A pattern-driven process for secure service-oriented applications

Unknown Date

During the last few years, Service-Oriented Architecture (SOA) has been considered to be the new phase in the evolution of distributed enterprise applications. Even though there is a common acceptance of this concept, a real problem hinders the widespread use of SOA : A methodology to design and build secure service-oriented applications is needed. In this dissertation, we design a novel process to secure service-oriented applications. Our contribution is original not only because it applies the MDA approach to the design of service-oriented applications but also because it allows their securing by dynamically applying security patterns throughout the whole process. Security patterns capture security knowledge and describe security mechanisms. In our process, we present a structured map of security patterns for SOA and web services and its corresponding catalog. At the different steps of a software lifecycle, the architect or designer needs to make some security decisions. / An approach using a decision tree made of security pattern nodes is proposed to help making these choices. We show how to extract a decision tree from our map of security patterns. Model-Driven Architecture (MDA) is an approach which promotes the systematic use of models during a system's development lifecycle. In the dissertation we describe a chain of transformations necessary to obtain secure models of the service-oriented application. A main benefit of this process is that it decouples the application domain expertise from the security expertise that are both needed to build a secure application. Security knowledge is captured by pre-defined security patterns, their selection is rendered easier by using the decision trees and their application can be automated. A consequence is that the inclusion of security during the software development process becomes more convenient for the architects/designers. / A second benefit is that the insertion of security is semi-automated and traceable. Thus, the process is flexible and can easily adapt to changing requirements. Given that SOA was developed in order to provide enterprises with modular, reusable and adaptable architectures, but that security was the principal factor that hindered its use, we believe that our process can act as an enabler for service-oriented applications. / by Nelly A. Delessy. / Thesis (Ph.D.)--Florida Atlantic University, 2008. / Includes bibliography. / Electronic reproduction. Boca Raton, FL : 2008 Mode of access: World Wide Web.

Computer network architectures

Web servers--Management

Software engineering

Expert systems (Computer science)

Perspectives on belief and change

Aucher, Guillaume, n/a

January 2008

This thesis is about logical models of belief (and knowledge) representation and belief change. This means that we propose logical systems which are intended to represent how agents perceive a situation and reason about it, and how they update their beliefs about this situation when events occur. These agents can be machines, robots, human beings. . . but they are assumed to be somehow autonomous. The way a fixed situation is perceived by agents can be represented by statements about the agents� beliefs: for example �agent A believes that the door of the room is open� or �agent A believes that her colleague is busy this afternoon�. �Logical systems� means that agents can reason about the situation and their beliefs about it: if agent A believes that her colleague is busy this afternoon then agent A infers that he will not visit her this afternoon. We moreover often assume that our situations involve several agents which interact between each other. So these agents have beliefs about the situation (such as �the door is open�) but also about the other agents� beliefs: for example agent A might believe that agent B believes that the door is open. These kinds of beliefs are called higher-order beliefs. Epistemic logic [Hintikka, 1962; Fagin et al., 1995; Meyer and van der Hoek, 1995], the logic of belief and knowledge, can capture all these phenomena and will be our main starting point to model such fixed (�static�) situations. Uncertainty can of course be expressed by beliefs and knowledge: for example agent A being uncertain whether her colleague is busy this afternoon can be expressed by �agent A does not know whether her colleague is busy this afternoon�. But we sometimes need to enrich and refine the representation of uncertainty: for example, even if agent A does not know whether her colleague is busy this afternoon, she might consider it more probable that he is actually busy. So other logics have been developed to deal more adequately with the representation of uncertainty, such as probabilistic logic, fuzzy logic or possibilistic logic, and we will refer to some of them in this thesis (see [Halpern, 2003] for a survey on reasoning about uncertainty). But things become more complex when we introduce events and change in the picture. Issues arise even if we assume that there is a single agent. Indeed, if the incoming information conveyed by the event is coherent with the agent�s beliefs then the agent can just add it to her beliefs. But if the incoming information contradicts the agent�s beliefs then the agent has somehow to revise her beliefs, and as it turns out there is no obvious way to decide what should be her resulting beliefs. Solving this problem was the goal of the logic-based belief revision theory developed by Alchourrón, Gärdenfors and Makinson (to which we will refer by the term AGM) [Alchourrón et al., 1985; Gärdenfors, 1988; Gärdenfors and Rott, 1995]. Their idea is to introduce �rationality postulates� that specify which belief revision operations can be considered as being �rational� or reasonable, and then to propose specific revision operations that fulfill these postulates. However, AGM does not consider situations where the agent might also have some uncertainty about the incoming information: for example agent A might be uncertain due to some noise whether her colleague told her that he would visit her on Tuesday or on Thursday. In this thesis we also investigate this kind of phenomenon. Things are even more complex in a multi-agent setting because the way agents update their beliefs depends not only on their beliefs about the event itself but also on their beliefs about the way the other agents perceived the event (and so about the other agents� beliefs about the event). For example, during a private announcement of a piece of information to agent A the beliefs of the other agents actually do not change because they believe nothing is actually happening; but during a public announcement all the agents� beliefs might change because they all believe that an announcement has been made. Such kind of subtleties have been dealt with in a field called dynamic epistemic logic (Gerbrandy and Groeneveld, 1997; Baltag et al., 1998; van Ditmarsch et al., 2007b]. The idea is to represent by an event model how the event is perceived by the agents and then to define a formal update mechanism that specifies how the agents update their beliefs according to this event model and their previous representaton of the situation. Finally, the issues concerning belief revision that we raised in the single agent case are still present in the multi-agent case. So this thesis is more generally about information and information change. However, we will not deal with problems of how to store information in machines or how to actually communicate information. Such problems have been dealt with in information theory [Cover and Thomas, 1991] and Kolmogorov complexity theory [Li and Vitányi, 1993]. We will just assume that such mechanisms are already available and start our investigations from there. Studying and proposing logical models for belief change and belief representation has applications in several areas. First in artificial intelligence, where machines or robots need to have a formal representation of the surrounding world (which might involve other agents), and formal mechanisms to update this representation when they receive incoming information. Such formalisms are crucial if we want to design autonomous agents, able to act autonomously in the real world or in a virtual world (such as on the internet). Indeed, the representation of the surrounding world is essential for a robot in order to reason about the world, plan actions in order to achieve goals... and it must be able to update and revise its representation of the world itself in order to cope autonomously with unexpected events. Second in game theory (and consequently in economics), where we need to model games involving several agents (players) having beliefs about the game and about the other agents� beliefs (such as agent A believes that agent B has the ace of spade, or agent A believes that agent B believes that agent A has the ace of heart...), and how they update their representation of the game when events (such as showing privately a card or putting a card on the table) occur. Third in cognitive psychology, where we need to model as accurately as possible epistemic state of human agents and the dynamics of belief and knowledge in order to explain and describe cognitive processes. The thesis is organized as follows. In Chapter 2, we first recall epistemic logic. Then we observe that representing an epistemic situation involving several agents depends very much on the modeling point of view one takes. For example, in a poker game the representation of the game will be different depending on whether the modeler is a poker player playing in the game or the card dealer who knows exactly what the players� cards are. In this thesis, we will carefully distinguish these different modeling approaches and the. different kinds of formalisms they give rise to. In fact, the interpretation of a formalism relies quite a lot on the nature of these modeling points of view. Classically, in epistemic logic, the models built are supposed to be correct and represent the situation from an external and objective point of view. We call this modeling approach the perfect external approach. In Chapter 2, we study the modeling point of view of a particular modeler-agent involved in the situation with other agents (and so having a possibly erroneous perception of the situation). We call this modeling approach the internal approach. We propose a logical formalism based on epistemic logic that this agent uses to represent �for herself� the surrounding world. We then set some formal connections between the internal approach and the (perfect) external approach. Finally we axiomatize our logical formalism and show that the resulting logic is decidable. In Chapter 3, we first recall dynamic epistemic logic as viewed by Baltag, Moss and Solecki (to which we will refer by the term BMS). Then we study in which case seriality of the accessibility relations of epistemic models is preserved during an update, first for the full updated model and then for generated submodels of the full updated model. Finally, observing that the BMS formalism follows the (perfect) external approach, we propose an internal version of it, just as we proposed an internal version of epistemic logic in Chapter 2. In Chapter 4, we still follow the internal approach and study the particular case where the event is a private announcement. We first show, thanks to our study in Chapter 3, that in a multi-agent setting, expanding in the AGM style corresponds to performing a private announcement in the BMS style. This indicates that generalizing AGM belief revision theory to a multi-agent setting amounts to study private announcement. We then generalize the AGM representation theorems to the multi-agent case. Afterwards, in the spirit of the AGM approach, we go beyond the AGM postulates and investigate multi-agent rationality postulates specific to our multi-agent setting inspired from the fact that the kind of phenomenon we study is private announcement. Finally we provide an example of revision operation that we apply to a concrete example. In Chapter 5, we follow the (perfect) external approach and enrich the BMS formalism with probabilities. This enables us to provide a fined-grained account of how human agents interpret events involving uncertainty and how they revise their beliefs. Afterwards, we review different principles for the notion of knowledge that have been proposed in the literature and show how some principles that we argue to be reasonable ones can all be captured in our rich and expressive formalism. Finally, we extend our general formalism to a multi-agent setting. In Chapter 6, we still follow the (perfect) external approach and enrich our dynamic epistemic language with converse events. This language is interpreted on structures with accessibility relations for both beliefs and events, unlike the BMS formalism where events and beliefs are not on the same formal level. Then we propose principles relating events and beliefs and provide a complete characterization, which yields a new logic EDL. Finally, we show that BMS can be translated into our new logic EDL thanks to the converse operator: this device enables us to translate the structure of the event model directly within a particular axiomatization of EDL, without having to refer to a particular event model in the language (as done in BMS). In Chapter 7 we summarize our results and give an overview of remaining technical issues and some desiderata for future directions of research. Parts of this thesis are based on publication, but we emphasize that they have been entirely rewritten in order to make this thesis an integrated whole. Sections 4.2.2 and 4.3 of Chapter 4 are based on [Aucher, 2008]. Sections 5.2, 5.3 and 5.5 of Chapter 5 are based on [Aucher, 2007]. Chapter 6 is based on [Aucher and Herzig, 2007].

artificial intelligence

social aspects

expert systems (Computer science)

A reference architecture for holonic execution in manufacturing enterprises

Jarvis, Jacqueline

January 2007

On the basis of extensive practical experience in the development of agent-based systems for manufacturing execution and agent-based systems in general, a reference model for holonic execution known as HERA (Holonic Execution Reference Architecture) is developed. The model is characterised by a focus on holarchy - Koestler's Janus Effect (Koestler, 1967) is explicitly captured. However, the Holonic Manufacturing Systems (HMS) Consortium's view of a holon having an information processing part and a physical part (Brennan and Norrie, 2003) is also present. We refer to these parts as the behaviour and the embodiment respectively.

Holonics

BDI

Manufacturing execution

Expert systems (Computer science)

Establishment of a database for tool life performance

Vom Braucke, Troy S., tvombraucke@swin.edu.au

January 2004

The cutting tool industry has evolved over the last half century to the point where an increasing range and complexity of cutting tools are available for metal machining. This highlighted a need to provide an intelligent, user-friendly system of tool selection and recommendation that can also provide predictive economic performance data for engineers and end-users alike. Such an 'expert system' was developed for a local manufacturer of cutting tools in the form of a relational database to be accessed over the Internet. A number of performance predictive models were reviewed for various machining processes, however they did not encompass the wide range of variables encountered in metal machining, thus adaptation of these existing models for an expert system was reasoned to be economically prohibitive at this time. Interrogation of published expert systems from cutting tool manufacturers, showed the knowledge-engineered principle to be a common approach to transferring economic and technological information to an end-user. The key advantage being the flexibility to allow further improvements as new knowledge is gained. As such, a relational database was built upon the knowledge-engineered principle, based on skilled craft oriented knowledge to establish an expert system for selection and performance assessment of cutting tools. An investigation into tapping of austenitic stainless steels was undertaken to develop part of a larger expert system. The expert system was then interrogated in this specific area in order to challenge by experiment, the skilled craft oriented knowledge in this area. The experimental results were incorporated into the database where appropriate, providing a user-friendly working expert system for intelligent cutting tool selection, recommendation and performance data.

metal-cutting tools

data processing

expert systems (computer science)

industrial applications

Automated feature recognition system for supporting engineering activities downstream of conceptual design.

Jones, Timothy, Mechanical & Manufacturing Engineering, Faculty of Engineering, UNSW

January 2007

Transfer of information between CAD models and downstream manufacturing process planning software typically involves redundant user interaction. Many existing tools are process-centric and unsuited for selection of a "best process" in the context of existing concurrent engineering design tools. A computer based Feature-Recognition (FR) process is developed to extract critical manufacturing features from engineering product CAD models. FR technology is used for automating the extraction of data from CAD product models and uses wire-frame geometry extracted from an IGES neutral file format. Existing hint-based feature recognition techniques have been extended to encompass a broader range of manufacturing domains than typical in the literature, by utilizing a combination of algorithms, each successful at a limited range of features. Use of wire-frame models simplifies product geometry and has the potential to support rapid manufacturing shape evaluation at the conceptual design stage. Native CAD files are converted to IGES neutral files to provide geometry data marshalling to remove variations in user modelling practice, and to provide a consistent starting point for FR operations. Wire-frame models are investigated to reduce computer resources compared to surface and solid models, and provide a means to recover intellectual property in terms of manufacturing design intent from legacy and contemporary product models. Geometric ambiguity in regard to what is ?solid? and what is not has plagued wire-frame FR development in the past. A new application of crossing number theory (CNT) has been developed to solve the wire-frame ambiguity problem for a range of test parts. The CNT approach works satisfactorily for products where all faces of the product can be recovered and is tested using a variety of mechanical engineering parts. Platform independent tools like Extensible Mark-up Language are used to capture data from the FR application and provide a means to separate FR and decision support applications. Separate applications are composed of reusable software modules that may be combined as required. Combining rule-based and case-based reasoning provides decision support to the manufacturing application as a means of rejecting unsuitable processes on functional and economic grounds while retaining verifiable decision pathways to satisfy industry regulators.

CAD/CAM systems.

A knowledge-based approach for monitoring and situation assessment at nuclear power plants

Heaberlin, Joan Oylear

21 July 1994

An approach for developing a computer-based aid to assist in monitoring and assessing nuclear power plant status during situations requiring emergency response has been developed. It is based on the representation of regulatory requirements and plant-specific systems and instrumentation in the form of hierarchical rules. Making use of inferencing techniques from the field of artificial intelligence, the rules are combined with dynamic state data to determine appropriate emergency response actions. In a joint project with Portland General Electric Company, a prototype system, called EM-CLASS, was been created to demonstrate the knowledge-based approach for use at the Trojan Nuclear Power Plant. The knowledge domain selected for implementation addresses the emergency classification process chat is used to communicate the severity of the emergency and the extent of response actions required. EM-CLASS was developed using Personal Consultant Plus (PCPlus), a knowledge-based system development shell from Texas Instruments which runs on IBM-PC compatible computers. The knowledge base in EM-CLASS contains over 200 rules. The regulatory basis, as defined in 10 CFR 50, calls for categorization of emergencies into four emergency action level classes: (1) notification of unusual event, (2) alert, (3) site area emergency, and (4) general emergency. Each class is broadly defined by expected frequency and the potential for release of radioactive materials to the environment. In a functional sense, however, each class must be ultimately defined by a complex combination of in- plant conditions, plant instrumentation and sensors, and radiation monitoring information from stations located both on- and off-site. The complexity of this classification process and the importance of accurate and timely classification in emergency response make this particular application amenable to an automated, knowledge-based approach. EM-CLASS has been tested with a simulation of a 1988 Trojan Nuclear Power Plant emergency exercise and was found to produce accurate classification of the emergency using manual entry of the data into the program. / Graduation date: 1997

Trojan Nuclear Power Plant (Or.)

Nuclear power plants -- Risk assessment.

Expert systems (Computer science)

Wissensbasierte Auswertung von Anlagen-Planungsdaten für die Unterstützung des Prozessleittechnik-Ingenieurs : Anwendung einer rollenbasierten Mustersuche /

Schmidberger, Till.

January 1900

Originally presented as the author's Thesis--Helmut-Schmidt-Universität, Hamburg, 2008. / Includes bibliographical references.

Der Arbeitsplatzinhaber als Experte bei der Arbeitsplatzbewertung : dargestellt an der fliegerischen Tätigkeit der Bundeswehr /

Buld, Susanne.

January 2001

Thesis (doctoral)--Universität, Würzburg, 2000. / Includes bibliographical references (p. [269]-281).

Information fusion schemes for real time risk assessment in adaptive control systems

Mladenovski, Martin.

January 1900

Thesis (M.S.)--West Virginia University, 2004. / Title from document title page. Document formatted into pages; contains vii, 64 p. : ill. (some col.). Includes abstract. Includes bibliographical references (p. 63-64).

Decentralising the codification of rules in a decision support expert knowledge base

De Kock, Erika.

January 2003

Thesis (M. Sc.(Computer Science))--University of Pretoria, 2003. / Includes bibliographical references.