Section: New Results

Verification for Service Oriented Computing

We have investigated several specific verification problems related to the composition of services including security issues and quality of service.

Towards An Automatic Analysis of Web Services Security

Participants : Tigran Avanesov, Yannick Chevalier, Mohamed Anis Mekki, Michaël Rusinowitch, Mathieu Turuani, Laurent Vigneron.

Automatic composition of web services is a challenging task. Many works have considered simplified automata models that abstract away from the structure of messages exchanged by the services. For the domain of secured services (using e.g. digital signing or timestamping) we propose a novel approach to automated orchestration of services under security constraints. Given a community of services and a goal service, we reduce the problem of composing the goal from services in the community to a security problem where an intruder should intercept and redirect messages from the service community and a client service till reaching a satisfying state. This work has been pursued in the context of AVANTSSAR FP7 project.

Composition of Web Services

Participants : Christophe Ringeissen, Laurent Vigneron.

In collaboration with Olivier Perrin (LORIA) and Eric Monfroy (UTFSM Valparaíso, Chile), we are working on applying constraint programming techniques to the composition problem. Our approach consists in instantiating a given abstract representation of a composite Web service by selecting the most appropriate concrete Web services. This instantiation is based on constraint programming techniques which allows us to match the Web services according to a given request. Our proposal performs this instantiation in a distributed manner, i.e., the solvers for each service type are solving some constraints at one level, and they are forwarding the rest of the request (modified by the local solution) to the next services. When a service cannot provision part of the composition, a distributed backtrack mechanism enables to change previous solutions.

Controlling Access in Distributed Collaborative Editors

Participants : Asma Berregba, Abdessamad Imine.

Distributed Collaborative Editors (DCE) belong to a particular class of distributed systems that enables several and dispersed users to form a group for editing documents (e.g. Google Wave). To ensure data availability, the shared documents are replicated on the site of each participating user. Each user modifies locally his copy and then sends this update to other users. Controlling access in such systems is still a challenging problem, as they need dynamic access changes and low latency access to shared documents. In this work, we propose a flexible access control model where the shared document and its authorization policy are replicated at the local memory of each user [57] , [39] . To deal with latency and dynamic access changes, we use an optimistic access control technique in such a way that enforcement of authorizations is retroactive [29] . We show that naive coordination between updates of both copies can create security holes on the shared document, by permitting illegal modifications or rejecting legal modifications. A prototype based on our concurrency control framework has been implemented for supporting the secure and collaborative editing of HTML pages. This prototype is deployed on P2P JXTA platform.

Composition of services with constraints

Participants : Pierre-Cyrille Héam, Olga Kouchnarenko.

In [47] , we focus on the composition of Web services with constraints. The originality of our approach consists in modeling the services by Boolean automata, i.e. finite automata extended with parametric Boolean conditions. The use of Boolean automata and of their partially syncronized products allows us to provide a theoretical study for three service composition problems – the Valuation Decision problem, the Boolean Formula Decision problem, and the Boolean Formula Synthesis problem. New complexity results are established for these problems when considering both simulation-based and trace-based relations between automata.

Web Services Validation

Participants : Fabrice Bouquet, Vincent Pretre.

In order to validate Web Services applications, we explore model-based testing methodologies combined with common criteria. The results of tests are used to compute a mark that qualifies the quality of web services operations. This solution is then integrated in a validation framework based on an UDDI server. In this framework, named iTac-QoS Web Services are tested when they are declared to the UDDI server, and the obtained marks are supplied to customers looking for services. We propose an original approach to take into account the composition of Web services from their models as described in [21] .