Monitoring the monitor: an approach towards trustworthiness in service oriented architecture

Authors:
Mahantesh Hosamani;Harish Narayanappa;Hridesh Rajan
Affiliations:
Iowa State University;Iowa State University;Iowa State University
Venue:
2nd international workshop on Service oriented software engineering: in conjunction with the 6th ESEC/FSE joint meeting
Year:
2007

Citing 14
Cited 0

Preserving privacy in web services

Proceedings of the 4th international workshop on Web information and data management
Engineering a security kernel for Multics

SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Requirements monitoring in dynamic environments

RE '95 Proceedings of the Second IEEE International Symposium on Requirements Engineering
A secure and reliable bootstrap architecture

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Introduction: Service-oriented computing

Communications of the ACM - Service-oriented computing
Service -Oriented Computing: Concepts, Characteristics and Directions

WISE '03 Proceedings of the Fourth International Conference on Web Information Systems Engineering
Smart monitors for composed services

Proceedings of the 2nd international conference on Service oriented computing
RIFLE: An Architectural Framework for User-Centric Information-Flow Security

Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Service-Oriented Architecture: Concepts, Technology, and Design

Service-Oriented Architecture: Concepts, Technology, and Design
Run-time Monitoring of Requirements for Systems Composed of Web-Services: Initial Implementation and Evaluation Experience

ICWS '05 Proceedings of the IEEE International Conference on Web Services
Run-Time Monitoring of Instances and Classes of Web Service Compositions

ICWS '06 Proceedings of the IEEE International Conference on Web Services
Expressing and Reasoning about Service Contracts in Service-Oriented Computing

ICWS '06 Proceedings of the IEEE International Conference on Web Services
Design and implementation of a TCG-based integrity measurement architecture

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Language-based information-flow security

IEEE Journal on Selected Areas in Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

The key notion in service-oriented architecture is decoupling clients and providers of a service based on an abstract service description, which is used by the service broker to point clients to a suitable service implementation. A client then sends service requests directly to the service implementation. A problem with the current architecture is that it does not provide trustworthy means for clients to specify, service brokers to verify, and service implementations to prove that certain desired non-functional properties are satisfied during service request processing. An example of such non-functional property is access and persistence restrictions on the data received as part of the service requests. In this work, we propose an extension of the service-oriented architecture that provides these facilities. We also discuss a prototype implementation of this architecture and report preliminary results that demonstrate the potential practical value of the proposed architecture in real-world software applications.