Web services composition design, verification and monitoring are active and widely studied research directions. Little work however has been done in integrating these related dimensions using a unified formalism. In this paper we propose a declarative event-oriented framework, called DISC, that serves as a unified framework to bridge the gap between the process design, verification and monitoring. Proposed framework allows for a composition design to accommodate various aspects such as data relationships and constraints, Web services dynamic binding, compliance regulations, security or temporal requirements and others. Then, it allows for instantiating, verifying and executing the composition design and for monitoring the process while in execution. The effect of run-time violations can also be calculated and a set of recovery actions can be taken, allowing for the self-healing Web services composition.
ISBN-978-0-7695-3708-5International audienceIn this paper we propose a rule-based approach for the semi-automatic Web services composition problem, giving end-user the control to guide the overall composition process. The end-user builds the composition flow by selecting known Web service instances or constrained Web service types, called nodes, and by connecting them using a set of control/data flow connectors. The specified nodes will then be bound to concrete Web service instances using a set of rule-based queries satisfying the associated constraints. When compared to the traditional approaches, our model is declarative, allows for specifying both the functional and non-functional requirements, provides connectors that include both the data and control flow aspects and aims to choose the one best matched Web service for a node instantiation
Task delegation presents one of the business process security leitmotifs. It defines a mechanism that bridges the gap between both workflow and access control systems. There are two important issues relating to delegation, namely allowing task delegation to complete, and having a secure delegation within a workflow. Delegation completion and authorisation enforcement are specified under specific constraints. Constraints are defined from the delegation context implying the presence of a fixed set of delegation events to control the delegation execution. In this paper, we aim to reason about delegation events to specify delegation policies dynamically. To that end, we present an event-based task delegation model to monitor the delegation process. We then identify relevant events for authorisation enforcement to specify delegation policies. Moreover, we propose a technique that automates delegation policies using event calculus to control the delegation execution and increase the compliance of all delegation changes in the global policy.
International audienceCollaborative environments have put an enormous challenge to secure the information processing systems being used to manage them. Challenges to provide secure framework are amplified when it comes to the domain of flexible and distributed systems as the trust, temporal and performance related aspects need to be catered for. In this paper, we handle some security challenges among others the sub-mentioned ones by proposing a formal cloud-based authorization framework. We have considered trust to be a dynamic attribute to facilitate authorization decisions and have proposed models to handle different qualitative, quantitative and periodicity based temporal constraints. Further, we have presented an architecture for policies evaluation in the cloud
Abstract. In this paper we propose a constraint based declarative approach for Web services composition and monitoring problem. Our approach allows user to build the abstract composition by identifying the participating entities and by providing a set of constraints that mark the boundary of the solution. Different types of constraints have been proposed to handle the composition modeling and monitoring. Abstract composition is then used for instantiating the concrete composition, which both finds and executes an instantiation respecting constraints, and also handles the process run-time monitoring. When compared to the traditional approaches, our approach is declarative and allows for the same set of constraints to be used for composition modeling and monitoring and thus allows for refining the abstract composition as a result of run-time violations, such as service failure or response time delays.
Mashups are defined to be lightweight Web applications aggregating data from different Web services, built using ad-hoc composition and being not concerned with long term stability and robustness. In this paper we present a pattern based approach, called Mashup Processing Network (MPN). The idea is based on Event Processing Network and is supposed to facilitate the creation, modeling and the verification of mashups. MPN provides a view of how different actors interact for the mashup development namely the producer, consumer, mashup processing agent and the communication channels. It also supports modeling transformations and validations of data and offers validation of both functional and non-functional requirements, such as reliable messaging and security, that are key issues within the enterprise context. We have enriched the model with a set of processing operations and categorize them into data composition, transformation and validation categories. These processing operations can be seen as a set of patterns for facilitating the mashup development process. MPN also paves a way for realizing Mashup Oriented Architecture where mashups along with services are used as building blocks for application development.
There are many facets to implementing security within an organization and one such measure is the authorization or the access control process. The recent rise of decentralized file systems such as interplanetary file system (IPFS) allow for decentralized storage of resource using content addressing. Naturally, the authorization process for handling these resources needs to be decentralized as well and decentralized ledger technologies, such as the blockchain with the support of smart contracts can be used to manage the authorization process. In this article, we propose an approach which allows for decoupling authorization logic from the core capabilities of a smart contract and providing advance authorization capabilities, such as contextual delegation, to be readily available. The proposed approach is expressive and can handle many aspects related to authorization such as role-based access control, conflicts, and redundancy reduction.We have used an efficient and modular approach for designing smart contracts. This makes them easier to manage and redeploy, if needed. The data structures used in the smart contracts are carefully chosen to minimize the gas cost, as evident from performance evaluation results.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.