Download presentation
Presentation is loading. Please wait.
Published byAubrie Goulder Modified over 10 years ago
1
Aniketos project presentation Secure and Trustworthy Composite Services Wind – July 13 th,2012
2
Wind demo event – July 13 th, 2012 Contents Project overview Aniketos concepts Security and trust in service composition Application realms (industrial case studies) Aniketos platform Service lifecycle Capabilities: DT and RT Stakeholders Aniketos Demo Design of a trustworthy composite service
3
Wind demo event – July 13 th, 2012 Aniketos Project EU (FP7/2007-2013) funded project (grant no. 257930). The project includes 17 partners from 10 different European countries. Period: Aug 2010 – Jan 2014 (42 months duration). Aiming to achieve Provide service developers and providers with a secure service development framework that includes methods, tools and security services that supports the design-time creation and run-time composition of secure dynamic services, where both the services and the threats are evolving. See http://aniketos.eu for more info.http://aniketos.eu
4
Wind demo event – July 13 th, 2012 Aniketos Concepts Focusing on web services Services offered ‘in the cloud’ from multiple service providers. Aniketos plus and key challenges Constantly maintaining the security and trustworthiness in a service-oriented environment evolving in the cycle of designing, provisioning, delivering and using services. Security and trustworthiness Design Time (DT) service composition Run-Time (RT) service (re)composition Services will be designed according to organizational and business views. Service Provider(s) Service end user Trust ? Security ?
5
Wind demo event – July 13 th, 2012 Run-TimeDesign Time Aniketos Service lifecycle Service Providers Service Developers Compose Provide Service end users Invoke Adapt/Recompose Component change Change of threats Change of environment Discovery and composition support based on trustworthiness, security properties and metrics Trust and security monitoring Threat notification End user trust assurance and acceptance Identification of responsible party Self-protection Trust evaluation Security validation
6
Wind demo event – July 13 th, 2012 Platform Overview Service Developers Use community support (design, threat analysis) Service discovery & composition Ensure trust & security Service Providers Use community support (submit, threat notification) Monitor trust & security Perform adaptation Service end users Certification programme Single point of trust
7
Wind demo event – July 13 th, 2012 Design Time Service Composition
8
Wind demo event – July 13 th, 2012 Involved modules (1 of 2)
9
Wind demo event – July 13 th, 2012 Involved Modules (2 of 2) STS-tool: to express security needs and requirements on trustworthiness MTM will provide the mapping between security requirements specification (SRS) in the STS-model and existing BPMN. The output will be a security EABPM IdM: to use the framework the service designer must be authenticated SCF: to design service compositions using Marketplace for store/retrieval of atomic services Marketplace to support services discovery/announcement SCPM: to receive the composition plans from the SCF and return those ones that fulfill the trustworthiness requirement TM: to check for the level of trustworthiness
10
Wind demo event – July 13 th, 2012 Aniketos Case Studies SESAR Future telecom services eGovernance: land buying Air traffic service pool
11
Wind demo event – July 13 th, 2012 Future telecom services
12
Wind demo event – July 13 th, 2012 User story A1 The end user (Bob) owns a mobile device which is equipped with a GPS receiver and a presence enabled VoIP client when accessing the web portal of his TLC Operator. The services involved are: a. WebShop for general electronic commerce access; b. StoreLocator for making users choose the store where to pick up items selected; Bob accesses the WebShop application in order to purchase an electronic item he wishes. Bob requests the help of an assistant by starting a click- to-call VoIP communication The StoreLocator service gives users two options, 1)a manual selection of the pick-up stores that can be selected from an offered list; 2)letting StoreLocator service propose a list of closest stores. Converged SIP/HTTP application SIP servlets Application Server Platform He decides to purchase the item he was interested in …to collect Bob’s current position information and to generate maps and addresses of the stores which are closer to Bob Bob selects option 2) for automatic store localization. By doing so a service recomposition is started… 1 2 3 4 5 67 Bob is finally asked to confirm his mail address (that was retrieved through the IdP) to inform him when he can pick-up the purchased item
13
Wind demo event – July 13 th, 2012 User story A2 open AM HSS Presence enabler IMS - Telco Internet Resource layerAniketos layer Attribute Provider Enabler Provider IdM Provider atomic service User Profile REST Diameter SIP/XCAP OMA Enabler(s) atomic service Identity Provider composite web service -Bridging IMS and Internet identity -Single Sign On -Multi-factor authentication -IMS Service Exposure (e.g. user’s attributes and presence) Marketplace
14
Wind demo event – July 13 th, 2012 Aniketos Benefits Aniketos provides a powerful platform that will bring benefits to the main actors involved (and related stakeholders) Service Designers / Developers: to support the creation and the delivery of new innovative services. In general, these developments are commissioned and sponsored by projects funded by Service Providers. Service Providers: to enhance their portfolio of services and consequently increase the chance for incrementing revenues by attracting new customers or increasing customer retention. End Users: to increase the appeal for services that are intrinsically secure and reliable, having a single point-of-trust with a clear customer’s relationship. The exploitation of the project’s results is an important part of the project, since Aniketos set up 4 work packages dedicated to outreach: training, demonstration, communities and dissemination.
15
Wind demo event – July 13 th, 2012 Aniketos Market Segments Public market: on-line and social shopping but in general all e- Business environments that will offer and deliver services fulfilling security and trustworthiness constraints (i.e. Tourism, Banking, …) Industry: convergence of ICT and Telco domains, supporting the growing demand for new advanced services to be sold by Service Providers to their customers. Central and local government: public administrations will face the growing need for offering services to citizens in perfect synergy with the European directives. Given the nature and potential of the platform we could envisage a gradual introduction in the market either by adopting a pay-per-use mechanism or a periodic fee for Aniketos services offered by the Service Provider to its customers (PaaS could be a possible form of future commercialization).
16
Aniketos Demo: Design of a trustworthy composite service
17
Wind demo event – July 13 th, 2012 Demonstration goals Secure web service composition tools The demo aims to show the exploitation of the secure composition design time modules: STS-ml & tool: to express the trustworthiness as constraint over the atomic services involved in the composition Service Composition Framework: to build the business process to realize the composite service Application of the design time process to real example Screencast
18
Wind demo event – July 13 th, 2012 Composite service workflow Point of Interests Geocoding Weather forecast Map Web Page Info collector Aim: the Service Designer wants to create a service that takes in input a street address and shows on a web page some information related to the provided location.
19
Wind demo event – July 13 th, 2012 STS language & tool Brief introduction Tool application example Secure web service composition tools
20
Wind demo event – July 13 th, 2012 STS modelling language (STS-ml) Socio Technical Security modelling language (STS-ml) Consists of a set concepts that can be used to analyze security requirements for a wide range of applications (including Service Oriented Applications) Rationale Security should be investigated early in the development process Security requirements before security solutions/mechanisms Express security needs and requirements at organizational (business/operational) level, by modelling: Social/Technical actors and their goals Interactions among those actors in achieving goals Security requirements and trust properties that stakeholders express.
21
Wind demo event – July 13 th, 2012 STS-ml perspectives Interaction among stakeholders in achieving their goals Information (documents) and relationships Authorization granted for exchange and manipulate information List of security requirements derived from security needs expressed in the business view
22
Wind demo event – July 13 th, 2012 STS-tool utilization Scenario modelling steps i. Identify principal stakeholders (actors) ii. Identify and analyze the goals of each actor iii. Define interactions among the actors iv. Express the requirements on security and trustworthiness
23
Wind demo event – July 13 th, 2012 Design of a composite service that takes in input the geographical position (street address) of a user and shows in a webpage a set of informations A map showing the position Weather information Point of interests in the surroundings The Service Provider wants the service to be trustworthy, so he asks the Service Designer to exploit the tools from the Aniketos platform STS-tool for the specification of security requirements and trustworthiness Reference scenario: STS-tool utilization
24
Wind demo event – July 13 th, 2012 Design of InfoService (1 of 7) scope goal resource provision delegation i. Identify principal stakeholders (actors) ii. Identify and analyze the goals of each actor iii. Define interactions among the actors
25
Wind demo event – July 13 th, 2012 i. Identify principal stakeholders (actors) ii. Identify and analyze the goals of each actor iii. Define interactions among the actors Design of InfoService (2 of 7) scope goal decomposition resource
26
Wind demo event – July 13 th, 2012 Social View Design of InfoService (3 of 7)
27
Wind demo event – July 13 th, 2012 iv. Express the requirements on security and trustworthiness Design of InfoService (4 of 7) No-Repudiation Redundancy Trustworthiness constraint (tc) Re-delegation
28
Wind demo event – July 13 th, 2012 Information View Design of InfoService (5 of 7)
29
Wind demo event – July 13 th, 2012 Authorization View Design of InfoService (6 of 7) U: use M: modify P: produce D: distribute
30
Wind demo event – July 13 th, 2012 iv. Express the requirements on security and trustworthiness Design of InfoService (7 of 7) Re-delegation Non-disclosure Integrity Need To Know
31
Wind demo event – July 13 th, 2012 The STS-tool will generate SRS from the information contained in 3 views (business view) Automatic generation is supported by the tool Security Req Specs (SRS)
32
Wind demo event – July 13 th, 2012 Service Composition Framework (SCF) Tool application example Secure web service composition tools
33
Wind demo event – July 13 th, 2012 A service provider wants to offer a service that takes in input the geographical position of a user and shows in a webpage a set of information: A map showing the position Weather information Point of interests in the surroundings The service provider wants the service to be trustworthy, so he asks the service designer to exploit the tools made available through the Aniketos platform SCF tool is used in order to design the composite service Reference scenario: SCF utilization
34
Wind demo event – July 13 th, 2012 The trustworthiness value is evaluated by the Trustworthiness Prediction module (TM) and is a combination of: Cognitive trust of the user, based on the service and service provider reputation Non-cognitive trust, based on objective and measurable properties of the service such as QoS attributes (reliability, performance, availability). About trustworthiness in Aniketos…
35
Wind demo event – July 13 th, 2012 Service Composition Framework (SCF) The SCF is a design time module available in the Aniketos environment allowing a service designer to build executable composition plans To use the framework the service designer must be authenticated
36
Wind demo event – July 13 th, 2012 SCF: get started with BPMN modelling Once authenticated, the service designer can start the BPMN modelling
37
Wind demo event – July 13 th, 2012 BPMN model of InfoService From the description of the service in terms of functionality, the service designer decides to use different atomic services and compose them according to the BPMN drafted in the SCF editor
38
Wind demo event – July 13 th, 2012 The service designer is in charge of designing a composite service with a specific requirement on trusthworthiness value The trustworthiness requirement is expressed as a consumer policy (XML file) written in ConSpec grammar The file location is included in an extensionElements tag in the XML representing the BPMN BMPN annotated with trustworthiness requirement
39
Wind demo event – July 13 th, 2012 An excerpt of the resulting XML for the annotated BPMN is shown below: Annotated BPMN (1 of 2)
40
Wind demo event – July 13 th, 2012 SRS document is generated by the STS-tool BPMN model is generated by using the SCF tool MTM will process both informations to generate an annotated BPMN model (EABPMN) MTM not available at this stage of the project (mapping under development) Currently a manual intervention from the Service Designer is necessary Annotated BPMN (2 of 2)
41
Wind demo event – July 13 th, 2012 To make the composition plans the SCF has to bind real web services to the service tasks in the BPMN The binding process entails: Service discovery using the ServiceType as search filter The SCF shows the operations offered by the web services matching the request based on the ServiceType Selection of the specific operation the service designer wants to use in order to compose the InfoService If the same operation is offered by different atomic services the service designer will see just one operation Service discovery and selection of the service operation
42
Wind demo event – July 13 th, 2012 Discovery and selection: GeoCoding example (1/2)
43
Wind demo event – July 13 th, 2012 and selects getCoordinates ( ) Discovery and selection: GeoCoding example (2/2) The service designer discovers operations offered by GeoCoding type services ( ) 1 2 The service designer isn’t aware of how many web services offer that operation, it’s the SCF which will bind the different services to the service task when making composition plans
44
Wind demo event – July 13 th, 2012 Creation of composition plans Once the service designer has selected an operation for each service task the SCF is ready to create the composition plans When the service designer clicks on “Create composition plans” button, the SCF shows a set of functionally valid composition plans
45
Wind demo event – July 13 th, 2012 The SCF has created 12 composition plans: this is explained by the number of web services offering the same operation: Geocoding type: bound to 2 web services PointOfInterest type: bound to 3 web services WeatherForecast type: bound to 1 web services Map type: bound to 2 web services WebPageInfoCollector type: bound to 1 web services Thus the number of composition plans is 2 X 3 X 1 X 2 X 1 = 12 Composition plans created by the SCF
46
Wind demo event – July 13 th, 2012 The composition plans ensure functionality but do not consider the trustworthiness requirement The composition plans have to be checked against the requirements specified for the trustworthiness value This check is performed by the Secure Composition Planner Module which receives the composition plans from the SCF and returns those ones that fulfill the trustworthiness requirement Selection of trustworthy composition plans
47
Wind demo event – July 13 th, 2012 The SCPM invokes the Trustworthiness prediction module to evaluate the trustworthiness value for the set of composition plans received from the SCF The trustworthiness value of the composite service is evaluated by using the weakest link principle The Trustworthiness module evaluates the trustworthiness value for each service taking part in the composition The lowest value is returned as the trustworthiness value of the composite service Trustworthiness prediction for composite services
48
Wind demo event – July 13 th, 2012 When the service designer clicks on “Verify All” button the SCPM selects the composition plans that fulfils the trustworthiness requirement Trustworthy composite services In order to visualize the Trustworthiness value of the composition plans the service designer selects “Order By” Trustworthiness and clicks on “Order/Rank” button
49
Wind demo event – July 13 th, 2012 Last steps: upload and deploy The service designer selects one of the trustworthy composition plans and can upload the BPMN to an Activiti Engine Deploy it to a web application server
50
Wind demo event – July 13 th, 2012 Screencast (Demo summerSOC2012.avi) Presented at Summer School on Service Oriented Computing (SOC) – July 2-5, 2012 – Crete (Greece). Demo
51
Wind demo event – July 13 th, 2012
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.