un operador pendiente de la ejecución en cada fase del protocolo. La automatización de laboratorios puede suponer un aumento de la tasa de éxito, además de una reducción de costes y de riesgos para los trabajadores en el entorno del laboratorio. En la presente propuesta se pretende que se dividan las distintas entidades de un laboratorio en unidades funcionales que serán los elementos a ser coordinados por la herramienta resultado del TFG. Para aportar flexibilidad a la herramienta se utilizará una arquitectura orientada a servicios (SOA). Cada unidad funcional desplegará un servicio web proporcionando su funcionalidad al resto del laboratorio. SOA es esencial para la comunicación entre máquinas ya que permite la abstracción del tipo de máquina que se trate y como esté implementada su funcionalidad. La principal dificultad del TFG consiste en lidiar con las dificultades de integración y coordinación de las distintas unidades funcionales para poder gestionar adecuadamente el ciclo de vida de un experimento. Para ello se ha realizado un análisis de herramientas disponibles de software libre. Finalmente se ha escogido la plataforma Apache Camel como marco sobre el que crear la herramienta específica planteada en el TFG. Apache Camel juega un papel importantísimo en este proyecto, ya que establece las capas de conexión a los distintos servicios y encamina los mensajes oportunos a cada servicio basándose en el contenido del fichero de entrada. Para la preparación del prototipo se han desarrollado una serie de servicios web que permitirán realizar pruebas y demostraciones de concepto de la herramienta en sí. Además se ha desarrollado una versión preliminar de la aplicación web que utilizará el operador del laboratorio para gestionar las peticiones, decidiendo que protocolo se ejecuta a continuación y siguiendo el flujo de tareas del experimento.---ABSTRACT---The current TFG is bound by synthetic biology context (more specifically in the protocol automation) and represents an element of progression in this sector. It consists of a management platform for automated laboratories. The technological result will help the operator to coordinate the available machines in a lab, this way an experiment based on a synthetic biological protocol, could be executed. Nowadays, the biological experiments have a low success rate in conventional laboratories, due to the amount of external factors that intrude during the protocol. On top of it, these experiments are usually expensive and require of an operator monitoring at every phase of the protocol. The laboratories’ automation might mean an increase in the success rate, and also a reduction of costs and risks for the lab workers. The current approach is hoped to divide the different entities in a laboratory in functional units. Those will be the elements to be coordinated by the tool that results from this TFG. In order to provide flexibility to the system, a service-oriented architecture will be used (SOA). Every functional unit will deploy a web service, publishing its functionality to the rest of the lab. SOA is essential to facilitate the communication between machines, due to the fact that it provides an abstraction on the type of the machine and how its functionality is implemented. The main difficulty of this TFG consists on grappling with the integration and coordination problems, being able to manage successfully the lifecycle of an experiment. For that, a benchmark has been made on the available open source tools. Finally Apache Camel has been chosen as a framework over which the tool defined in the TFG will be created. Apache Camel plays a fundamental role in this project, given that it establishes the connection layers to the different services and routes the suitable messages to each service, based on the received file’s content. For the prototype development a number of services that will allow it to perform demonstrations and concept tests have been deployed. Furthermore a preliminary version of the webapp has been developed. It will allow the laboratory operator managing petitions, to decide what protocol goes next as it executes the flow of the experiment’s tasks.

Smart Monitoring Embedded Service for Energy-Efficient and Sustainable Management in Data Centers

Information technologies (IT) currently represent 2% of CO2 emissions. In recent years, a wide variety of IT solutions have been proposed, focused on increasing the energy efficiency of network data centers. Monitoring is one of the fundamental pillars of these systems, providing the information necessary for adequate decision making. However, today’s monitoring systems (MSs) are partial, specific and highly coupled solutions. This study proposes a model for monitoring data centers that serves as a basis for energy saving systems, offered as a value-added service embedded in a device with low cost and power consumption. The proposal is general in nature, comprehensive, scalable and focused on heterogeneous environments, and it allows quick adaptation to the needs of changing and dynamic environments. Further, a prototype of the system has been implemented in several devices, which has allowed validation of the proposal in addition to identification of the minimum hardware profile required to support the model.

Lessons learned from INTAMAP, an interoperable web service for the real-time interpolation of environmental variables

Interpolated data are an important part of the environmental information exchange as many variables can only be measured at situate discrete sampling locations. Spatial interpolation is a complex operation that has traditionally required expert treatment, making automation a serious challenge. This paper presents a few lessons learnt from INTAMAP, a project that is developing an interoperable web processing service (WPS) for the automatic interpolation of environmental data using advanced geostatistics, adopting a Service Oriented Architecture (SOA). The “rainbow box” approach we followed provides access to the functionality at a whole range of different levels. We show here how the integration of open standards, open source and powerful statistical processing capabilities allows us to automate a complex process while offering users a level of access and control that best suits their requirements. This facilitates benchmarking exercises as well as the regular reporting of environmental information without requiring remote users to have specialized skills in geostatistics.

A Framework for Design-Time Testing of Service-Based Applications at BPEL Level

Software applications created on top of the service-oriented architecture (SOA) are increasingly popular but testing them remains a challenge. In this paper a framework named TASSA for testing the functional and non-functional behaviour of service-based applications is presented. The paper focuses on the concept of design time testing, the corresponding testing approach and architectural integration of the consisting TASSA tools. The individual TASSA tools with sample validation scenarios were already presented with a general view of their relation. This paper’s contribution is the structured testing approach, based on the integral use of the tools and their architectural integration. The framework is based on SOA principles and is composable depending on user requirements.

On-Line Real-Time Service-Oriented Task Scheduling Using TUF

We present our approach to real-time service-oriented scheduling problems with the objective of maximizing the total system utility. Different from the traditional utility accrual scheduling problems that each task is associated with only a single time utility function (TUF), we associate two different TUFs—a profit TUF and a penalty TUF—with each task, to model the real-time services that not only need to reward the early completions but also need to penalize the abortions or deadline misses. The scheduling heuristics we proposed in this paper judiciously accept, schedule, and abort real-time services when necessary to maximize the accrued utility. Our extensive experimental results show that our proposed algorithms can significantly outperform the traditional scheduling algorithms such as the Earliest Deadline First (EDF), the traditional utility accrual (UA) scheduling algorithms, and an earlier scheduling approach based on a similar model.

Content architecture applications in healthcare

Healthcare delivery is undergoing significant transformation in the United States. Many hospitals and clinics are utilizing electronic means for maintaining patient records. Implementation of electronic health records is now a prevalent activity at many healthcare organizations. Despite the use of electronic health records by many healthcare organizations, it is still difficult to obtain meaningful information from electronic data pertaining to healthcare. Intelligent content applications organize the data within a company make all the data in the organization searchable and retrievable for faster access. This paper therefore explores SOA (Service oriented architecture) and intelligent content architecture in an attempt to suggest better structures that enable retrieval of related data from myriad sources within a company. While intelligent content applications are being slowly developed for areas such as electronic publishing, its use in healthcare organizations has been limited. This paper discusses applications of intelligent content architecture for the healthcare domain.

OdinTelehealth: a mobile service platform for telehealth

In this paper we present our experience with developing telehealth applications using smartphones in conjunction with a mobile service provisioning middleware platform named Odin. Common requirements for mobile telehealth applications include the need to support multiple stakeholders, high levels of connectivity between users, real-time interaction, bidirectional communication channels for exchanging diverse data types, computationally intensive processing and security. Meeting these needs is a non-trivial task in mobile execution environments given the limitations of mobile devices and wireless and mobile networks. Odin enables a separation of concerns between application functionality and resource management governing mobile devices and wireless networking. Using Odin, application developers can rapidly develop telehealth applications without needing to address underlying complexity. We describe development of an Odin-based monitoring application that meets many of the aforementioned requirements associated with mobile telehealth. Based on evaluation, results for smartphone power consumption, network bandwidth usage, and communication latency suggest that Odin is an appropriate platform for general telehealth applications.