Fortified Web Services Contracts for Trusted Components Avi Jencmen Amiram Yehudai.

Slides:



Advertisements
Similar presentations
Web Service Architecture
Advertisements

Service Description: WSDL COMP6017 Topics on Web Services Dr Nicholas Gibbins –
An Introduction to Web Services Sriram Krishnan, Ph.D.
Web Service Ahmed Gamal Ahmed Nile University Bioinformatics Group
Introduction to WSDL presented by Xiang Fu. Source WSDL 1.1 specification WSDL 1.1 specification – WSDL 1.2 working draft WSDL.
1 Understanding Web Services Presented By: Woodas Lai.
Web Services Darshan R. Kapadia Gregor von Laszewski 1http://grid.rit.edu.
Web Services Nasrullah. Motivation about web service There are number of programms over the internet that need to communicate with other programms over.
Realisation of SOA using Web Services Adomas Svirskas Vilnius University December 2005.
SOA and Web Services. SOA Architecture Explaination Transport protocols - communicate between a service and a requester. Messaging layer - enables the.
Presentation 7: Part 1: Web Services Introduced. Outline Definition Overview of Web Services Examples Next Time: SOAP & WSDL.
OASIS Reference Model for Service Oriented Architecture 1.0
Interactive Systems Technical Design Seminar work: Web Services Janne Ojanaho.
Presentation 7 part 2: SOAP & WSDL. Ingeniørhøjskolen i Århus Slide 2 Outline Building blocks in Web Services SOA SOAP WSDL (UDDI)
Latest techniques and Applications in Interprocess Communication and Coordination Xiaoou Zhang.
Understand Web Services
XML Technologies and Applications Rajshekhar Sunderraman Department of Computer Science Georgia State University Atlanta, GA 30302
Web Ontology Language for Service (OWL-S). Introduction OWL-S –OWL-based Web service ontology –a core set of markup language constructs for describing.
Grid Computing, B. Wilkinson, 20043a.1 WEB SERVICES Introduction.
Fortified Web Services Contracts for Trusted Components Proof of Concept.
2006 IEEE International Conference on Web Services ICWS 2006 Overview.
Web Service Architecture Part I- Overview and Models (based on W3C Working Group Note Frank.
CS 522 WebServices -Sujeeth Narayan -Ankur Patwa.
WSDL Web Services Description Language Neet Wadhwani University of Colorado 3 rd October, 2001.
Web Services Michael Smith Alex Feldman. What is a Web Service? A Web service is a message-oriented software system designed to support inter-operable.
Web services A Web service is an interface that describes a collection of operations that are network-accessible through standardized XML messaging. A.
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
Processing of structured documents Spring 2003, Part 6 Helena Ahonen-Myka.
THE NEXT STEP IN WEB SERVICES By Francisco Curbera,… Memtimin MAHMUT 2012.
1 Web Services Distributed Systems. 2 Service Oriented Architecture Service-Oriented Architecture (SOA) expresses a software architectural concept that.
T Network Application Frameworks and XML Web Services and WSDL Sasu Tarkoma Based on slides by Pekka Nikander.
The Semantic Web Service Shuying Wang Outline Semantic Web vision Core technologies XML, RDF, Ontology, Agent… Web services DAML-S.
Web Services (SOAP, WSDL, and UDDI)
* * 0 OWL-S: Ontology Web Language For Services Reyhan AYDOĞAN Emre YILMAZ 21/12/2005OWL-S: Ontology Web Language for Services.
James Holladay, Mario Sweeney, Vu Tran. Web Services Presentation Web Services Theory James Holladay Tools – Visual Studio Vu Tran Tools – Net Beans Mario.
Web Services Description Language (WSDL) Jason Glenn CDA 5937 Process Coordination in Service and Computational Grids September 30, 2002.
WSDL Tutorial Ching-Long Yeh 葉慶隆 Department of Computer Science and Engineering Tatung University
Web Services Description Language CS409 Application Services Even Semester 2007.
Dodick Zulaimi Sudirman Lecture 14 Introduction to Web Service Pengantar Teknologi Internet Introduction to Internet Technology.
Web Services Based on SOA: Concepts, Technology, Design by Thomas Erl MIS 181.9: Service Oriented Architecture 2 nd Semester,
Web Services Standards. Introduction A web service is a type of component that is available on the web and can be incorporated in applications or used.
XML Web Services Architecture Siddharth Ruchandani CS 6362 – SW Architecture & Design Summer /11/05.
1 Web Service Description Language (WSDL) 大葉大學資工系.
Chapter 10 Intro to SOAP and WSDL. Objectives By study in the chapter, you will be able to: Describe what is SOAP Exam the rules for creating a SOAP document.
WebService. Outline Overview of Web Services SOAP (messaging) WSDL (service description) UDDI (registry)
Copyright © 2013 Curt Hill SOAP Protocol for exchanging data and Enabling Web Services.
1 Web Services Web and Database Management System.
Introduction to Semantic Web Service Architecture ► The vision of the Semantic Web ► Ontologies as the basic building block ► Semantic Web Service Architecture.
Kemal Baykal Rasim Ismayilov
WSDL – Web Service Definition Language  WSDL is used to describe, locate and define Web services.  A web service is described by: message format simple.
1 G52IWS: Web Services Chris Greenhalgh. 2 Contents The World Wide Web Web Services example scenario Motivations Basic Operational Model Supporting standards.
Web Services Architecture Presentation for ECE8813 Spring 2003 By: Mohamed Mansour.
Introduction to Web Services Presented by Sarath Chandra Dorbala.
 Copyright 2005 Digital Enterprise Research Institute. All rights reserved. SOA-RM Overview and relation with SEE Adrian Mocan
SE 548 Process Modelling WEB SERVICE ORCHESTRATION AND COMPOSITION ÖZLEM BİLGİÇ.
Topics on Web Services COMP6017 Dr Nicholas Gibbins –
From Coulouris, Dollimore, Kindberg and Blair Distributed Systems: Concepts and Design Edition 5, © Addison-Wesley 2012 Slides for Chapter 9 Web Services.
Software Architecture Patterns (3) Service Oriented & Web Oriented Architecture source: microsoft.
Sabri Kızanlık Ural Emekçi
WEB SERVICES.
T Network Application Frameworks and XML Web Services and WSDL Sasu Tarkoma Based on slides by Pekka Nikander.
Introduction to Web Services
Web Ontology Language for Service (OWL-S)
Implementing a service-oriented architecture using SOAP
Web services, WSDL, SOAP and UDDI
WEB SERVICES From Chapter 19, Distributed Systems
Presentation transcript:

Fortified Web Services Contracts for Trusted Components Avi Jencmen Amiram Yehudai

Fortified Web Services Contracts for Trusted Components2 13/12/2005 Contents Web Services – An Introduction Software Contracts Problem Description Web Services Contracts  A Simple Example  Basic Level Contracts  Behavioral Level Contracts  Synchronization Level Contracts  QoS Level Contracts Proof Of Concept Outline Related Work Future Work

Fortified Web Services Contracts for Trusted Components3 13/12/2005 Web Services Defined 1 a software system designed to support interoperable machine-to-machine interaction over a network Other systems interact with Web Service using SOAP messages Web Service interfaces are described using WSDL 1 from Web services Architecture; World Wide Web Consortium, February 2004

Fortified Web Services Contracts for Trusted Components4 13/12/2005 Web Services Architecture Sem Requester Agent Provider Agent + + Requestor EntityProvider Entity Requestor Human Provider Human 4. Parties Interact 2. Parties Agree on Semantics & WSD 3. Input Semantics & WSD WSD Sem WSD + 1. Parties Discover Each Other

Fortified Web Services Contracts for Trusted Components5 13/12/2005 Actors Provider Entity  A person or organization that provides an appropriate agent to implement a particular service Provider Agent  A software agent that is capable of and empowered to perform the actions associated with a service on behalf of its owner Requester Entity  A person or organization that wishes to make use of a provider entity’s Web Service  Uses a requester agent to exchange messages with the provider entity’s provider agent Requester Agent  A software agent that wishes to interact with a provider agent in order to request that a task be performed on behalf of its owner

Fortified Web Services Contracts for Trusted Components6 13/12/2005 Vocabulary WSD  Machine-processable specification of the Web Service interface  Defines: Message formats Datatypes Transport protocols Transport serialization formats  Written in WSDL SEM  Shared expectation about the behavior of the service  The "agreement" regarding the purpose and consequences of the interaction  No standard language

Fortified Web Services Contracts for Trusted Components7 13/12/2005 Process Phases Discover  The requester entity somehow obtains both the Web Service description (WSD) and the associated semantics (SEM) of the service Agree  The requester and provider entities agree on the semantics and Web service description of the desired interaction Interact  The requester agent and provider agent exchange SOAP messages on behalf of their owners

Fortified Web Services Contracts for Trusted Components8 13/12/2005 Web Services Standards SOAP 1.2  An XML envelope Headers + Body  An HTTP binding SOAP is “transport independent”  A convention for doing RPC  An XML serialization format for structured data

Fortified Web Services Contracts for Trusted Components9 13/12/2005 The SOAP Envelope <SOAP-ENV:Envelope xmlns=" Header: A collection of zero or more SOAP header blocks Extension mechanism Body: Contains the messages to be passed between the agents

Fortified Web Services Contracts for Trusted Components10 13/12/2005 Software Contracts Relationship between a class and its clients as a formal agreement Expresses each party's rights and obligations Contract information can describe four different levels of interaction:  Basic level – Basic or syntactic contracts are required simply to make a system work  Behavioral level – Behavioral contracts, improve the level of confidence in a sequential context  Synchronization level – Synchronization contracts, improves confidence in distributed or concurrency contexts  QoS level – quality-of-service contracts, quantifies quality of service and are usually negotiable

Fortified Web Services Contracts for Trusted Components11 13/12/2005 The Four Levels of Contracts

Fortified Web Services Contracts for Trusted Components12 13/12/2005 Problem Description Web Services are a standard means to support interoperable machine-to-machine interaction They do not solve the problem of trust between service requesters and providers Thesis Goal: To provide a formal contract description language between the requester entity and the provider entity

Fortified Web Services Contracts for Trusted Components13 13/12/2005 A Simple Example A company (travel agent) wants to offer the ability to book complete vacation packages: plane/train/bus tickets, hotels, car rental, excursions, etc Service providers (airlines, bus companies, hotel chains, etc) are providing Web services to query their offerings and perform reservations Credit card companies are providing services to guarantee payments made by consumers

Fortified Web Services Contracts for Trusted Components14 13/12/2005 Basic Level Contracts Specify the methods, in/out parameters of the service as messages the service can receive Basic level contracts are typically implemented as the Web Service’s underlying object interface Interface TravelAgent { void enterDestination(in City destinationCity, in DateTime destinationDate); void setDestinationCity(in City destinationCity); void setDestinationDate(in DateTime destinationDate); FlightList getFilghts(); void chooseFlight(in Flight choosenFlight); }

Fortified Web Services Contracts for Trusted Components15 13/12/2005 WSDL 1.1 Definitions element at the root, and a collection of definitions inside The definitions structure includes six major elements:  types – provides data type definitions used to describe the messages exchanged  message – represents an abstract definition of the data being transmitted. A message consists of logical parts, each of which is associated with a definition within some type system  portType – is a set of abstract operations. Each operation refers to an input message and output messages  binding – specifies concrete protocol and data format specifications for the operations and messages defined by a particular portType  port – specifies an address for a binding, thus defining a single communication endpoint  service – is used to aggregate a set of related ports

Fortified Web Services Contracts for Trusted Components16 13/12/2005 WSDL 1.1 Structure * * * ? ? * * * ? * ? * Binding extensibility elements are used to specify the concrete grammar for the input (3), output (4), and fault messages (5) Per-operation extensibility elements (2) as well as per-binding extensibility elements (1)

Fortified Web Services Contracts for Trusted Components17 13/12/2005 Travel Agent Example Messages to be used in the TravelAgent Web service TravelAgentService Binding to SOAP The service element definition

Fortified Web Services Contracts for Trusted Components18 13/12/2005 Basic Level Contracts Architecture Requester Agent Provider Agent 2. Interact according to WSD 1. Agree on WSD WSD SOAP

Fortified Web Services Contracts for Trusted Components19 13/12/2005 Behavioral Level Contracts Specify an operation’s behavior by using Boolean assertions, called pre- and postconditions, for each service offered, as well as for class invariants Interface TicketBooking { Confirmation reserveSeats(in Flight choosenFlight, in int numOfSeats) { Require CorrectNumber: numOfSeats > 0 and numOfSeats < reservationLimit(); Ensure SeatsReserved: availableSeats() = – numOfSeats; } int availableSeats(in Flight choosenFlight); int reservationLimit(); }

Fortified Web Services Contracts for Trusted Components20 13/12/2005 WS-Policy Framework WS-Policy  A general-purpose model and corresponding syntax to describe and communicate the policies of a Web service WS-PolicyAttachment  An addendum to WS-Policy indicating how to attach policy assertions to an XML document (specifically to an WSDL document)

Fortified Web Services Contracts for Trusted Components21 13/12/2005 WS-Policy Structure wsse:Kerberosv5TGT wsse:X509v3 An Example Using Assertions from the WS-SecurityPolicy Language

Fortified Web Services Contracts for Trusted Components22 13/12/2005 WS-BehavioralContractPolicy Syntax

Fortified Web Services Contracts for Trusted Components23 13/12/2005 WS-BehavioralContractPolicy Example Precondition: numOfSeats > 0

Fortified Web Services Contracts for Trusted Components24 13/12/2005 Travel Agent Example Attaching Behavioral Policy to the WSDL file

Fortified Web Services Contracts for Trusted Components25 13/12/2005 Behavioral Level Contracts Architecture Requester Agent Provider Agent 3. Interact according to WSD & Behavioral Contract 2. Agree on WSD & Behavioral Contract WSDBEH CON + Discovery Service 1.a. 1.c. 1.b.Supply WSD & Behavioral Contract Criteria Obtain WSD and Behavioral Contract Info Return WSD and Behavioral Contract Info WSDBEH CON + WSDBEH CON + WSDBEH CON + WSDBEH CON +

Fortified Web Services Contracts for Trusted Components26 13/12/2005 Synchronization Level Contracts Specify the service behavior in a concurrent environment by indicating the coordination protocols it supports Interface TicketBooking { Confirmation reserveSeats(in Flight choosenFlight, in int numOfSeats) Synchronization Atomic; int availableSeats(in Flight choosenFlight) Synchronization Atomic; int reservationLimit(); }

Fortified Web Services Contracts for Trusted Components27 13/12/2005 WS-Coordination Framework WS-Coordination  Describes an extensible framework for providing protocols that coordinate the actions of distributed applications WS-AtomicTransaction  Provides the definition of the atomic transaction coordination type WS-BusinessActivity  Provides the definition of a business activity coordination type

Fortified Web Services Contracts for Trusted Components28 13/12/2005 WS-Coordination Framework Architecture

Fortified Web Services Contracts for Trusted Components29 13/12/2005 WS-SynchronizationContractPolicy Syntax

Fortified Web Services Contracts for Trusted Components30 13/12/2005 WS-SynchronizationContractPolicy Example Operation supporting only AtomicTransaction Protocol:

Fortified Web Services Contracts for Trusted Components31 13/12/2005 Travel Agent Example Adding Synchronization Policy to the WSDL file

Fortified Web Services Contracts for Trusted Components32 13/12/2005 Synchronization Level Contracts Architecture Requester Agent Provider Agent 4. Interact according to Contract 2. Agree on WSD & Synchronization Contract WSDSYN CON + WSDSYN CON + Discovery Service Coordination Service 1. Discover Service 3. Share Coordination Context Cxt WSDSYN CON +

Fortified Web Services Contracts for Trusted Components33 13/12/2005 QoS Level Contracts Specifies the obligation of a service provider to perform a service according to agreed-upon guarantees for IT-level service parameters (such as availability, response time and throughput) Interface TicketBooking { Confirmation reserveSeats(in Flight choosenFlight, in int numOfSeats) SLAParameter TransactionRate; }

Fortified Web Services Contracts for Trusted Components34 13/12/2005 WSLA Framework A framework for specifying and monitoring Service Level Agreements for Web Services

Fortified Web Services Contracts for Trusted Components35 13/12/2005 WSLA Structure

Fortified Web Services Contracts for Trusted Components36 13/12/2005 WS-QoSContractPolicy Example Transaction

Fortified Web Services Contracts for Trusted Components37 13/12/2005 Travel Agent Example Adding QoS Policy to the WSDL file

Fortified Web Services Contracts for Trusted Components38 13/12/2005 QoS Level Contracts Architecture Requester Agent Provider Agent 4. Interact according to Contract 2. Agree on Semantics & QoS Contact WSDQOS CON + WSDQOS CON + Discovery Service Coordination Service 1. Discover Service 3. Share Coordination Context Measurement Service Condition Evaluation Service Management Service SLA Services 5. Measure, Manage and Evaluate the Contract SLA WSDQOS CON +

Fortified Web Services Contracts for Trusted Components39 13/12/2005 POC Outline Requester Agent Provider Agent 3.b. Interact according to Contract Directory Service 1.b. Supply Contract Criteria 1.a. Obtain Contract Info 1.c. Return Contract Info CON Measurement Service Condition Evaluation Service Management Service SLA Service 4. Measure, Manage and Evaluate the Contract Discovery Service Contract Service Behavioral Contract Service Synchronization Contract Service QoS Contract Service 3.a. Share Coordination Context WSD CON + WSD CON + 2. Agree on Contract CON Cxt Coordination Service

Fortified Web Services Contracts for Trusted Components40 13/12/2005 POC Outline

Fortified Web Services Contracts for Trusted Components41 13/12/2005 Related Work WSOL (work from Carleton University, Ontario, Canada)  Web Service Offerings Language  Formal specification of multiple classes of service for one Web Service  Focus on QoS (a.k.a., non-functional) constraints OWL-S (w3c Member Submission by SRI International)  Semantic Markup for Web Services  Ontology for Web Services WSDL-S (w3c Member Submission by IBM)  Web Service Semantics  A mechanism to associate semantic annotations with Web services that are described using Web Service Description Language

Fortified Web Services Contracts for Trusted Components42 13/12/2005 Future Work Enforcement mechanism UDDI Contract Attachment Ontology for Web Service Contracts