Degree project Challenges of Service Interchange in a cross cloud SOA Environment Author: Heiko Großkopf Supervisor: Prof. Dr. Welf Löwe External Supervisor: Prof. Dr. Andreas Heberle, University of Applied Sciences Karlsruhe Date: 2015-01-06 Course Code: 4DV01E, 60 credits Level: Master Department of Computer Science Abstract This Master’s Thesis examines and documents challenges relat- ed to the flexible interchange of web services within a cross- cloud Service Oriented Computing scenario (SOC). Starting with a theoretical approach, hypotheses are defined and processed to create testing scenarios for a practical exami- nation. Both examinations are used to identify possible chal- lenges. Next, encountered challenges are described, discussed and classified. Lastly, solution approaches to identified chal- lenges are presented. The solution approaches concern related topics, such as service standardization, semantic methods, heu- ristics, and security/trust mechanisms. Several approaches to different challenges are reviewed in this particular context, to present an overview for future research on the subject. It is remarkable that there will be more service standardiza- tion in the future, but to achieve full automation it will be, on the long run, necessary to evolve and adopt more sophisticated solution approaches such as semantic methods or heuristics. This work is embedded into the framework of a research co- operation between the Linnaeus University Växjö and the Uni- versity of Applied Sciences Karlsruhe. Results however are also applicable to other research scenarios. Keywords: Service Oriented Computing (SOC), SOA, Web services, Semantic web services, Service Interchange, Service Interoperability, Dynamic Binding, SOA Security, Trust II Table of Contents 1 Introduction ........................................................................................................... 1 1.1 Background and Motivation ............................................................................. 1 1.2 Central Objectives of this Work ....................................................................... 2 1.3 Approach and Overview ................................................................................... 2 1.4 Delimitation ...................................................................................................... 3 1.5 Outline .............................................................................................................. 3 2 Fundamentals of relevant Technologies .............................................................. 4 2.1 Service Oriented Computing ............................................................................ 4 2.2 Service Oriented Architecture (SOA) .............................................................. 4 2.3 Cloud Computing ............................................................................................. 6 2.4 Web Services .................................................................................................... 7 2.4.1 Basic Principles of SOAP Web Services .................................................... 7 2.4.2 Web Service Standards Stack ...................................................................... 9 2.4.3 WS-BPEL Basics ...................................................................................... 16 2.4.4 The Service Component Architecture (in JDeveloper) ............................. 17 2.5 RESTful Web Services ................................................................................... 18 2.6 Current State of Research and Research Context ........................................... 19 3 Conceptual Approach ......................................................................................... 21 3.1 Definition of Hypotheses ................................................................................ 21 3.2 Web Service Market Research Results ........................................................... 23 3.3 Definition of the Testing Scenarios ................................................................ 24 3.4 Requirements .................................................................................................. 26 3.4.1 Requirements for Services ........................................................................ 26 3.4.2 Requirements for ”semi-mockup” Services .............................................. 27 3.4.3 Requirements for the testing process ........................................................ 27 3.4.4 Further Requirements ................................................................................ 28 3.5 The Implementation Context .......................................................................... 28 3.6 The Implementation Approach ....................................................................... 29 3.7 An Example Scenario: Online Stock Brokerage Company ............................ 30 4 The Practical Examination of Service Interchange ......................................... 31 4.1 Specification of the Testing Process ............................................................... 31 4.2 Implementation and Identification of applicable Services ............................. 32 4.2.1 Self-defined “semi-mockup” Services ...................................................... 33 4.2.2 Xignite Global Quote (External Service) .................................................. 41 4.3 Service Interchange and Testing..................................................................... 47 4.3.1 Scenario 1: Same Interface, Same Service ................................................ 47 4.3.2 Scenario 2: Different Interface, Same Service .......................................... 48 4.3.3 Scenario 3: Different Interface, Related Service ....................................... 49 4.3.4 Scenario 4: Different Interface, Different Service .................................... 58 4.3.5 Scenario 5: Service Interchange within a composed Application ............. 58 4.4 Generalization of Identified Challenges ......................................................... 65 iii 5 Solution Approaches ........................................................................................... 69 5.1 Integration and Semantics .............................................................................. 69 5.1.1 Integration of heterogeneous Web Services .............................................. 69 5.1.2 Semantic Approaches of Service Integration ............................................ 72 5.1.3 Comprehensive Approaches to the Integration and Discovery of Web Services ..................................................................................................... 75 5.2 SOA Security .................................................................................................. 76 5.2.1 Basic SOA Security ................................................................................... 77 5.2.2 Authentication and Authorization ............................................................. 77 5.2.3 Confidentiality ........................................................................................... 78 5.2.4 Integrity and Non-Repudiation .................................................................. 79 5.2.5 Password Digest – One Time Passwords .................................................. 79 5.2.6 The Authentication System Kerberos ....................................................... 80 5.2.7 Security as a Service ................................................................................. 80 5.2.8 Security Policies ........................................................................................ 82 5.2.9 WS-SecurityPolicy .................................................................................... 82 5.3 Trust related SOA Security ............................................................................ 83 5.3.1 Different Approaches of Trust Evaluation ................................................ 83 5.3.2 A Trust Model for Service Certification ................................................... 84 5.3.3 End-to-End Security Approach ................................................................. 85 5.4 REST and BPEL ............................................................................................. 85 5.5 Evaluation of Hypotheses ............................................................................... 86 6 Conclusion ............................................................................................................ 89 6.1 Review ............................................................................................................ 89 6.2 Evaluation of Objectives ................................................................................ 89 6.3 Core Insights ................................................................................................... 89 6.4 Transfer of Insights to a Service Interchange Scenario .................................. 90 6.5 Possible Subjects for future Research ............................................................ 90 6.6 Future Outlook ................................................................................................ 90 6.7 Reflection on ethical and social Aspects of the examined Subject ................ 91 References ................................................................................................................. 93 Table of Figures ......................................................................................................