Web Service Technologies. Introduction, Composition and Extensions

Web Service Technologies Introduction, Composition and Extensions

Overview Assignment Types Survey Paper Practicable Evaluation Position Paper Scopes Standards Theory and Practise

STANDARDS

Policy Negotiation and Enforcement with WS-policy? Study The concepts of Policy Negation and Negotiation Protocols The concepts of Policy Enforcement Survey Standards for Policies WS-Policy, WS-SecurityPolicy, WS-PolicyConstraints, etc. Give an overview of available implementations

Is Message-Level Security really Practicable? The Vision: study proposed WS-Security Standards WS-Security, XMLEncryption, XMLSignatures, etc. The Goal: propose a catalog of criteria to be supported E.g. Interoperability and Practicability The Reality: evaluate WS Frameworks for WS-Security Java Platform: Apache Rampart, J2EE, JAX-WS.NET Platform: MS WCF More

Does WS-AuthN support Single Sign-On for WS? Study The concepts of authentication (AuthN) for WS The concept of Single Sign On (SSO) The concept of claim-based security Survey Standards for AuthN and SSO WS-Security and modes: (e.g. HTTP, Basic, SAML, Kerberos, ) OpenID, LiveID, Give an overview of available implementations

Are Ws-AuthZ Architectures Really Interoperable? Study The concepts of authorization (AuthZ) for WS The security concepts for access controls The different architectures Survey Standards for AuthZ XAML OAuth Give an overview of available implementations

Reliable Messaging When (async) calling a WS: the client is not sure if tme message is received and the server is not sure if response is received. WS-ReliableMessaging implements a protocols that reliable deliveres SOAP messages between distributed applications in the presence of failures. Message Modes: AtLeastOnce, AtMostOnce, ExactlyOnce, and InOrder.

Do WS-Transaction Provide us with ACID Criteria? Does it make sense to enable ACID criteria of DBMS for WS? Atomic calls to a composite WS: when one of several steps fails, will all steps be rolled back? Consistency in a stateful WS: when failing calls may confuse the states, can we ensure that WS will be always in a consistent state? Can we enable isolation: when multiple WSes call the same WS, there won t be dirty data Will state changes be durable, when WS instance is shut down? Standards: WS-Transactions, WS-Coordination, WS-Business Activity, WS-Atomic Transaction

THEORY & PRACTISE

Battle field Web Services: Who has won the war SOAP or REST? Position Paper on the two competitive approaches for Web services SOAP: WSDL, UDDI, REST: WADL, What are their advantages and disadvantages? Can we do it more light-weight? Can we forget about standards?

Interoperability & Performance Evaluate and compare WS implementation with different frameworks Axis 2 (SOAP) Axis 2 (REST) JAX-WS Spring WS Benchmark: Compare execution performance of a WS call Interoperability: Validate interop of code- and contract first

Commercial WS Technologies: Billing Web Service Usages Most WS are use free of charge, however some valueadded service are billed? What Business Models are currently used for WS? Free, Freemium, Flat Rate, What standards can be used? WSLA

Enterprise Service BUS = Polymorphic Web Services? Study the concept of a Enterprise Service Bus (ESB) Study object-oriented concepts of polymorphy An ESB dispatches WS calls to the right WS implementation Is there a diamond problem 2.0? Name conflicts? Do WS need the inheritance concepts like OOP? Does the REST (of us) need ESBs? Position Paper that discusses similarities and differences?

Do Service Level Agreements Enable Serious Web Service? Can the current de-facto standards for service level agreements (SLAs) enable serious WS applications? Study de-facto standards in WS SLAs: WSLA, What frameworks help to enforce SLAs? SLA Negotiation SLA Monitoring and Enforcement SLA Violation Compensation

ADAPTIVITY AND CONTEXT- AWARENESS

How to adapt to changing conditions? Need to guarantee SALs in presence of QoS change E.g. use different services dynamically switching among them. Keep a runtime model of current QoS (E.g. Markow Chain) Update the model Use the model to guide decisions (feedback control) Study the existing frameworks and their features

Context-aware web services Recent research explored how to support contextawareness in web services. Devices Preferences Location Context-aware web services should gracefully operate under different context conditions. Adaptability Context combination Analysis of the existing techniques

COP in web services Context-oriented programming (COP): programming paradigm for context-aware applications Ad hoc, language-level abstractions AOP already proved useful in the WS world. AO4BPEL: An Aspect-Oriented Extension to BPEL. Crosscutting concerns in WS processes Context-awareness in a hot topic in WS What about introducing COP in WS?

Aspect-Oriented Workflow Languages Study WS- Composition with WS-BPEL Understand crosscutting problems in WS-BPEL workflows Study aspect-oriented concepts Compare different approaches of AOP for WS-BPEL AO4BPEL, COP,

Does WS-Eventing ENABLE Pluggable Enterprises? Architectures: Point-2-Point, Pub-Sub, Event-Driven History of WS-Events Standards: WS-Eventing, WS- Notifications, WS-BrokeredNotifications, WS-Topics, WS-EventDescriptions, Implementations of WS-Events