Team Cassis

Overall Objectives
Scientific Foundations
Application Domains
New Results
Contracts and Grants with Industry
Other Grants and Activities

Section: New Results

Verification for Service Oriented Computing

We have investigated several specific verification problems related to the composition of services including security issues and quality of service.

Towards An Automatic Analysis of Web Services Security

Participants : Tigran Avanesov, Yannick Chevalier, Mohamed Anis Mekki, Michaël Rusinowitch, Mathieu Turuani, Laurent Vigneron.

Automatic composition of web services is a challenging task. Many works have considered simplified automata models that abstract away from the structure of messages exchanged by the services. For the domain of security services (such as digital signing or timestamping) we propose a novel approach to automated composition of services based on their security policies [27] . The approach amounts to collecting the constraints on messages, parameters and control flow from the components services and the goal service requirements. A constraint solver checks the feasability of the composition, possibly adapting the message structure, while preserving the semantics, and displays the service composition as a message sequence chart. Moreover the resulting composed service can be verified automatically (in Dolev Yao model) for ensuring that it cannot be subject to active attacks from intruders. The services that are input to our system are provided in a declarative way using a high level specification language. The approach is fully automatic and we show on a case-study how it succeeds in deriving a composed service that is currently proposed as a product by a company.

Composition of Web Services

Participants : Christophe Ringeissen, Laurent Vigneron.

In collaboration with the project-team ECOO , we work on a framework for Web services composition, including both temporal and security aspects. In  [34] , a composition of services is represented as a product of automata. Our solution is based on the synthesis of a mediator in order to mimic the awaited composition. The compatibility of services is a key issue for the composition problem studied in  [35] .

We are also working on applying constraint programming techniques to the composition problem  [19] . In  [41] , we consider the provisioning problem of Web services. Our approach consists in instantiating a given abstract representation of a composite Web service by selecting the most appropriate concrete Web services. This instantiation is based on constraint programming techniques which allows us to match the Web services according to a given request. Our proposal performs this instantiation in a distributed manner, i.e., the solvers for each service type are solving some constraints at one level, and they are forwarding the rest of the request (modified by the local solution) to the next services. When a service cannot provision part of the composition, a distributed backtrack mechanism enables to change previous solutions (i.e., provisions). A major interest of our approach is to preserve privacy: solutions are not sent to the whole composition, services know only the services to which they are connected, and parts of the request that are already solved are removed from the next requests.

Access Control Policies for Web Services

Participant : Yannick Chevalier.

We focus on the problem of the dynamicity of access control, i.e. on their evolution over time. In order to devise a language for expressing access control policies we have abstracted the XACML standard to keep only a set of rules defining a static policy which is employed to decide whether an access is granted, and a dynamic policy expressing the changes in the access control system induced by users actions. This approach permits us to express in a simple language all concepts attached to access control. For this language, we have studied in  [23] the complexity of several decision problems related to access control, in particular: decide whether in a given state a set of actions is permitted; decide whether there is a sequence of states, and a sequence of sets of actions, such that each set of permissions can be granted in the final state of the sequence.

Controlling Access in Distributed Collaborative Editors

Participants : Asma Berregba, Abdessamad Imine.

One of the most challenging problems in Distributed Collaborative Editors (DCE) is how to balance the computing goals of collaboration and access control to shared information. In this work, we propose a reliable access control scheme that is well suited for DCE  [53] . We first define generic access control requests for manipulating linear objects, such as texts and HTML documents. To allow for dynamic policies, we use editing techniques to modify the access control policy. We show formally the correct concurrent behavior of every access control request with respect to editing requests. A prototype based on our concurrency control framework  [38] , [37] has been implemented for supporting the secure and collaborative editing of HTML pages. This prototype is deployed on P2P JXTA platform.

Formalising QoS of Web Services with Weighted Automata

Participants : Pierre-Cyrille Héam, Olga Kouchnarenko.

In  [36] , we focus on the identification of a relevant abstraction for the Web-services expression and verification of properties like substitutivity: When is it possible to formally accept or reject the substitution of a Web-service in a composition? This work uses max/plus automata to tackle this problem when considering a new factor – Quality of Service (QoS). Four notions of simulation -based substitutivity managing QoS aspects are proposed, and related complexity issues on max/plus automata are investigated. This work extends the previous work on trace -based substitutivity  [67] , where a translation from Web service BPEL/WSDL specifications extended with QoS into max/plus automata was given.

Web Services Validation

Participants : Fabrice Bouquet, Vincent Pretre.

In order to validate Web Services applications, we explore model-based testing methodologies combined with common criteria. The results of tests are used to compute a mark that qualifies the quality of web services operations. This solution is then integrated in a validation framework based on an UDDI server. In this framework, named iTac-QoS,Web Services are tested when they are declared to the UDDI server, and the obtained marks are supplied to customers looking for services. We propose an original approach to take into account the composition of Web services from their models as described in  [42] .


Logo Inria