Team Cassis

Overall Objectives
Scientific Foundations
Application Domains
New Results
Contracts and Grants with Industry
Other Grants and Activities

Section: New Results

Verification for Service Oriented Computing

We have investigated several specific verification problems related to the composition of services including security issues and quality of service.

Towards An Automatic Analysis of Web Services Security

Participants : Tigran Avanesov, Mohamed Anis Mekki, Michaël Rusinowitch, Mathieu Turuani, Laurent Vigneron.

Automatic composition of web services is a challenging task. Many works have considered simplified automata models that abstract away from the structure of messages exchanged by the services. For the domain of secured services (using e.g. digital signing or timestamping) we propose a novel approach to automated orchestration of services under security constraints. Given a community of services and a goal service, we reduce the problem of composing the goal from services in the community to a security problem where an intruder should intercept and redirect messages from the service community and a client service till reaching a satisfying state  [66]  [30] . This work has been pursued in the context of AVANTSSAR and NESSOS FP7 projects.

Composition of Web Services

Participants : Christophe Ringeissen, Laurent Vigneron.

In collaboration with Olivier Perrin (Score team) and Eric Monfroy (UTFSM Valparaíso, Chile), we are working on applying constraint programming techniques to the composition problem. Our approach consists in instantiating a given abstract representation of a composite Web service by selecting the most appropriate concrete Web services. This instantiation is performed in a distributed manner by analysing the current request, i.e., the solver of each service is solving some constraints at one level, and it forwards the rest of the request (modified by the local solution) to the next services. When a service cannot build part of the composition, a distributed backtrack mechanism enables to change previous solutions. Our event-based distributed framework is described in [55] .

Composition of Services with Constraints

Participants : Pierre-Cyrille Héam, Olga Kouchnarenko.

In [31] , we focus on the composition of Web services with constraints. The originality of our approach consists in modeling the services by Boolean automata, i.e. finite automata extended with parametric Boolean conditions. We give a theoretical analysis of three service composition problems – the Valuation Decision problem, the Boolean Formula Decision problem, and the Boolean Formula Synthesis problem. New complexity results are established for these problems when considering both simulation-based and trace-based relations between automata. To go further, we have been studying the mediator decision problem.

In addition, the substitutivity problem for component-/service-based systems has been studied when considering extra-functional properties, like QoS. For services modeled by weighted automata, in [44] , [20] four notions of simulation-based substitutivity managing QoS aspects are proposed, and related complexity issues on weighted automata are investigated. The substitutivity problem has been shown undecidable in general for bisimulation equivalence, but some decidable classes–important in practice–have been defined.

Controlling Access in Distributed Collaborative Editors

Participants : Asma Cherif, Abdessamad Imine.

We propose an access control model where a group of users can define access rights on a set of shared objects [37] . This model has been implemented as a middleware for collaborative editing systems based on logging mechanism where both the shared document and the access control policy are replicated at each collaborating site. It is difficult to manage the interleaving between document updates and policy administration which may lead to security holes. To deal with latency and dynamic access rights, we apply an optimistic access control technique in such a way that enforcement of authorizations is retroactive. A performance analysis shows the algorithm scales. We plan to extend our model to support delegation.

Since our access control model is based on logs to ensure convergence between all copies of shared objects and policies, we propose a garbage collection mechanism in order to reuse this model on mobile devices (e.g. iPhone) [47] with low storage capacities and high communication delays. Our solution consists in capturing a global view of the state of each log through the exchange of garbage messages: when all users have received all operations and thus have the same global view, their logs are cleaned.


Logo Inria