DOCSLIB.ORG

Analysis on the Study of Qos-Aware Web Services Discovery

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Analysis on the Study of Qos-Aware Web Services Discovery JOURNAL OF COMPUTING, VOLUME 1, ISSUE 1, DECEMBER 2009, ISSN: 2151-9617 119 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ Analysis on the Study of QoS-Aware Web Services Discovery T. Rajendran and Dr. P. Balasubramanie Abstract— Web service technology has gained more important role in developing distributed applications and systems on the Internet. Rapid growth of published Web services makes their discovery more and more difficult. There exist many web services which exhibit similar functional characteristics. It is imperative to provide service consumers with facilities for selecting required web services according to their non-functional characteristics or QoS. The QoS-based web service discovery mechanisms will play an essential role in SOA, as e-Business applications want to use services that most accurately meet their requirements. However, representing and storing the values of QoS attributes are problematic, as the current UDDI was not designed to accommodate these emerging requirements. To solve the problems of storing QoS in UDDI and aggregating QoS values using the tModel approach. The aim is to study these approaches and other existing QoS tModel representation for their efficiency and consistency in service discovery. This paper discusses a broad range of research issues such as web service discovery or web service selection based on QoS in the E-Business domain. Index Terms— Quality of Service (QoS), UDDI, Web Services, Web Services Discovery. —————————— —————————— 1 INTRODUCTION ERVICE-Oriented Architecture (SOA) supports soft- vision calls for a seamless integration of business proc- Sware to be composed from services dynamically. The esses, applications, and Web services over the Inter- SOA is “an architecture that represents software func- net.Web service technology enables e-business and e- tionality as discoverable services on the network” [4]. commerce to become a reality. It has become a competi- SOA provides methods for systems development and tive tool of companies by reducing cost through fast, ef- integration where systems group functionality around fective, and reliable services to customers, suppliers, and business processes and package these as interoperable partners over the Internet. It enables more efficient busi- services. An SOA infrastructure allows different applica- ness operations via the Web and enhances business op- tions to exchange data with one another as they partici- portunities to companies. With the widespread prolifera- pate in business processes. Web Services form the core of tion of Web services, quality of service (QoS) will become e-business and hence, have experienced a rapid develop- a significant factor in distinguishing the success of service ment in the past few years. Web Services, which are based providers. Due to the dynamic and unpredictable nature on XML-based open standards, promise the interoperabil- of the Web, providing the acceptable QoS is really a chal- ity of various applications running on heterogeneous lenging task. Applications with very different character- platforms. They enable dynamic connections and automa- istics and requirements compete for scarce network re- tion of business processes within and across enterprises sources. Changes in traffic patterns, denial-of-service at- for enterprise application integration and business-to- tacks and the effects of infrastructure failures, low per- business integration. Building on the ubiquitous and formance of Web protocols, and security issues over the lightweight standards that are supported by major soft- Web create a need for Internet QoS standards. Often, un- ware vendors, Web services enable application integra- resolved QoS issues cause critical transactional applica- tion via the publishing of application's functionality as tions to suffer from unacceptable levels of performance services, as well as location and invocation of services degradation. With the growing popularity and an exten- over the Internet. sive deployment of Web services, the consumers of Web Web Services are based on a collection of standards services will rather want a means to distinguish QoS- and protocols that allow us to make processing requests aware Web services from QoS-unaware Web services. to remote systems by speaking a common, non- According to the specification designed by the World proprietary language and using common transport proto- Wide Consortium (W3C), QoS requirements for Web ser- cols such as HTTP and SMTP. The dynamic e-business vices include the following ten major requirements: per- formance, reliability, scalability, robustness, accuracy, ———————————————— integrity, accessibility, availability, interoperability and • T.Rajendran is an Assistant Professor cum Research Scholar, Department security. Given that the QoS-aware Web services can of Computer Science & Engineering, SNS College of Technology, Coimba- carry a higher business value than other Web services, the tore, Tamilnadu and India. • Dr.P.Balasubramanie is a Professor, Department of Computer Science & Web service providers and requesters would benefit from Engineering, Kongu Engineering College, Perundurai, Tamilnadu and In- this kind of services. Web services are new forms of dia. © 2009 Journal of Computing http://sites.google.com/site/journalofcomputing/ JOURNAL OF COMPUTING, VOLUME 1, ISSUE 1, DECEMBER 2009, ISSN: 2151-9617 120 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ Internet software which can be invoked using standard formed after the above matching step. Because different Internet protocols. Web Services, as it is defined by the service providers and requesters may use different lan- World Wide Web Consortium (W3C), is a software sys- guages [5], [6], [7], [8] and models [9], [10], [11],[12], [13] tem designed to support interoperable machine-to- for QoS advertisements and requirements, it is necessary machine interaction over a network. Web services interact to find a way for a system understanding different QoS with each other, fulfilling tasks and requests that, in turn, concepts in QoS descriptions. Besides that, different do- carry out parts of complex transactions or workflows. mains and applications may require different QoS proper- UDDI is a platform-independent, XML-based registry ties; therefore we need a more efficient and flexible for businesses worldwide to list them on the Internet. method to express QoS information. A study of Web ser- UDDI is an open industry initiative, enabling businesses vice discovery system is needed to explore existing tech- to publish service listings and discover each other and niques and to highlight the advantages and disadvan- define how the services or software applications interact tages of each system. over the Internet. UDDI defines a registry for service pro- The rest of the article is as follows. The section 2 intro- viders to publish their services. UDDI is like a registry duces the background of Web service model, the Web rather than like a repository. A registry contains only ref- services description languages and the UDDI registry erence information. WSDL is used to describe a web ser- with QoS. Section 3 provides the QoS requirements for vice’s capabilities and the interface to invoke it. A WSDL web services. Section 4 describes the area of web services document is self-describing so that a service consumer discovery. The section 5 presents the issues related to can examine the functionality of the web service at run- Web services Discovery with QoS, followed by the con- time and generate corresponding code to automatically clusion in the section 6. invoke the service. The interface definition (WSDL) speci- fies the syntactic signature for a service but does not spec- 2 WEB SERVICE MODEL ify any semantics or non-functional aspects.All these standards are XML-based (eXtensible Markup Language), In a Web service model, a service provider offers Web which allows applications to interact with each other over services which provide functions or business operations networks, no matter what languages and platforms they which can be deployed over the Internet, in the hope that are using. The two features, self-description and lan- they will be invoked by partners or customers; a Web guage- / platform-independence, distinguish web ser- service requester describes requirements in order to locate vices from other distributed computing technologies, like service providers. Publishing, binding, and discovering CORBA and DCOM. Web services are three major tasks in the model. Discov- Fundamentally, standards like WSDL can support ser- ery is the process of finding Web services provider loca- vice providers describe their services’ functionality tions which satisfy specific requirements. Web services through standard interfaces and advertise them in some are useless if they cannot be discovered. So, discovery is UDDI registries. When a service request is issued, avail- the most important task in the Web service model. The able Web service descriptions and the service request de- Web service model in Fig. 1 shows the interaction be- scription is matched together in order to find the services tween a service requester, service providers, and a service that can provide expected functionality (the matching discovery system. step). However, Web service functional descriptions are 1. The service providers offer Web services which not sufficient for service discovery process. There are sev- provide functions or business operations. They eral reasons for this fact. Firstly, a key advantage
Load more

Recommended publications
  • How to Use the IBM CMIS Authentication Methods Contents
    How to use the IBM CMIS authentication methods This tech note describes how to use the authentication methods supported with IBM CMIS. Contents Introduction .............................................................................................................................................. 1 Before You Start ........................................................................................................................................ 2 Using HTTP Basic Authentication .............................................................................................................. 2 Basic Authentication with Authorization Header ................................................................................. 2 Basic Authentication with an LTPA Token sent via an HTTP Cookie Header ........................................ 3 Using WS-Security Authentication ............................................................................................................ 4 LTPA Token sent via a SOAP Header ..................................................................................................... 4 Username Token sent via SOAP Header ............................................................................................... 5 Introduction There are two authentication methods supported with IBM CMIS: • HTTP Basic Authentication This option uses an HTTP header that contains an encoded username and password to authenticate clients. • WS-Security Authentication This option uses a WS-Security SOAP header to authenticate clients.
    [Show full text]
  • Extensible Access Control Markup Language (XACML) Version 1.0
    1 2 eXtensible Access Control Markup Language 3 (XACML) Version 2.0 4 OASIS Standard, 1 Feb 2005 5 Document Identifier: oasis-access_control-xacml-2.0-core-spec-os 6 Location: http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf 7 Editor: 8 Tim Moses, Entrust Inc. ([email protected]) 9 Abstract: 10 This specification defines version 2.0 of the extensible access-control markup language. 11 Status: 12 This version of the specification is an approved OASIS Standard within the OASIS Access 13 Control TC. 14 Access Control TC members should send comments on this specification to the 15 [email protected] list. Others may use the following link and complete the 16 comment form: http://oasis-open.org/committees/comments/form.php?wg_abbrev=xacml. 17 For information on whether any patents have been disclosed that may be essential to 18 implementing this specification, and any offers of patent licensing terms, please refer to the 19 Intellectual Property Rights section of the Access Control TC web page (http://www.oasis- 20 open.org/committees/tc_home.php?wg_abbrev=xacml). 21 For any errata page for this specification, please refer to the Access Control TC web page 22 (http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml). 23 The non-normative errata page for this specification is located at 24 www.oasis-open.org/committees/access-control. 25 Copyright © OASIS Open 2004-2005 All Rights Reserved. access_control-xacml-2.0-core-spec-os 1 February 2005 Copyright © OASIS Open 2004.
    [Show full text]
  • SAML Profiles
    EUROPEAN COMMISSION DIRECTORATE-GENERAL FOR HEALTH AND FOOD SAFETY General Affairs Information systems eHealth DSI Patient Summary and ePrescription SAML Profiles DOCUMENT VERSION 2.0.0 DATE 28/03/2017 STATUS Release Candidate Disclaimer "Release Candidate" versions are provided for evaluation/approval purposes only. Minor updates that benefit the document maturity are expected towards the "Production Release". Responsibility for the information and views set out in this document lies entirely with the authors. Reproduction is authorised provided the source is acknowledged. COVER AND CONTROL PAGE OF DOCUMENT Document old name: epSOS Architecture and Design EED DESIGN – epSOS SAML Profiles Document name: SAML Profile Distribution level*: PU Status: Release Candidate Author(s): eHealth DSI provider Organization: * Distribution level: PU = Public, PP = Restricted to other programme participants, RE = Restricted to a group specified by the consortium, CO = Confidential, only for members of the consortium. ABSTRACT This normative binding specifies the mapping of the eHealth DSI HP identity and treatment context claims onto the SAML 2.0. CHANGE HISTORY Version Date Status Changes From Review V 1.1 17/12/2013 Publish Fraunhofer FOKUS V2.0.0 28/03/2017 Remove all eHealth DSI provider references to epSOS and requirements TABLE OF CONTENTS 1 Introduction............................................................................................................................... 4 1.1 eHealth DSI Identity and Context Claims...........................................................................
    [Show full text]
  • Web Single Sign-On Authentication Using SAML
    IJCSI International Journal of Computer Science Issues, Vol. 2, 2009 41 ISSN (Online): 1694-0784 ISSN (Printed): 1694-0814 Web Single Sign-On Authentication using SAML Kelly D. LEWIS, James E. LEWIS, Ph.D. Information Security, Brown-Forman Corporation Louisville, KY 40210, USA [email protected] Engineering Fundamentals, Speed School of Engineering, University of Louisville Louisville, KY 40292, USA [email protected] Abstract In addition, there are problems for the external service Companies have increasingly turned to application service provider as well. Every user in an organization will need providers (ASPs) or Software as a Service (SaaS) vendors to to be set up for the service provider’s application, offer specialized web-based services that will cut costs and provide specific and focused applications to users. The causing a duplicate set of data. Instead, if the complexity of designing, installing, configuring, deploying, and organization can control this user data, it would save the supporting the system with internal resources can be eliminated service provider time by not needing to set up and with this type of methodology, providing great benefit to organizations. However, these models can present an terminate user access on a daily basis. Furthermore, one authentication problem for corporations with a large number of central source would allow the data to be more accurate external service providers. This paper describes the and up-to-date. implementation of Security Assertion Markup Language (SAML) and its capabilities to provide secure single sign-on Given this set of problems for organizations and their (SSO) solutions for externally hosted applications. Keywords: Security, SAML, Single Sign-On, Web, service providers, it is apparent that a solution is needed Authentication that provides a standard for authentication information to be exchanged over the Internet.
    [Show full text]
  • OASIS Response to NSTC Request for Feedback on Standard Practices
    OASIS RESPONSE TO NSTC REQUEST FOR FEEDBACK ON STANDARDS PRACTICES OASIS (Organization for the Advancement of Structured Information Standards) is pleased to respond to the request from the National Science and Technology Council's Sub-Committee on Standards published at 75 FR 76397 (2010), and extended by 76 FR 3877 (2011), for feedback and observations regarding the effectiveness of Federal agencies' participation in the development and implementation of standards and conformity assessment activities and programs. We have advised our own members about the Federal Register inquiry, in case they wish to respond. Of course, their opinions are their own, and this response does not represent the views of any members, but only the observations of OASIS professional staff. I. RESPONDENT'S BACKGROUND OASIS is one of the largest and oldest global open data standards consortia, founded in 1993 as SGML Open. OASIS has over 5000 active participants representing about 600 member organizations and individual members in over 80 countries. We host widely-used standards in multiple fields including • cybersecurity & access control (such as WS-Security, SAML, XACML, KMIP, DSS & XSPA) [/1], • office documents and smart semantic documents (such as OpenDocument, DITA, DocBook & CMIS) [/2], and • electronic commerce (including SOA and web services, such as BPEL, ebXML, WS-ReliableMessaging & the WS-Transaction standards) [/3] among other areas. Various specific vertical industries also fulfill their open standards requirements by initiating OASIS projects, resulting in mission-specific standards such as • UBL and Business Document Exchange (for e-procurement) [/4], • CAP and EDML (for emergency first-responder notifications) [/5], and • LegalXML (for electronic court filing data)[/6].
    [Show full text]
  • ICSOC Phd Symposium 2008
    Hamid Reza Motahari-Nezhad Farouk Toumani Yannis Velegrakis (Eds.) ICSOC PhD Symposium 2008 Co-located with 6th International Conference on Service Ori- ented Computing (ICSOC) Sydney, Australia, 1 December 2008 Proceedings Sponsor: IBM Research, USA Copyright c 2008 for the individual papers by the papers’ authors. Copying permitted for private and academic purposes. Re-publication of material from this volume requires permission by the copyright owners. Preface Service oriented computing (SOC) has rapidly transformed from a vision, in the beginning of the century, to realisation in paradigms such as Web services, Software-as-a-Service (SaaS) and cloud services. While this has provided the industry and practitioners with the opportunities for a new generation of products and services, it has brought forward a tremendous amount of challenges and open issues for researchers. The International Con- ferences on Service Oriented Computing (ICSOC) is a pioneering event for researchers, practitioners and industry leaders to discuss and share the success and achievements in this area. The ICSOC PhD Symposium, as part of the ICSOC conference, is an international forum for PhD students working in the broad areas of service computing, web services and ser- vice engineering to present and discuss emerging research problems and ideas on how to tackle these issues. The forum is intended to bring together PhD students and give them the opportunity to present and discuss their research in a constructively critical atmosphere. The symposium operates in a workshop format, giving PhD students an opportunity to showcase their research and providing them with feedback from senior international re- searchers and peer PhD students.
    [Show full text]
  • Modeling the Evaluation Criteria for Security Patterns in Web Service Discovery V.Prasath K.C.E.T, Department of IT S.Kumarapuram, Cuddalore India 607109
    ©2010 International Journal of Computer Applications (0975 – 8887) Volume 1 – No. 13 Modeling the Evaluation Criteria for Security Patterns in Web Service Discovery V.Prasath K.C.E.T, Department of IT S.Kumarapuram, Cuddalore India 607109. ABSTRACT of descriptions to various services that provide similar service Current trends in performing business-to-business transactions functionality. Automation of dynamic web service discovery is and enterprise application integration have been extended to the made viable by expression of domain specific knowledge [2] [4]. use of web service. With web services being accepted and Today’s systems, and the enterprises in which they reside, are so deployed in both research and industrial areas, the security related complex that even the most capable risk measurement tools are issues become important. Web services security has attracted the unlikely to yield risk values that are much better than rough attention of researchers in the area of security due to the proven indications of relative risk which, we should quickly add, is often fact that most attacks to businesses and organizations exploit web quite good enough in many situations. The problem is that the service vulnerabilities. The main goal of this research is to value of risk, whatever it turns out to be, is likely to be surrounded achieve security concept of the web service can be summarized to by a fairly large but unknown amount of uncertainty. This can this single value. In this paper, we evaluate common security create a dilemma for the decision-maker who must then decide patterns with respect to the STRIDE model of attacks by whether to invest in further safeguards, which will undoubtedly examining the attacks performed in different web services system.
    [Show full text]
  • GRA Reliable Secure Web Services Service Interaction Profile Version 1.2
    GRA Reliable Secure Web Services Service Interaction Profile Version 1.2 Table of Contents Acknowledgements ........................................................................................................................... v Document Conventions .................................................................................................................... vi 1. Introduction and Purpose ..............................................................................................................1 1.1. Profile Selection Guidance .....................................................................................................1 1.2. Usage ....................................................................................................................................1 1.3. Profiles, Standards, and Recommendations ...........................................................................2 1.4. Web Services Interoperability (WS-I) Reliable Secure Profile .................................................2 1.5. Reliable Secure Profile Usage Scenarios ................................................................................3 1.6. Transport Independent Messaging Protocol ...........................................................................3 2. Conformance Requirements ..........................................................................................................4 2.1. Conformance Targets ............................................................................................................4 2.2.
    [Show full text]
  • REST Web Service Description for Graph-Based Service Discovery
    REST Web Service Description for Graph-Based Service Discovery B Rosa Alarcon, Rodrigo Saffie, Nikolas Bravo( ), and Javiera Cabello Computer Science Department, Pontificia Universidad Catolica de Chile, Santiago, Chile [email protected], {rasaffie,ngbravo,jacabell}@uc.cl Abstract. Unlike WSDL/SOAP based services, REST services lack a widely accepted service description since it increases the coupling between clients and servers, hampering service evolution. In practice, REST services are described through informal, ad-hoc and semi- structured documents, often written in natural language, which wors- ens the level of coupling. Most of the few REST service descriptions currently proposed follow an operation-centric approach with unclear additional benefits for developers and consumers. We propose a service description model focused on hypermedia allowing the generation of a graph that captures state transitions in an activity layer;wealsocapture resource, transition, and response semantics in a semantic layer. Using graph queries we traverse the graph and facilitate service discovery and composition. The service model was implemented as Microdata-based annotations, and a JSON description. A prototype was developed using Neo4J, and a set of real Web APIs was chosen to illustrate our approach. 1 Introduction The Web is an Internet-scale distributed hypermedia that provides a uniform way of accessing information through embedding action controls within the infor- mation retrieved from remote sites (i.e. representations). These features have made possible for the Web to evolve from a content-distribution platform to an application platform, and nowadays, to a distributed services platform, where functionality can be integrated into new services for massive consumption.
    [Show full text]
  • SAML Integration
    CHAPTER 9 Configuring SSO Using SAML The Security Assertion Markup Language (SAML) is an XML based open standard data format for exchanging authentication and authorization information data between parties. SAML is implemented for Prime Service Catalog so that any other application integrating with Prime Service Catalog can use this as a means to provide Authentication and import person profile information from IDP. There are three key elements in SAML: • User—The client that is attempting to log-in to a service provider (Cisco Prime Service Catalog). • Identity Provider (IDP)—Typically a portal where the user logs in, it has the authority on a user's identity. It knows the user's username, password, and any groups/attributes. Note The Prime Service Catalog 12.0 release supports only one IDP connection to authenticate a user at login. • Service Provider (SP)—The application the user wishes to use. In this case, Cisco Prime Service Catalog. Caution You cannot configure both LDAP and SAML configured for SSO login in Prime Service Catalog. If you wish to use SAML SSO, the LDAP Login event must be manually disabled, failing which will lead to incorrect login behavior. To disable LDAP login, go to Administration > Directories > Events and click Edit for the Login event. Change the event status to Disabled and click Update. Log In Behavior Implementing single sign-on via SAML means that the sign in process and user authentication are handled entirely outside of Prime Service Catalog. Prime Service Catalog uses SAML as means of securely authenticating against an IDP; authorization is provided by Prime Service catalog.
    [Show full text]
  • Global Namespace Discovery Using a XRI Root-Of-Roots Assumed by ITU-T
    Geneva, 21 September 2007 Global Namespace Discovery using a XRI root-of-roots assumed by ITU-T Tony Rutkowski Chair, ITU-T IdM FG Requirements WG [email protected] XRI detail slides courtesy of Reed Drummond OASIS Extensible Resource Identifier (XRI) TC International http://xri.net/=drummond.reed Telecommunication Union Identity Discovery Requirements 5.3 Discovery of authoritative Identify Provider resources, services, and federations. A critical IdM challenge in the very dynamic and diverse world of network services and applications is discovering current authoritative sources for the four core IdM categories described above or the federations that are associated with enabling discovery and access of the relevant IdM resources. It is not enough for the IdM capabilities to exist, if a relying party has no means for knowing who and how to reach and interoperate with the authoritative resources for asserted identities treated in the sub-section below. Identity Discovery Provider(s) Query(ies) to discover Identity Resources Response(s) Fig. 9. Identity Management Discovery Services A very significant number of contributions and use-cases during the entire activity period of the Focus Group dealt with Discovery capabilities and associated requirements. Discovery capabilities seem to be widely recognized as one of the most significant needs and gaps – including a consensus that the challenge of providing effective Discovery capabilities are therefore an essential part of trusted Identity Management. Some federations and communities surrounding Open Identity protocols have developed partial solutions to meet discovery needs within the boundaries of their user communities. However, there are no current means for global or inter-federation discovery.
    [Show full text]
  • WEB SERVICES: PRINCIPLES and TECHNOLOGY Michael P
    WEB SERVICES: PRINCIPLES WEB SERVICES: PRINCIPLES AND TECHNOLOGY Michael P. Papazoglou “This book is one of the most comprehensive treatments of Web services I have seen. It covers the full gamut of concepts, principles, supporting technology and necessary infrastructure required to build a service-oriented architecture using today’s advanced standards. I highly recommend this book.” Dave Chappell: author, Enterprise Service Bus “This book, authored by one of the most respected experts in the Web services fi eld, is an invaluable reference for both academics and practitioners. Because of its rigor and completeness it is bound to become the defi nitive guide to Web services technologies.” AND Francisco Curbera: manager, Component Systems, IBM T.J. Watson Research Center TECHNOLOGY Web services represent the next generation of web-based technology. They allow new and improved ways for enterprise applications to communicate and integrate with each other and, as such, are having a profound effect on both the worlds of business and of software development. In this new book, Michael Papazoglou offers a comprehensive examination of Web services which gives you all you will need to know to gain a solid foundation in this area. This book will help you to understand: ● The nature of Web services – what they actually are ● The underlying concepts, principles, and methodologies of Web services ● The fundamental technologies that underpin the Web services paradigm ● How Web services are introduced into organizations, and how they are designed, deployed and used Michael P. Papazoglou Papazoglou Michael P. ● The key standards necessary for the development of Web services Web Services: Principles and Technology is suitable for computer science students and also for professionals who need an introduction to this area.
    [Show full text]