José Antonio Martín Baena | Universidad de Málaga (original) (raw)
Papers by José Antonio Martín Baena
Our world is overrun by software services. Previously we had software components (CORBA), then we... more Our world is overrun by software services. Previously we had software components (CORBA), then we had Web services (SOAP/WSDL/BPEL, JSON, RESTful, JavaScript) and now cloud computing (Amazon EC2, Google App Engine, Microsoft Azure). This trend, together with the rise of WSAN, smartphones, tablets and the Internet of Things, has paved the way to a world of interconnected devices where each node offers and requires new functionality, and services are composed into bigger systems which span across organizations and physical boundaries. However, this new breed of distributed systems has to face the challenge of interoperability. When services are implemented by different developers, provided by different vendors and supported by different infrastructures, incompatibilities tend to arise. These incompatibilities can be present at different levels: signature (the name of the operations), behavior (the supported sequences of operations) and QoS. Such incompatibilities hinder the developmen...
Security is one of the main challenges of service oriented computing. Services need to be loosely... more Security is one of the main challenges of service oriented computing. Services need to be loosely coupled, easily accessible and yet provide tight security guarantees enforced by cryptographic protocols. In this paper, we address how to automatically synthesize an orchestrator process able to guarantee the secure composition of electronic services, supporting dif ferent communication and cryptographic protocols. We present a theoretical model based on process algebra, partial model checking and logical satis ability, plus an automated tool implementing the proposed theory.
Security is considered one of the main challenges for software oriented architectures (SOA). For ... more Security is considered one of the main challenges for software oriented architectures (SOA). For this reason, several standards have been developed around WS-Security. However, these security standards usually hinder interoperability, one of the main pillars of Web service technologies. Software adaptation is a sound solution where an adaptor is deployed in the middle of the communication to overcome signature, behavioural and QoS incompatibilities between services. This is particularly important when dealing with stateful services (such as Windows Workflows or WS-BPEL processes) where any mismatch in the sequence of messages might lead the orchestration to a deadlock situation. We proposed security adaptation contracts as concise and versatile specifications of how such incompatibilities must be solved. Nonetheless, synthesising an adaptor compliant with a given contract is not an easy task where concurrency issues must be kept in mind and security attacks must be analysed and prevented. In this paper, we present an adaptor synthesis, verification and refinement process based on security adaptation contracts which succeeds in overcoming incompatibilities among services and prevents secrecy attacks. We extended the ITACA toolbox for synthesis and deadlock analysis and we integrated it with a variant of CCS, called Crypto-CCS, to verify and refine adaptors based on partial model checking and logical satisfiability techniques.
Abstract. Software integration needs to face signature and behaviour incompatibilities that unavo... more Abstract. Software integration needs to face signature and behaviour incompatibilities that unavoidably arise when composing services developed by different parties. While many of such incompatibilities can be solved by applying existing software adaptation techniques, these are computationally expensive and require to know beforehand the behaviour of the services to be integrated. In this paper, we present a lightweight approach to dynamic service adaptation which does not require any previous knowledge on the behaviour of the services to be integrated. The approach itself is adaptive in the sense that an initial (possibly the most liberal) adaptor behaviour is progressively refined by learning from failures that possibly occur during service interaction.
The evolution from traditional wireless sensor networks towards the Internet of Things has origin... more The evolution from traditional wireless sensor networks towards the Internet of Things has originated the need of interconnecting heterogeneous devices. Sensor Web represents a web of sensor networks accessible by means of service interfaces which enable an interoperable usage of sensor resources. Hence, a shift in the sensor-as-a-service paradigm is required. Dynamic, scalable and adaptive service discovery is crucial in this new scenario of diverse and scarce resources. Contracts present a versatile solution to reason, negotiate and discover services based on their characteristics and capabilities, as well as on their current states. Therefore, we propose a novel approach to address discovery of heterogeneous sensor nodes based on contracts. We use ontologies to capture and support sensor descriptions with semantics concepts and their relationships, increasing the interoperability and allowing complex reasoning in the discovery. We have implemented the discovery process as a service provided by FamiWare, a middleware family for Ambient Intelligence.
Service discovery is one of the corner stones of Service-Oriented Architectures. It aims at findi... more Service discovery is one of the corner stones of Service-Oriented Architectures. It aims at finding the set of services which comply with a query in a scalable way with regard to the number of services in the registry. Current approaches to service discovery are based on registries (like UDDI) which provide efficient search algorithms over the interfaces (in WSDL) and metadata of the services, or are focussed on ontology matching mechanisms over semantic descriptions of the services (e.g., OWL-S). However, these approaches rarely support searching over stateful services (such as those described as Windows Workflows or BPEL processes) based on behavioural queries or, when they do, they perform the behavioural analysis on a second step, due to its computational complexity, and then they discard the services which present deadlocks or livelocks. In this work, we introduce a new search tree for the discovery of stateful services which can be adapted to fulfil behavioural queries. The behaviour and adaptability of the services is analysed upfront during the discovery process. Thanks to Software Adaptation, our approach returns both services which perfectly match the query and those which can be adapted to it. This adaptation overcomes incompatibilities in interface and behaviour, which could lead to deadlock or livelock situations, hence our approach returns more services than traditional techniques. Moreover, behavioral adaptation abstracts services into smaller models which enable service discovery in polynomial time.
Security is considered to be one of the main challenges as regards the widespread application of ... more Security is considered to be one of the main challenges as regards the widespread application of Service Oriented Architectures across organisations. WS-Security, and its successive extensions, have emerged to fulfil this need, but these approaches hinder the loose-coupling among services, therefore constraining their reusability and replaceability. Software adaptation is a sound solution to overcome the incompatibilities in interface, behaviour and security constraints among stateful services. However, programming adaptors from scratch is a tedious and error-prone task where special care must be given to concurrency and security issues. In this work, we propose to use security adaptation contracts that allow us to express and adapt the security requirements of the services and their orchestration. Given a security adaptation contract and the behavioural description of the services (such as BPEL processes or Windows Workflows), we can generate the protocol of the orchestrator that complies with the security requirements (confidentiality, integrity and authenticity), while overcoming incompatibilities at the signature, behaviour and security QoS levels. The formalisation behind security adaptation contracts has other applications such as security policy negotiation and automatic security protocol verification.
Developing systems through the composition of reusable software services is not straightforward i... more Developing systems through the composition of reusable software services is not straightforward in most situations since different kinds of mismatch may occur among their public interfaces. Service adaptation plays a key role in the development of such systems by solving, as automatically as possible, mismatch cases at the different interoperability levels among interfaces by synthesizing a mediating adaptor between services. In this paper, we show the application of model-based adaptation techniques for the construction of service-based systems on a case study. We describe each step of the adaptation process, starting with the automatic extraction of behavioural models from existing interface descriptions, until the final adaptor implementation is generated for the target platform.
Security is considered to be one of the main challenges as regards the widespread application of ... more Security is considered to be one of the main challenges as regards the widespread application of Service Oriented Architectures across organisations. WS-Security, and its successive extensions, have emerged to fulfil this need, but these approaches hinder the loose-coupling among services,
therefore constraining their reusability and replaceability. Software adaptation is a sound solution to overcome the incompatibilities in interface, behaviour and security constraints among stateful services. Adaptation contracts successfully express in a concise manner how to overcome the incompatibilities between secure services. However, most of the work in the literature do not provide the means to generate full-blown adaptors from contracts through an analysable synthesis process. Furthermore, traditional algorithms for adaptor synthesis are comparable to common model checking and simulation techniques in their approach and complexity. Therefore, the state-space of the system was usually explored at least twice: once to generate the adaptor and another to verify the adapted system. In this work, we propose a new approach to generate security adaptors from adaptation contracts. This approach allow us to prove desirable properties, such as deadlock and livelock freedom, by construction of the adaptor, avoiding the computational cost of subsequent verification and simulation phases.
An adaptation contract describes composition constraints and adaptation requirements among severa... more An adaptation contract describes composition constraints and adaptation requirements among several services which were not initially built to interoperate with each other. The manual writing of this specification by a designer is a difficult and error prone task, especially when services are reused taking their behavioural descriptions into account. In this paper, we present a semi-automatic approach to build adaptation contracts. To this purpose, we propose an adaptation contract design process supported by an interactive environment based on a graphical notation, and an engine capable of automatically generating contracts without any human intervention. We also present an experimental study that we carried out using the tool support that we implemented in order to evaluate our approach.
Service Discovery is often limited to search over service interfaces (WSDL), information regardin... more Service Discovery is often limited to search over service interfaces (WSDL), information regarding the service provider and QoS properties. However, the behaviour of stateful services (expressed as a BPEL process or a Windows Workflow) is seldom analysed in the discovery process. The behaviour of the service is important because discovered services might deadlock if their operations are not called in an appropriate sequence (e.g., to authenticate before performing privileged actions). However, the further we restrict the discovery process by considering behaviour, the fewer services we find due to subtle incompatibilities in interface and behaviour. Software adaptation is a sound solution to overcome these incompatibilities among stateful services. In this work, we present a search tree which provides a scalable solution for the discovery of behavioural services that can be adapted to the interface and behaviour expressed in the query. This search tree processes queries in polynomial time. Additionally, being able to find both services that perfectly match the query and those which can be adapted to the query, we discover more services than traditional approaches while achieving better flexibility and scalability in our results.
Adaptation is of utmost importance in systems developed by assembling reusable software services ... more Adaptation is of utmost importance in systems developed by assembling reusable software services accessed through their public interfaces. This process aims at solving, as automatically as possible, mismatch cases which may be given at the different interoperability levels among interfaces by synthesizing a mediating adaptor. In this paper, we present a toolbox that fully supports the adaptation process, including: (i) different methods to construct adaptation contracts involving several services; (ii) simulation and verification techniques which help to identify and correct erroneous behaviours or deadlocking executions; and (iii) techniques for the generation of centralized or distributed adaptor protocols based on the aforementioned contracts. Our toolbox relates our models with implementation platforms, starting with the automatic extraction of behavioural models from existing interface descriptions, until the final adaptor implementation is generated for the target platform.
Software Adaptation aims at composing in a non-intrusive way black-box components or services, ev... more Software Adaptation aims at composing in a non-intrusive way black-box components or services, even if they present some mismatches in their interfaces. Adaptation is a complex issue especially when behavioural descriptions of services are taken into account in their interfaces. In this paper, we first present our abstract notations used to specify behavioural interfaces and adaptation contracts, and propose some solutions to support the specification of these contracts. Then, we overview our techniques for the generation of centralized or distributed adaptor protocols and code based on the aforementioned contracts.
Software development based on the composition of black-box software like Web Services and Softwar... more Software development based on the composition of black-box software like Web Services and Software Components is impeded by incompatibilities in their interfaces. Software adaptation has emerged as a solution to these incompatibilities by using processes in-the-middle (called adapters) that allow the correct interaction between the services. There are several approaches that focused on the automated generation of adapters guided by adaptation contracts which specify how the incompatibilities can be resolved. However, the generation of these contracts is not automated and most existing approaches require these contracts to be specified by hand, which obliges the designer to know all the service details. In this paper, we propose an approach to automatically generate adaptation contracts from the behavioral description of the services. These contracts overcome incompatibilities at signature and behavioral levels. Finally we present our prototype tool that accepts as input the service behaviors written in abstract BPEL and generates adaptation contracts using a combination of an A* algorithm and an expert system.
Enterprise systems rely heavily on compositional software like Software Components or Web Service... more Enterprise systems rely heavily on compositional software like Software Components or Web Services. The composition of this software allows software reusability, greater productivity and reduced costs. However, these components are black-boxes and their direct reuse is prevented by incompatibilities between their interfaces. There are several approaches focused on Software Adaptation which are capable of solving incompatibilities at signature and behavioral levels, but these approaches require abstract specifications which specify how the incompatibilities can be resolved. The generation of these specifications is an open issue and specifications are normally handmade, which forces the designer to understand the subtleties of the components. In this paper we present Dinapter, a tool that automatically generates specifications being given the component behavioral descriptions written in abstract BPEL. Dinapter complements the aforementioned approaches and allows the automatic adaptation of compositional software.
Talks by José Antonio Martín Baena
"Web Services are ubiquitous nowadays either in the form of Javascript (Google Search, Maps and P... more "Web Services are ubiquitous nowadays either in the form of Javascript (Google Search, Maps and Picasa Web for instance), RESTful (Twitter), XML-RPC or SOAP APIs (e.g., Flickr). These services are usually orchestrated into business processes using languages such as WS-BPEL or Windows Workflows that exhibit imperative behaviour. Interoperability and loose coupling are key in Web services but this myriad of languages, APIs and business processes usually impede the proper development, reuse and update of SOA systems.
This talk will introduce the concepts and applications of Web service adaptation. Adaptation is built on top of adaptation contracts, which specify how to overcome incompatibilities at signature (operation names and arguments), behaviour (sequences of operations, conditions, loops, ...), QoS (security, robustness, ...) and semantics levels. Using such contracts, it is automatically generated an adaptor which is transparently deployed in the middle of the communication. The adaptor intercepts and manipulates messages to achieve a proper interaction among initially incompatible services. Web service adaptation has been successfully applied to discovery, design, run-time adaptation and monitoring of SOA systems."
Security is considered one of the main challenges for software oriented architectures (SOA). For ... more Security is considered one of the main challenges for software oriented architectures (SOA). For this reason, several standards have been developed around WS-Security. However, these security standards usually hinder interoperability, one of the main pillars of Web service technologies. Software adaptation is a sound solution where an adaptor is deployed in the middle of the communication to overcome signature, behavioural and QoS incompatibilities between services. This is particularly important when dealing with stateful services (such as Windows Workflows or WS-BPEL processes) where any mismatch in the sequence of messages might lead the orchestration to a deadlock situation. We proposed security adaptation contracts as concise and versatile specifications of how such incompatibilities must be solved. Nonetheless, synthesising an adaptor compliant with a given contract is not an easy task where concurrency issues must be kept in mind and security attacks must be analysed and prevented. In this paper, we present an adaptor synthesis, verification and refinement process based on security adaptation contracts which succeeds in overcoming incompatibilities among services and prevents secrecy attacks. We extended the ITACA toolbox for synthesis and deadlock analysis and we integrated it with a variant of CCS, called Crypto-CCS, to verify and refine adaptors based on partial model checking and logical satisfiability techniques.
Service discovery is one of the corner stones of Service-Oriented Architectures. It aims at findi... more Service discovery is one of the corner stones of Service-Oriented Architectures. It aims at finding the set of services which comply with a query in a scalable way with regard to the number of services in the registry. Current approaches to service discovery are based on registries (like UDDI) which provide efficient search algorithms over the interfaces (described in WSDL) and metadata of the services, or are focussed on ontology matching mechanisms over semantic descriptions of the services (e.g., OWL-S). However, these approaches rarely support searching over stateful services (such as those described as Windows Workflows or BPEL processes) based on behavioural queries or, when they do, they perform the behavioural analysis on a second step, due to its computational complexity, and then they discard the services which present deadlocks or livelocks. In this work, we introduce a new search tree for the discovery of stateful services which can be adapted to fulfil behavioural queries. The behaviour and adaptability of the services is analysed upfront during the discovery process. Thanks to Software Adaptation, our approach returns both services which perfectly match the query and those which can be adapted to it. This adaptation overcomes incompatibilities in interface and behaviour, which could lead to deadlock or livelock situations, hence our approach returns more services than traditional techniques. Moreover, behavioral adaptation abstracts services into smaller models which enable service discovery in polynomial time.
Our world is overrun by software services. Previously we had software components (CORBA), then we... more Our world is overrun by software services. Previously we had software components (CORBA), then we had Web services (SOAP/WSDL/BPEL, JSON, RESTful, JavaScript) and now cloud computing (Amazon EC2, Google App Engine, Microsoft Azure). This trend, together with the rise of WSAN, smartphones, tablets and the Internet of Things, has paved the way to a world of interconnected devices where each node offers and requires new functionality, and services are composed into bigger systems which span across organizations and physical boundaries. However, this new breed of distributed systems has to face the challenge of interoperability. When services are implemented by different developers, provided by different vendors and supported by different infrastructures, incompatibilities tend to arise. These incompatibilities can be present at different levels: signature (the name of the operations), behavior (the supported sequences of operations) and QoS. Such incompatibilities hinder the developmen...
Security is one of the main challenges of service oriented computing. Services need to be loosely... more Security is one of the main challenges of service oriented computing. Services need to be loosely coupled, easily accessible and yet provide tight security guarantees enforced by cryptographic protocols. In this paper, we address how to automatically synthesize an orchestrator process able to guarantee the secure composition of electronic services, supporting dif ferent communication and cryptographic protocols. We present a theoretical model based on process algebra, partial model checking and logical satis ability, plus an automated tool implementing the proposed theory.
Security is considered one of the main challenges for software oriented architectures (SOA). For ... more Security is considered one of the main challenges for software oriented architectures (SOA). For this reason, several standards have been developed around WS-Security. However, these security standards usually hinder interoperability, one of the main pillars of Web service technologies. Software adaptation is a sound solution where an adaptor is deployed in the middle of the communication to overcome signature, behavioural and QoS incompatibilities between services. This is particularly important when dealing with stateful services (such as Windows Workflows or WS-BPEL processes) where any mismatch in the sequence of messages might lead the orchestration to a deadlock situation. We proposed security adaptation contracts as concise and versatile specifications of how such incompatibilities must be solved. Nonetheless, synthesising an adaptor compliant with a given contract is not an easy task where concurrency issues must be kept in mind and security attacks must be analysed and prevented. In this paper, we present an adaptor synthesis, verification and refinement process based on security adaptation contracts which succeeds in overcoming incompatibilities among services and prevents secrecy attacks. We extended the ITACA toolbox for synthesis and deadlock analysis and we integrated it with a variant of CCS, called Crypto-CCS, to verify and refine adaptors based on partial model checking and logical satisfiability techniques.
Abstract. Software integration needs to face signature and behaviour incompatibilities that unavo... more Abstract. Software integration needs to face signature and behaviour incompatibilities that unavoidably arise when composing services developed by different parties. While many of such incompatibilities can be solved by applying existing software adaptation techniques, these are computationally expensive and require to know beforehand the behaviour of the services to be integrated. In this paper, we present a lightweight approach to dynamic service adaptation which does not require any previous knowledge on the behaviour of the services to be integrated. The approach itself is adaptive in the sense that an initial (possibly the most liberal) adaptor behaviour is progressively refined by learning from failures that possibly occur during service interaction.
The evolution from traditional wireless sensor networks towards the Internet of Things has origin... more The evolution from traditional wireless sensor networks towards the Internet of Things has originated the need of interconnecting heterogeneous devices. Sensor Web represents a web of sensor networks accessible by means of service interfaces which enable an interoperable usage of sensor resources. Hence, a shift in the sensor-as-a-service paradigm is required. Dynamic, scalable and adaptive service discovery is crucial in this new scenario of diverse and scarce resources. Contracts present a versatile solution to reason, negotiate and discover services based on their characteristics and capabilities, as well as on their current states. Therefore, we propose a novel approach to address discovery of heterogeneous sensor nodes based on contracts. We use ontologies to capture and support sensor descriptions with semantics concepts and their relationships, increasing the interoperability and allowing complex reasoning in the discovery. We have implemented the discovery process as a service provided by FamiWare, a middleware family for Ambient Intelligence.
Service discovery is one of the corner stones of Service-Oriented Architectures. It aims at findi... more Service discovery is one of the corner stones of Service-Oriented Architectures. It aims at finding the set of services which comply with a query in a scalable way with regard to the number of services in the registry. Current approaches to service discovery are based on registries (like UDDI) which provide efficient search algorithms over the interfaces (in WSDL) and metadata of the services, or are focussed on ontology matching mechanisms over semantic descriptions of the services (e.g., OWL-S). However, these approaches rarely support searching over stateful services (such as those described as Windows Workflows or BPEL processes) based on behavioural queries or, when they do, they perform the behavioural analysis on a second step, due to its computational complexity, and then they discard the services which present deadlocks or livelocks. In this work, we introduce a new search tree for the discovery of stateful services which can be adapted to fulfil behavioural queries. The behaviour and adaptability of the services is analysed upfront during the discovery process. Thanks to Software Adaptation, our approach returns both services which perfectly match the query and those which can be adapted to it. This adaptation overcomes incompatibilities in interface and behaviour, which could lead to deadlock or livelock situations, hence our approach returns more services than traditional techniques. Moreover, behavioral adaptation abstracts services into smaller models which enable service discovery in polynomial time.
Security is considered to be one of the main challenges as regards the widespread application of ... more Security is considered to be one of the main challenges as regards the widespread application of Service Oriented Architectures across organisations. WS-Security, and its successive extensions, have emerged to fulfil this need, but these approaches hinder the loose-coupling among services, therefore constraining their reusability and replaceability. Software adaptation is a sound solution to overcome the incompatibilities in interface, behaviour and security constraints among stateful services. However, programming adaptors from scratch is a tedious and error-prone task where special care must be given to concurrency and security issues. In this work, we propose to use security adaptation contracts that allow us to express and adapt the security requirements of the services and their orchestration. Given a security adaptation contract and the behavioural description of the services (such as BPEL processes or Windows Workflows), we can generate the protocol of the orchestrator that complies with the security requirements (confidentiality, integrity and authenticity), while overcoming incompatibilities at the signature, behaviour and security QoS levels. The formalisation behind security adaptation contracts has other applications such as security policy negotiation and automatic security protocol verification.
Developing systems through the composition of reusable software services is not straightforward i... more Developing systems through the composition of reusable software services is not straightforward in most situations since different kinds of mismatch may occur among their public interfaces. Service adaptation plays a key role in the development of such systems by solving, as automatically as possible, mismatch cases at the different interoperability levels among interfaces by synthesizing a mediating adaptor between services. In this paper, we show the application of model-based adaptation techniques for the construction of service-based systems on a case study. We describe each step of the adaptation process, starting with the automatic extraction of behavioural models from existing interface descriptions, until the final adaptor implementation is generated for the target platform.
Security is considered to be one of the main challenges as regards the widespread application of ... more Security is considered to be one of the main challenges as regards the widespread application of Service Oriented Architectures across organisations. WS-Security, and its successive extensions, have emerged to fulfil this need, but these approaches hinder the loose-coupling among services,
therefore constraining their reusability and replaceability. Software adaptation is a sound solution to overcome the incompatibilities in interface, behaviour and security constraints among stateful services. Adaptation contracts successfully express in a concise manner how to overcome the incompatibilities between secure services. However, most of the work in the literature do not provide the means to generate full-blown adaptors from contracts through an analysable synthesis process. Furthermore, traditional algorithms for adaptor synthesis are comparable to common model checking and simulation techniques in their approach and complexity. Therefore, the state-space of the system was usually explored at least twice: once to generate the adaptor and another to verify the adapted system. In this work, we propose a new approach to generate security adaptors from adaptation contracts. This approach allow us to prove desirable properties, such as deadlock and livelock freedom, by construction of the adaptor, avoiding the computational cost of subsequent verification and simulation phases.
An adaptation contract describes composition constraints and adaptation requirements among severa... more An adaptation contract describes composition constraints and adaptation requirements among several services which were not initially built to interoperate with each other. The manual writing of this specification by a designer is a difficult and error prone task, especially when services are reused taking their behavioural descriptions into account. In this paper, we present a semi-automatic approach to build adaptation contracts. To this purpose, we propose an adaptation contract design process supported by an interactive environment based on a graphical notation, and an engine capable of automatically generating contracts without any human intervention. We also present an experimental study that we carried out using the tool support that we implemented in order to evaluate our approach.
Service Discovery is often limited to search over service interfaces (WSDL), information regardin... more Service Discovery is often limited to search over service interfaces (WSDL), information regarding the service provider and QoS properties. However, the behaviour of stateful services (expressed as a BPEL process or a Windows Workflow) is seldom analysed in the discovery process. The behaviour of the service is important because discovered services might deadlock if their operations are not called in an appropriate sequence (e.g., to authenticate before performing privileged actions). However, the further we restrict the discovery process by considering behaviour, the fewer services we find due to subtle incompatibilities in interface and behaviour. Software adaptation is a sound solution to overcome these incompatibilities among stateful services. In this work, we present a search tree which provides a scalable solution for the discovery of behavioural services that can be adapted to the interface and behaviour expressed in the query. This search tree processes queries in polynomial time. Additionally, being able to find both services that perfectly match the query and those which can be adapted to the query, we discover more services than traditional approaches while achieving better flexibility and scalability in our results.
Adaptation is of utmost importance in systems developed by assembling reusable software services ... more Adaptation is of utmost importance in systems developed by assembling reusable software services accessed through their public interfaces. This process aims at solving, as automatically as possible, mismatch cases which may be given at the different interoperability levels among interfaces by synthesizing a mediating adaptor. In this paper, we present a toolbox that fully supports the adaptation process, including: (i) different methods to construct adaptation contracts involving several services; (ii) simulation and verification techniques which help to identify and correct erroneous behaviours or deadlocking executions; and (iii) techniques for the generation of centralized or distributed adaptor protocols based on the aforementioned contracts. Our toolbox relates our models with implementation platforms, starting with the automatic extraction of behavioural models from existing interface descriptions, until the final adaptor implementation is generated for the target platform.
Software Adaptation aims at composing in a non-intrusive way black-box components or services, ev... more Software Adaptation aims at composing in a non-intrusive way black-box components or services, even if they present some mismatches in their interfaces. Adaptation is a complex issue especially when behavioural descriptions of services are taken into account in their interfaces. In this paper, we first present our abstract notations used to specify behavioural interfaces and adaptation contracts, and propose some solutions to support the specification of these contracts. Then, we overview our techniques for the generation of centralized or distributed adaptor protocols and code based on the aforementioned contracts.
Software development based on the composition of black-box software like Web Services and Softwar... more Software development based on the composition of black-box software like Web Services and Software Components is impeded by incompatibilities in their interfaces. Software adaptation has emerged as a solution to these incompatibilities by using processes in-the-middle (called adapters) that allow the correct interaction between the services. There are several approaches that focused on the automated generation of adapters guided by adaptation contracts which specify how the incompatibilities can be resolved. However, the generation of these contracts is not automated and most existing approaches require these contracts to be specified by hand, which obliges the designer to know all the service details. In this paper, we propose an approach to automatically generate adaptation contracts from the behavioral description of the services. These contracts overcome incompatibilities at signature and behavioral levels. Finally we present our prototype tool that accepts as input the service behaviors written in abstract BPEL and generates adaptation contracts using a combination of an A* algorithm and an expert system.
Enterprise systems rely heavily on compositional software like Software Components or Web Service... more Enterprise systems rely heavily on compositional software like Software Components or Web Services. The composition of this software allows software reusability, greater productivity and reduced costs. However, these components are black-boxes and their direct reuse is prevented by incompatibilities between their interfaces. There are several approaches focused on Software Adaptation which are capable of solving incompatibilities at signature and behavioral levels, but these approaches require abstract specifications which specify how the incompatibilities can be resolved. The generation of these specifications is an open issue and specifications are normally handmade, which forces the designer to understand the subtleties of the components. In this paper we present Dinapter, a tool that automatically generates specifications being given the component behavioral descriptions written in abstract BPEL. Dinapter complements the aforementioned approaches and allows the automatic adaptation of compositional software.
"Web Services are ubiquitous nowadays either in the form of Javascript (Google Search, Maps and P... more "Web Services are ubiquitous nowadays either in the form of Javascript (Google Search, Maps and Picasa Web for instance), RESTful (Twitter), XML-RPC or SOAP APIs (e.g., Flickr). These services are usually orchestrated into business processes using languages such as WS-BPEL or Windows Workflows that exhibit imperative behaviour. Interoperability and loose coupling are key in Web services but this myriad of languages, APIs and business processes usually impede the proper development, reuse and update of SOA systems.
This talk will introduce the concepts and applications of Web service adaptation. Adaptation is built on top of adaptation contracts, which specify how to overcome incompatibilities at signature (operation names and arguments), behaviour (sequences of operations, conditions, loops, ...), QoS (security, robustness, ...) and semantics levels. Using such contracts, it is automatically generated an adaptor which is transparently deployed in the middle of the communication. The adaptor intercepts and manipulates messages to achieve a proper interaction among initially incompatible services. Web service adaptation has been successfully applied to discovery, design, run-time adaptation and monitoring of SOA systems."
Security is considered one of the main challenges for software oriented architectures (SOA). For ... more Security is considered one of the main challenges for software oriented architectures (SOA). For this reason, several standards have been developed around WS-Security. However, these security standards usually hinder interoperability, one of the main pillars of Web service technologies. Software adaptation is a sound solution where an adaptor is deployed in the middle of the communication to overcome signature, behavioural and QoS incompatibilities between services. This is particularly important when dealing with stateful services (such as Windows Workflows or WS-BPEL processes) where any mismatch in the sequence of messages might lead the orchestration to a deadlock situation. We proposed security adaptation contracts as concise and versatile specifications of how such incompatibilities must be solved. Nonetheless, synthesising an adaptor compliant with a given contract is not an easy task where concurrency issues must be kept in mind and security attacks must be analysed and prevented. In this paper, we present an adaptor synthesis, verification and refinement process based on security adaptation contracts which succeeds in overcoming incompatibilities among services and prevents secrecy attacks. We extended the ITACA toolbox for synthesis and deadlock analysis and we integrated it with a variant of CCS, called Crypto-CCS, to verify and refine adaptors based on partial model checking and logical satisfiability techniques.
Service discovery is one of the corner stones of Service-Oriented Architectures. It aims at findi... more Service discovery is one of the corner stones of Service-Oriented Architectures. It aims at finding the set of services which comply with a query in a scalable way with regard to the number of services in the registry. Current approaches to service discovery are based on registries (like UDDI) which provide efficient search algorithms over the interfaces (described in WSDL) and metadata of the services, or are focussed on ontology matching mechanisms over semantic descriptions of the services (e.g., OWL-S). However, these approaches rarely support searching over stateful services (such as those described as Windows Workflows or BPEL processes) based on behavioural queries or, when they do, they perform the behavioural analysis on a second step, due to its computational complexity, and then they discard the services which present deadlocks or livelocks. In this work, we introduce a new search tree for the discovery of stateful services which can be adapted to fulfil behavioural queries. The behaviour and adaptability of the services is analysed upfront during the discovery process. Thanks to Software Adaptation, our approach returns both services which perfectly match the query and those which can be adapted to it. This adaptation overcomes incompatibilities in interface and behaviour, which could lead to deadlock or livelock situations, hence our approach returns more services than traditional techniques. Moreover, behavioral adaptation abstracts services into smaller models which enable service discovery in polynomial time.