A secure web service : Specification on how to implement a secure Web service in a health care environment

Bill, Andreas, Persson, Robert

January 2005

Background: With Web service growing popularity more and more companies chose to apply Web service in their organisation. With the rising usage of the concept the demands rise with it. For companies that deal with vulnerable information for example hospitals, there needs to be strong security measures taken. Purpose: The aim of the report is to examine different security functions that can help developers to secure Web service applications. The report will be written so that organisations such as health care organisation can get insight on how to use a secure Web services in their line of work. Method: One of the main methods used in this report is a qualitative hermeneutic way of thinking. The research process will apply Wallace’s model. The theoretical study is achieved with research on the subject through literature studies and published articles. Interviews that are used to gain knowledge are structured as quality orientated science surveys with semistandardised questions. Conclusions: We believe the time has come for hospitals to investigate if Web service can help their organization. In case they choose to use Web services, we advise them to follow Web service Security’s recommendations to produce a web service that is adapted to their security needs.

Web service

Security

XML

SOAP

UDDI

WSDL

Web service security

XML signature and XML encryption

SAML

Information Systems

Computação em nuvem elástica auxiliada por agentes computacionaise baseada em histórico para web services / Elastic cloud computing aided by history-based computacionaise agents to web service

Ariel da Silva Dias

15 December 2014

A gestão eficaz de recursos computacionais em nuvem está diretamente ligada a gerir corretamente o desempenho das aplicações hospedadas na Máquina Virtual (Virtual Machine - VM), criando um ambiente capaz de controlá-la e redimensionar recursos de Memória, Disco, CPU e outros que se façam necessários, individualmente em resposta a carga de trabalho. Neste trabalho considera-se também a gestão eficaz a qual é possível realizar o retorno sobre o investimento realizado para a contratação do serviço de IaaS. Nesta pesquisa de mestrado, foi proposto o gerenciamento da infraestrutura computacional em nuvem, através de dois modelos que facilitam o provisionamento auto-adaptativo de recursos em um ambiente virtualizado: alocação de recursos utilizando modelo para previsão da carga de trabalho futura e a gestão auto-adaptativa de capacidade utilizando agentes computacionais para monitorarem constantemente as VMs. Além disso, é proposto o retorno do investimento, que trata a relação entre o valor que o cliente contratou do serviço de IaaS e o quanto efetivamente ele está utilizando. Desta forma, a cada período é contabilizado a taxa do valor gasto em unidades monetárias. Para contemplar esta proposta, foram desenvolvidos algoritmos que são o núcleo de todo gerenciamento. Também foram realizados experimentos e os resultados mostram a capacidade do autogerenciamento das máquinas virtuais, com reconfiguração dinâmica da infraestrutura através de previsões baseadas em histórico e também da reconfiguração e monitoramento com o uso de agentes computacionais. Após a análise e avaliação dos resultados obtidos nos experimentos, é possível afirmar que houve uma significativa melhora da reconfiguração dos recursos com agentes computacionais se comparado a reconfiguração com previsão de carga futura. / The efficient management of computational resources in the cloud is directly linked to correctly manage the performance of the applications hosted in the virtual machine (Virtual Machine - VM), creating an environment able to control it and resize features Memory, Disk, CPU and others resources, individually in response to workload. This work is also considered effective management which is possible to realize the return on investment for hiring the IaaS service. This Master thesis, is proposed the management of computing infrastructure in the cloud, using two models that facilitate self-adaptive resource provisioning in a virtualized environment using resource allocation model to predict the future workload and adaptive self-management capacity utilizing computational agents to continuously monitor the VMs. Furthermore, it is proposed return on investment, which is the ratio between the value that the client hired the IaaS service and how effectively it is using. Thus, each period is accounted for the rate of the amount spent in monetary units. To address this proposal, were developed algorithms that are the core of all management. Experiments were also conducted and the results show the ability of self-management for virtual machines with dynamic reconfiguration of infrastructure through predictions based on historical and also the reconfiguration and monitoring with the use of computational agents. After the analysis and evaluation of the results obtained in the experiments, is possible say that there was a significant improvement in reconfiguration of resources with computational agents compared with the workload forecast.

Agentes computacionais

Computação autônoma

Computação em nuvem

Elasticidade

Web service

Autonomic computing

Cloud computing

Computationsl agents

Elasticity

Web service

A Broker based Web Service Allocation Mechanism

Alwagait, Esam Abdullah K

02 November 2011

Los servicios web son considerados por la industria y la investigación de facto por proporcionar funcionalidad de forma distribuida que sea usable en entornos heterogéneos. En pocas palabras, los servicios web son funcionalidad empaquetada que se basa en un conjunto de estándares que facilitan la definición de los métodos de los servicios web, sus números y formatos de entrada, así como sus números y formatos de salida. En combinación con la replicación, los servicios web pueden proporcionar soluciones de optimización del rendimiento a un número ilimitado de aplicaciones de negocio de la vida real. Sin embargo, cuando se habla de replicación es necesario plantearse cómo asignar o elegir las réplicas para proporcionar el mejor rendimiento posible. Esta tesis está dedicada a responder a esta pregunta. La tesis se titula "Un mecanismo de asignación de servicios web basado en Broker" donde un paradigma de ejecución (Proteus) es presentado, y varios algoritmos de asignación son también presentados, examinados y analizados para mostrar el óptimo. La tesis se centra en el componente broker del paradigma de ejecución. Este componente tiene embebido el algoritmo de asignación. Por otra parte, la tesis se centra en el Algoritmo de menor tiempo de servicio (LRT), el cual funciona asignando las réplicas del servicio web que proporcionan un tiempo de respuesta más rápido. La tesis ofrece todo el trabajo de fondo necesario, así como toda la investigación relacionada. Contiene una parte simulada, así como una descripción de un sistema de la vida real (Proteus). Contiene también una sección dedicada a analizar los resultados de los registros de ejecución y analizar las diferentes variaciones de los entornos (homogéneos y heterogéneos), el número de replicas y el nivel de paralelismo. Los registros son examinados y las conclusiones expuestas. / Alwagait, EAK. (2011). A Broker based Web Service Allocation Mechanism [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/12500 / Palancia

Web service

Replicated web services

Allocation algorithms

Web service execution framework

Least response time

BIBLIOTECONOMIA Y DOCUMENTACION

Track the number of people in a premises in real time / Spåra antalet personer i en lokal i realtid

Heidar, Hamza

January 2022

Det har blivit allt vanligare att inomhusverksamheter vill kunna bevaka antalet personer som befinner sig i deras lokaler. Att manuellt räkna antalet personer eller att använda sig utav rörelsesensorer har olika nackdelar. På grund av den anledningen är det lämpligt att utforska andra tekniska och mer automatiserade lösningar, som använder sig utav enkla komponenter. Litteraturstudien gav en förståelse om bildanalys och vilka tekniska verktyg som kan användas för att analysera bilder. Amazon Rekognition och OpenCV är två av de verktyg som användes för att kunna bygga en prototyp, som kan räkna antalet personer i en lokal i realtid. Resultatet visade att en lösning med OpenCV inte är möjlig, med de kunskaper litteraturstudien gav. Resultatet ifrån Amazon Rekognition indikerar att det är möjligt att räkna antalet personer med väldigt hög noggrannhet och precision. Precis som att en människa kan bli distraherad, kan även prototypen missa enstaka personer. Amazon Rekognition kunde även särskilja människor ifrån andra objekt, vilket en rörelsesensor inte kan göra. Resultatet visade även fåtal brister så som dålig responstid, men dessa brister hade kunnat åtgärdas ifall mer tid återstod. / It has become increasingly common for indoor businesses to be able to monitor the number of people who are in their premises. Manually counting the number of people or using motion sensors has various disadvantages. For this reason, it is advisable to explore other technical and more automated solutions, which use simple components. The literature study provided an understanding of image analysis and the technical tools that can be used to analyze images. Amazon Recognition and OpenCV are two of the tools used to build two prototypes that can count the number of people in a room in real time. The results showed that a solution with OpenCV is not possible, with the knowledge the literature study provided. The result from Amazon Recognition indicates that it is possible to count the number of people with very high accuracy and precision. Just as a human being can be distracted, the prototype can also miss individual people. Amazon Recognition could also distinguish people from other objects, which a motion sensor cannot do. The results also showed a few shortcomings such as poor response time, but these shortcomings could have been remedied if more time remained.

Person counter

image recognition

Amazon Web Service

automation

Personräknare

bildigenkänning

Amazon Web Service

automatisering

Computer and Information Sciences

Data- och informationsvetenskap

Seleção de serviços web em composições coreografadas / Web services selection in choreographed compositions

Oliveira, Patricia Araujo de

30 June 2014

Seleção de serviços em composições distribuídas considera principalmente a qualidade de serviço que atenda requisitos estabelecidos pelo usuário, como por exemplo, preço. No entanto, problemas relacionados a execução de composições de serviços podem ocorrer quando não se considera aspectos relacionados à rede e ao hardware, que afetam diretamente o desempenho da composição. Esse problema se agrava em composições coreografadas, pois a característica descentralizada requer um maior esforço para que essas informações possam ser consideradas em uma perspectiva global. Dessa forma, apesar da descentralização apresentar vantagens, é necessário que requisitos de qualidade de serviço da composição também sejam considerados em coreografias de serviços web para que a escolha de serviços para desempenhar um papel leve em consideração parâmetros importantes que podem afetar no desempenho da composição. Este trabalho apresenta um mecanismo, implementado sobre o framework OpenKnowledge, para selecionar serviços web em ambientes coreografados considerando primeiramente estimativas de atraso, taxa de perda e por fim considera a utilização de outros parâmetros, como utilização de CPU. Os primeiros experimentos em diferentes cenários de rede confirmaram as vantagens da proposta em relação a um seletor de serviços que ignora aspectos relacionados com a rede. Obteve-se ganhos de 20 a 97% no que diz respeito ao tempo total da execução da coreografia. Em seguida, experimentos inserindo utilização de CPU na escolha dos serviços confirmaram as vantagens de utilização de diferentes parâmetros para seleção de serviços em coreografias. / Selection of services in distributed compositions mainly considers the quality of service that meets requirements set by the user, such as price. However, problems related to the execution of service compositions may occur when aspects related to network and hardware, which directly affect the performance of the composition, are not taken in consideration. This problem is aggravated in choreographed compositions because the decentralized feature requires a greater effort so that this information may be considered in a global perspective. Thus, despite the decentralization advantages, it is necessary that the service quality requirements of the composition may also be considered in the choreography of web services so that the choice of services may play a role that takes into account important parameters, which can affect the performance of the composition. This dissertation presents a mechanism, implemented on the OpenKnowledge framework, to select web services in choreographed environments. First, considering delay estimates, loss rate and finally the use of other parameters, such as CPU utilization. The first experiments on different network scenarios confirmed the proposal advantages in relation to a selection mechanism that bypasses aspects of the network. It was obtained gains from 20% to 97% considering the total time of execution of the choreography. Then, experiments inserting CPU utilization in the choice of services confirmed the advantages of using different parameters for selection of services in choreography.

Composição de serviços web

Computação orientada a serviços

Coreografia de serviços web

Seleção de serviços web

Service-oriented computing

Web service choreography

Web service selection

Web services composition

Contributions à la description et la découverte de services web sémantiques / Contributions to semantic web services description and discovery

Chabeb, Yassin

23 November 2011

Les travaux de recherche menés autour de la description de services Web utilisent de plus en plus des modèles sémantiques pour fournir une représentation interprétable automatiquement. Toutefois, nous avons décelé des lacunes dans les approches sémantiques actuelles qui engendrent ambiguïté et non pertinence au niveau de l’appariement et de la découverte de services Web. Pour remédier à ces lacunes nous proposons des contributions à la description et à la découverte de services Web sémantiques. En ce qui concerne la description de services, nous avons défini un langage basé sur une recommandation W3C. En plus d’une annotation métier sémantique des éléments d’un service, notre principale contribution à la description sémantique consiste à spécifier la nature de ces annotations en utilisant une ontologie technique que nous avons définie. Cette ontologie met en relation plusieurs concepts sémantiques de services Web que nous avons identifiés dans des approches existantes et intègrera d’autres concepts qu’on définira ultérieurement sans pour autant modifier notre langage de description ou nos techniques d’appariement associées. Nous avons également défini un algorithme d’appariement entre une requête de service et les descriptions des services publiés. Cet algorithme se base sur un appariement entre éléments d’une requête et un service publié et trois techniques d’agrégation des résultats d’appariements élémentaires. L’algorithme tire avantage de la description sémantique que nous avons définie. Il a été mis en œuvre dans un annuaire de services Web sémantiques et a été également comparé aux algorithmes de référence. Les expérimentations montrent clairement l’efficacité de notre approche en termes de temps de réponse et de précision / Researches conducted around Web service description use more and more of semantic models to provide an automatically interpretable representation. However, we identified gaps in current approaches that generate semantic ambiguity and impertinence at Web service matching and discovery. To address these shortcomings we propose contributions about semantic Web service description and discovery. As for the Web services description, we have defined a language based on a W3C Recommendation. In addition to a semantic business annotation of service components, our main contribution about the semantic description is to specify the nature of these annotations using a technical ontology that we have defined. This ontology merges several semantic concepts of web services that we identified in existing approaches and may include other concepts that can be defined later without changing our description language or our matching techniques. We also defined a matching algorithm between a service request and published service descriptions. This algorithm is based on matching between elements of a service request and descriptions of published services. This matching is may be computed by three aggregation techniques of the results of those elements’ matching. The algorithm takes advantage of the semantic description we have defined. It was implemented in a semantic web services registry and was also compared to referenced algorithms. The experiments clearly demonstrate the effectiveness of our approach in terms of response time and precision

Services web sémantiques

Description de services web

Découverte de services web

Matching de services

Ontologie

Semantic web services

Web service description

Web service discovery

Semantic matching

Ontology

Web Service Testing For Domain Specific Web Service Discovery Framework

Utku, Selma

01 February 2012

The reliability of web services is important for both users and other service providers, with which they are in interaction. Thus, to guarantee reliability of the web services that are invoked and integrated at runtime, automatic testing of web services is needed. In web service testing, different test cases for web services are generated. The most important issue is to generate the most appropriate value for input parameters of web services at runtime. In this thesis, we developed a method for automatic web service testing that uses semantics dependency-based and data mutation-based techniques to analyze web services and generate different test cases. Thus, we both check whether the services function correctly by generating appropriate input values from different data sources and check robustness of web services by generating random and error-prone data inputs. With respect to the behaviors of web services, the test values are calculated and saved to the database for each web service.

Kostenlose Web-Services zur Erstellung von Special Interest Netzwerken

Börgermann, Chris, Frank, Erik, Lackes, Richard

22 May 2014

Online Communities verzeichnen seit einiger Zeit ein rasantes Wachstum. Diese Entwicklung führt zunehmend dazu, dass die Portale für bestimmte Personengruppen wichtige Funktionalitäten nicht zu Verfügung stellen können oder die Nutzer durch eine Vielzahl für sie unnötiger Funktionen überfordert werden. Als Ergebnis dieser Erfahrungen zwischen Datenflut und Überforderung durch die ansteigende Komplexität der Bedienung auf der einen Seite und Informationsmangel und fehlender Funktionalität auf der anderen Seite, begründen Gemeinschaften spezialisierte Online-Communities. Der vorliegende Artikel liefert dazu einen State-of-the-Art Überblick kostenfreier Online-Services zur Erstellung sozialer Netwerke und vergleicht sie in Hinblick auf Kollaboration und Kommunikation, Datenschutz, Kontaktmanagement, Anpassbarkeit und Administrierbarkeit.

Konferenz

GeNeMe 2010

Neue Medien

Netzwerk

Web-Service

Special-Interest-Netzwerke

conference

new media

online community

network

web service

special interest network

ddc:330

rvk:QR 760

A framework for Automatic Web Service Composition based on service dependency analysis

Omer, Abrehet Mohammed

11 July 2011

The practice of composing web services has received an increasing interest with the emerging application development architecture called Service Oriented Architecture (SOA). A web service composition can be done either manually or (semi-) automatically. Doing composition (semi-) automatically minimizes runtime problems that arise due to dynamic nature of runtime environments. However, the implementation of (semi-) automatic composition demands for the automation of a process model or a composition plan generation process. In addition, creating a composite service or applications from component services, that are developed and meant to work independently, causes unavoidable dependencies among the services involved. Consequently, in a composite service development, understanding, analyzing and tracking of such dependencies becomes important. This thesis views the process model generation sub-task of a service composition as a service dependency identifification and analysis problem. In this thesis, we propose a dependency based automatic process model generation methods. For this purpose, the following issues are explored. First, a top layer architecture with a composition engine is developed. The architecture gives a complete picture of dependency based automatic service composition. Second, the process model generation sub-task is formulated as a service dependency identification and analysis problem. Third, a two-stepped method for automatic process model generation, given a set of candidate web service descriptions, is proposed. The first step of the proposed approach deals with the identifification of potential direct and indirect dependencies between abstract services. The direct dependency extraction is done by assuming a semantic I/O matching of service parameters. The extraction of indirect dependency from direct dependency is done using a recursive algorithm derived from the transitive closure property. Alternatively the Warshall algorithm is used. The second step of the proposed approach deals with analysis of dependency information and generation of process model (PM) automatically. To execute this step, we propose two approaches: matrix based and graph based approaches. The matrix based approach utilizes both direct and indirect dependencies. This approach represents dependencies using matrix and takes advantages of a sorting algorithm. The matrix representation facilitates a simplistic mathematical dependency analysis for generating important indicators during automatic process model creation. The process model is generated using a sorting algorithm that uses the analysis result obtained from the dependency matrix as sorting criterion. The graph based approach uses only direct dependency among candidate services. As its name indicates, in this approach the extracted I/O dependencies are represented using a directed graph. A modifified topological sorting algorithm is used for generating a process model that shows the execution order of candidate services. Both of the proposed approaches (matrix and graph based approaches) recognize the existence of cyclic dependencies and provide ways of dealing with them. The resulting process model or composition plan from both approaches has a sequential, concurrent and loop control flows. Finally, the performance of the proposed approaches is studied theoretically as well as experimentally. For the experimental validation and evaluation purpose, the approaches are implemented in a prototype that facilitates the validation and evaluation of the approaches at a larger scale. An extensive experimental performance evaluation is done fifirst on each proposed approach. The two approaches are then compared and their pros and cons under difffferent scenarios are assessed.

Web-Service

automatischen Service-Komposition

Service-Abhängigkeiten

zyklische Abhängigkeit

web service

automatic service composition

service dependency

cyclic dependency

ddc:004

rvk:ST 252

INCA: um serviço de segurança para ambientes de ensino colaborativos

Gualberto, Thiago de Medeiros

01 August 2009

Made available in DSpace on 2016-06-02T19:05:47Z (GMT). No. of bitstreams: 1 3369.pdf: 5124058 bytes, checksum: f95c0582bf0ec98704f3cd74c73fbeaa (MD5) Previous issue date: 2009-08-01 / Financiadora de Estudos e Projetos / Research efforts on e-Learning systems have mainly focused on the provision of learning contents for users, but these efforts have not considered security requirements in the implementation of such systems. However, threats to security may not be neglected, as these applications are usually built using heterogeneous, distributed and open architectures. This feature may make these systems vulnerable to ill-intentioned users. This work presents the INCA (Integrity, Non Repudiation, Confidentiality and Authenticity), a service that provides security through the technology of Web Services and aims at meeting the security requirements of e- Learning environments developed in different architectures and programming languages. The use of web services to provide security in e-Learning environments will complement the features of such environments, not being limited to platforms in which the client system was developed. INCA uses cryptography and digital signature to provide integrity, non-repudiation, confidentiality and authenticity. Through the tests it could be seen that INCA provides security for e-learning environments in a flexible, configurable, scalable and efficient way. The main features of INCA are presented in this work, with their employability in a case study for the upload tool for Sakai and Moodle environments, which were modified so that they could make use of INCA. The contribuition of this work is the case study implementation for the above mentioned environments, since such tool in these systems does not have security services. Such modifications were necessary to evaluate the applicability of the INCA in different environments. The case study shows the proof of concept for the security service presented in this work. / Pesquisas no domínio de e-Learning enfocam, principalmente, a maneira como o conteúdo de aprendizado é fornecido aos usuários do sistema, sem considerar os requisitos de segurança na maioria das implementações. Entretanto, as ameaças à segurança não podem ser negligenciadas, principalmente, porque aplicações de e-Learning são construídas sobre arquiteturas heterogêneas, distribuídas, abertas e que podem ser vulneráveis à ação de pessoas mal-intencionadas. Este trabalho apresenta INCA (Integridade, Não Repúdio, Confidencialidade e Autenticidade), um serviço que oferece segurança por meio da tecnologia de Web Services e que se propõe a atender os requisitos de segurança de ambientes de e-Learning desenvolvidos em diferentes arquiteturas e linguagens de programação. A utilização de Web Services para oferecer segurança nos ambientes de e-Learning complementa as funcionalidades de tais ambientes, isto é, não se limita às plataformas em que o sistema cliente foi desenvolvido. INCA utiliza criptografia e assinatura digital para oferecer integridade, não repúdio, confidencialidade e autenticidade. Por meio dos testes realizados pôde-se constatar que o INCA oferece segurança a ambientes de e-Learning de maneira flexível, configurável, escalável e de forma eficiente. As funcionalidades do INCA são apresentadas neste trabalho, com sua empregabilidade em um estudo de caso para a ferramenta upload de arquivo, dos ambientes Sakai e Moodle, que foram modificados para que pudessem usar os serviços do INCA. A contribuição deste trabalho é a realização do estudo de caso para os ambientes supracitados, uma vez que tal ferramenta nesses sistemas não possui serviços de segurança. Algumas modificações, em tais ambientes, foram necessárias para avaliar a aplicabilidade do INCA em ambientes diferentes. O estudo de caso evidencia a prova de conceito para o serviço de segurança apresentado neste trabalho.

Computadores - medidas de segurança

e-Learning

Serviços da web

Plataforma MOODLE

Plataforma SAKAI

Web service

Serviço de segurança

e-Learning

Web service

Security service

Sakai

Moodle