Utilização de serviços na integração de aplicações empresariais / Utilization of services in enterprise application integration

Kaneshima, Eliana

30 November 2012

Atualmente a Integração de Aplicações Empresariais (EAI) desempenha um papel fundamental no cenário de integração de sistemas corporativos. Isso pode ser feito de diferentes formas, como por exemplo, por meio do compartilhamento de acesso às bases de dados ou trabalhando-se com Web Services, em que um serviço é disponibilizado por um sistema e pode ser chamado por outro sistema a ser integrado. Essas duas soluções estão sendo empregadas com sucesso, mas ambas apresentam vantagens e desvantagens que devem ser analisadas. Assim, este trabalho tem como objetivo primeiramente efetuar uma comparação entre essas duas abordagens de integração (tomando como base a norma ISO-IEC 9126-1) por meio de uma revisão bibliográfica complementada por uma revisão sistemática e relatos da experiência profissional da autora deste trabalho e da sua orientadora. Com o intuito de validar esta comparação, foi feito um estudo experimental, cujo objetivo do experimento foi avaliar a melhor abordagem para se realizar uma integração de aplicações empresariais: EAI-Dados e EAI-WS no que diz respeito ao esforço necessário para a implantação de cada uma. Assim, a avaliação foi realizada para responder à seguinte questão: Em termos de tempo de desenvolvimento e código produzido, é mais fácil realizar EAI-WS ou EAI-Dados? Finalmente, foram propostos cinco padrões para EAI, com o objetivo de auxiliar desenvolvedores com problemas similares de integração de aplicações. Esses padrões podem ser reusados em diversos contextos de integração, obedecendo às regras de negócios específicas a serem consideradas no momento da integração, e agilizando a modelagem da solução por meio da instanciação do padrão mais adequado a cada situação / Nowadays, Enterprise Applications Integration (EAI) performs a fundamental function in the scenery of enterprise systems integration. This can be done in different forms, for example by sharing the database access or working with Web Services, in which a service is provided by the system and can be called by other systems to be integrated. Those two solutions are being applied successfully, even though both present advantages and disadvantages that must be analyzed. Thus, the goal of this work is first to compare those two integration approaches, (Based on the standard ISO-IEC 9126-1) through a bibliographical review complemented by a systematic review and professional reports from the author of this work and her supervisor. In order to confirm this comparison, an experimental study was done, which resulted in quantitative answers about the best approach to perform systems integration: EAI-Data and EAI-WS which refer to effort required to deploy each. Thus, the assessment was conducted to answer the following question: In terms of development time and code produced, is easier to perform EAI-WS or EAI-Data? Finally, five patterns were proposed to EAI, which aim to support developers with similar problems of applications integration. These patterns can be reused in many integration contexts, following the rules of specific business to be considered in the moment of integration, and accelerating the modeling of the solution through the instantiation of the most adequate pattern to each situation

Enterprise application integration

Web services

Web services

Podpora sémantiky v CMS Drupal / Semantic support in CMS Drupal

Ivančo, Daniel

January 2012

Aim of this diploma thesis is to map semantic features of CMS Drupal version 7. The goal of the first part of this work is to theoretically describe semantic web problematic and CMS Drupal. The second -- practical part of this work maps in details all the features of semantic web, which are supported by described CMS Drupal. These semantic features are mapped in two different points of views -- implementation and functional. Main contribution of this work is the method used to map these features. It's based on Drupal plugins code modification and revision in order to draw or demonstrate these features, which are not necessarily completely documented or functional. Furthermore all of these features are demonstrated on examples created as a part of this thesis. Finally the last part of this work compares these mapped features to similar CMS systems.

Análise de comportamento de consumidores por agrupamento de sessões para avaliar o consumo de recursos computacionais e de comunicação. / Customer behavior analysis by session grouping to measure computer and communication resources consumption.

Eduardo Vidal Franco

25 September 2006

O presente trabalho propõe uma nova análise de negócio para avaliar a importância de classes de consumidores para o modelo de negócio de aplicações de negócio eletrônico para a WWW. Esta avaliação é feita através do agrupamento dos consumidores em classes e da medição da receita gerada e do consumo de recursos de cada uma das classes. Este trabalho também propõe a modelagem e a implementação de uma ferramenta para a medição do consumo de recursos computacionais de cada uma das classes de consumidores. Para medir o consumo de recursos foi criada uma nova técnica baseada na proposta por Menasce et al. (1999).que permite a medição do consumo de recursos de servidores WWW através da monitoração de uma aplicação de negócio eletrônica durante a operação ou através da extração dos dados necessários para medir o consumo de recursos de arquivos de log. Para realizar a medição do consumo e para validar a técnica proposta foi projetada e construída uma ferramenta que, uma vez passada a forma de identificação de classes de consumidores e a navegação desses consumidores em arquivos de logs ou em banco de dados, permite contabilizar os recursos computacionais consumidos pelos mesmos. A ferramenta e o seu correto funcionamento foram validados através da aplicação da ferramenta sobre dados de navegação simulados para grupos pré-definidos de consumidores cujo resultado obtido foi comparado ao resultado esperado. / This work describes a new business analysis to evaluate the importance of individual customer classes to the business model of a web-based electronic business application. This can be accomplished by breaking the customer base into classes and measuring the monetary income and the resource consumption for each class. This work also proposes a software tool modeling to measure the computer resource consumption for each customer class and each individual application module. To measure the resource consumption, a new technique based on the one proposed by Menasce et al. (1999) was created to allow the proper breakdown of the resource consumption by the customers in a WWW server through monitoring the business software application during its operation or through the extraction of the data needed to measure the resource consumption from the log files generated by the WWW servers hosting the application. To perform the measurement and to validate the proposed technique, it was designed and built a software tool that is able to evaluate the resource consumption of a customer group when it receives the way to identify the group of a customer and the navigation of these customers in the form of a navigation database or in a log file. This software tool was validated by applying it over some simulated customer navigating data based on the expected behavior of some predefined customer groups and comparing the data obtained with the expected result.

Consumidor

Negócio

World wide web

Business

Customer

World wide web

Atestamento em arquitetura aberta de serviços (SOA): um arcabouço para validação de legitimidade dos consumidores de serviços e seus dispositivos de acesso. / Validation of consumers in services oriented architecture (SOA): a framework to validate legitimacy of service consumers and their access means.

Richard Flávio da Silva

17 June 2010

Em Arquiteturas Abertas e Orientadas a Serviços (Service Oriented Architectures - SOA) a preocupação com a área de segurança tem recebido importante atenção no desenho das aplicações em função das vulnerabilidades intrínsecas associadas a este novo paradigma. Este trabalho tem por objetivo propor um arcabouço para o desenvolvimento seguro de aplicações em SOA, com foco nos aspectos de segurança através da validação dos consumidores de serviços e seus dispositivos de acesso. Para este objetivo, foi conduzido um estudo sobre as abordagens tradicionais para a segurança em soluções Web uma vez que esta é a plataforma predominante na implementação de soluções SOA. Neste estudo, foi identificado que uma área fértil para contribuição à segurança em soluções SOA é o atestamento dos componentes ou programas consumidores de serviços. Por atestamento, deve-se entender um processo de verificação da legitimidade dos participantes (indivíduos, hardware e software) de uma cadeia de acesso. Como resultado deste trabalho, foi proposto um arcabouço, denominado ASACS (Arcabouço para Segurança por Atestamento dos Consumidores de Serviços), para controle de acesso aos serviços baseado na validação de etapas de atestamento dos consumidores. Estas etapas vão desde o fornecimento de informações sobre a plataforma de execução dos consumidores até a análise comportamental para definir o grau de confiança de cada consumidor em uma rede distribuída de serviços. A utilização do arcabouço traz um importante reforço à segurança ao buscar a negação de acesso a consumidores mal intencionados, não legítimos ou que tenham sido alvo de ataque. Como principal contribuição, este arcabouço orienta uma abordagem estruturada para a validação de legitimidade dos consumidores e de seus dispositivos e programas de acesso, resultando na necessidade de um aumento dos esforços requeridos para um ataque na tentativa de violar a segurança dos serviços oferecidos. / In Service Oriented Architectures (SOA) the concern with security has received important focus on solution design as a consequence of intrinsic vulnerabilities at the basis of this new paradigm. This work proposes a framework to secure development of SOA applications, with a special attention to security matters regarding validation of service consumers and its access means. In order to accomplish this goal, it was conducted a research over traditional approaches for security in Web applications, considering that Web platform is definitely dominant for SOA implementation. In this research, validation of service consumers was figured out as a promising area to security enforcement. Validation of service consumers states for a process to verify legitimacy of participants (individuals, hardware and software) in an access chain. As result of this work, it was proposed the framework ASACS designed to control accesses to service providers based on consumers legitimacy validation stages. Such validation stages cover since a check of client stations boot stack layers until a behavioral monitoring to graduate trust levels for each consumer in a network of distributed services. The framework adoption promotes security enforcement while avoiding access from malicious consumers, non legitimate ones or genuine consumers compromised by an attacker. As principal contribution, this framework guides to a structured approach to validate legitimacy of consumers and its programs and access means, requiring higher levels of efforts to an attack attempting violate the security of published services.

Atestamento

Autenticação

Segurança

SOA

Web

Authentication

Legitimacy

Security

SOA

Web

Site com conteúdo apropriado à web semântica e mecanismos de busca / Site with appropriated content to semantic web and search engines

Leme, Luciano Gonzaga

27 April 2009

Made available in DSpace on 2016-04-29T14:23:48Z (GMT). No. of bitstreams: 1 Luciano Gonzaga Leme.pdf: 2147873 bytes, checksum: 2282265d0f8e50945a1107e7cd36096b (MD5) Previous issue date: 2009-04-27 / This work introduces an approach which main purpose is to ask and present possible ways so that the web site s content will be appropriately offered related to Semantic Web and Search Engines. To achieve this purpose many researches were made and used the author s experience in this area. Therefore many concepts and technologies were combined and used, such as: metadata, ontologies, semantic web services and search engine optimization. Metadata allow qualifying informations appropriately, ontologies are used to improve domain s analysis problem and to obtain software components with semantic descriptions, which may be reused in a great variety of applications. Semantic web services may be used as software components spread through the Internet to perform applications complex tasks. Starting asking what should be published in a web site, or even better, how should be a web site s content the work exposes knowledges and technologies to answer the question: how to offer appropriated content? After exposing the associated concepts and showing possible solutions a conclusion is achieved with questions and possible researches which will allow appropriated content sites development with Semantic Web and its possible positive collateral effects, granting improvement in both: knowledge utilization and available informations in the web / Esta dissertação apresenta uma abordagem que tem como objetivo principal questionar e apresentar possíveis caminhos para que o conteúdo de um web site seja apropriadamente oferecido em termos de Web Semântica e Mecanismos de Busca. Para alcançar esse objetivo foram efetuadas pesquisas e utilizada a experiência do autor. Desse modo foram combinados os conceitos e as tecnologias envolvidas em relação a metadados, ontologias, serviços web semânticos e otimização de mecanismos de busca. Os metadados permitem qualificar informações apropriadamente, as ontologias são empregadas para aprimorar a análise do domínio do problema e para obter componentes de software com descrições semânticas, os quais podem ser reutilizados numa grande variedade de aplicações. Os serviços web semânticos são utilizados como componentes de software distribuídos pela Internet e podem realizar tarefas complexas de aplicações. Partindo do questionamento do que publicar em um web site, ou melhor, como deve ser o conteúdo de um web site - foram expostos conhecimentos e tecnologias que delineiam a questão: como oferecer conteúdo apropriado? Após a exposição dos conceitos associados e da apresentação de possíveis soluções concluímos com questionamentos e indicativos de possíveis pesquisas que muito contribuirão ao desenvolvimento de sites com conteúdo apropriado com a Web Semântica e seus possíveis efeitos colaterais positivos, propiciando a melhor utilização do conhecimento e das informações disponibilizadas na web

Conteúdo apropriado na web

Web semântica

Metadados

Ontologias

Agentes semânticos

Serviços web semânticos

SEO

Ferramentas de busca na Web

Sites da Web

Appropriated content in the web

Semantic web

Metadata

Ontologies

Semantic agents

Semantic web services

CNPQ::OUTROS

Anonymisation de documents RDF / Towards RDF Anonymization

Dongo Escalante, Irvin Franco Benito

20 December 2017

Avec l'avancée du Web Sémantique et des initiatives Open Linked Data, une grande quantité de documents RDF sont disponibles sur Internet. L'objectif est de rendre ces données lisibles pour les humains et les machines, en adoptant des formats spéciaux et en les connectant à l'aide des IRIs (International Resource Identifier), qui sont des abstractions de ressources réelles du monde. L’augmentation du nombre de données publiées et partagées augmente également le nombre d’informations sensibles diffusées. En conséquence, la confidentialité des entités d'intérêts (personnes, entreprises, etc.) est un véritable défi, nécessitant des techniques spéciales pour assurer la confidentialité et la sécurité adéquate des données disponibles dans un environnement où chaque utilisateur a accès à l'information sans aucune restriction (Web).Ensuite, trois aspects principaux sont considérés pour assurer la protection de l'entité: (i) Préserver la confidentialité, en identifiant les données qui peuvent compromettre la confidentialité des entités (par exemple, les identifiants, les quasi-identifiants); (ii) Identifier l'utilité des données publiques pour diverses applications (par exemple, statistiques, tests, recherche); et (iii) Les connaissances antérieures du modèle qui peuvent être utilisées par les pirates informatiques (par exemple, le nombre de relations, une relation spécifique, l'information d'un nœud).L'anonymisation est une technique de protection de la confidentialité qui a été appliquée avec succès dans les bases de données et les graphes. Cependant, les études sur l'anonymisation dans le contexte des documents RDF sont très limitées. Ces études sont les travaux initiaux de protection des individus sur des documents RDF, puisqu'ils montrent les approches pratiques d'anonymisation pour des scénarios simples comme l'utilisation d'opérations de généralisation et d'opérations de suppression basées sur des hiérarchies. Cependant, pour des scénarios complexes, où une diversité de données est présentée, les approches d'anonymisations existantes n'assurent pas une confidentialité suffisante.Ainsi, dans ce contexte, nous proposons une approche d'anonymisation, qui analyse les voisins en fonction des connaissances antérieures, centrée sur la confidentialité des entités représentées comme des nœuds dans les documents RDF. Notre approche de l'anonymisation est capable de fournir une meilleure confidentialité, car elle prend en compte la condition de la diversité de l'environnement ainsi que les voisins (nœuds et arêtes) des entités d'intérêts. En outre, un processus d'anonymisation automatique est assuré par l'utilisation d'opérations d'anonymisations associées aux types de données. / With the advance of the Semantic Web and the Open Linked Data initiatives, a huge quantity of RDF data is available on Internet. The goal is to make this data readable for humans and machines, adopting special formats and connecting them by using International Resource Identifiers (IRIs), which are abstractions of real resources of the world. As more data is published and shared, sensitive information is also provided. In consequence, the privacy of entities of interest (e.g., people, companies) is a real challenge, requiring special techniques to ensure privacy and adequate security over data available in an environment in which every user has access to the information without any restriction (Web). Then, three main aspects are considered to ensure entity protection: (i) Preserve privacy, by identifying and treating the data that can compromise the privacy of the entities (e.g., identifiers, quasi-identifiers); (ii) Identify utility of the public data for diverse applications (e.g., statistics, testing, research); and (iii) Model background knowledge that can be used for adversaries (e.g., number of relationships, a specific relationship, information of a node). Anonymization is one technique for privacy protection that has been successfully applied in practice for databases and graph structures. However, studies about anonymization in the context of RDF data, are really limited. These studies are initial works for protecting individuals on RDF data, since they show a practical anonymization approach for simple scenarios as the use of generalization and suppression operations based on hierarchies. However, for complex scenarios, where a diversity of data is presented, the existing anonymization approaches does not ensure an enough privacy. Thus, in this context, we propose an anonymization framework, which analyzes the neighbors according to the background knowledge, focused on the privacy of entities represented as nodes in the RDF data. Our anonymization approach is able to provide better privacy, since it takes into account the l-diversity condition as well as the neighbors (nodes and edges) of entities of interest. Also, an automatic anonymization process is provided by the use of anonymization operations associated to the datatypes.

RDF

Web Sémantique

Anonymisation

Datatypes

RDF

Semantic Web

Anonymization

Datatypes

Découverte et recommandation de services Web / Web services discovery and recommendation

Slaimi, Fatma

23 March 2017

Le Web est devenu une plateforme universelle d’hébergement d'applications hétérogènes. Dans ce contexte, les services Web se sont imposés comme une technologie clé pour permettre l’interaction entre diverses applications. Les technologies standards proposées autour des services Web permettent la programmation, plutôt manuelle, de ces applications. Pour favoriser une programmation automatique à base de services web, un problème majeur se pose : celui de leur découverte. Plusieurs approches adressant ce problème ont été proposées dans la littérature. L’objectif de cette thèse est d’améliorer le processus de découverte de services en exploitant trois pistes de recherche. La première consiste à proposer une approche de découverte qui combine plusieurs techniques de matching. La deuxième se base sur une validation des services retournés par un processus de découverte automatique en se basant sur les compétences utilisateurs. Ces approches ne prennent pas en considération l’évolution de services dans le temps et les préférences des utilisateurs. Pour remédier à ces lacunes plusieurs approches incorporent des techniques de recommandation. La majorité d'entre eux sont basées sur les évaluations des propriétés de QdS. Pratiquement, ces évaluations sont rarement disponibles. D’autres systèmes exploitent les relations de confiance. Ces relations sont établies en se basant sur les évaluations de services. Or, invoquant le même service ne signifie pas obligatoirement avoir les mêmes préférences. D’où, nous proposons, l’exploitation des relations d’intérêts entre les utilisateurs pour recommander des services. L’approche s’appuie sur une modélisation orientée base de données graphes. / The Web has become an universal platform for content hosting and distributed heterogeneous applications that can be accessed manually or automatically. In this context, Web services have established themselves as a key technology for deploying interactions across applications. The standard Web services technologies allow and facilitate the manual programming of these applications. To promote automatic programming based on Web services, a major problem arises : that of their discovery. Several approaches addressing this problem have been proposed in the literature. The aim of this thesis is to improve the Web services discovery process. We proposed three approaches. We proposed a Web services discovery approach that combines several matching techniques. The second consists on the validation of the services returned by an automatic process of discovery using users’ competencies. These approaches do not take into account the evolution of services over time and user preferences. To address these shortcomings, several approaches incorporate referral techniques to assist the discovery process. A large majority of these approaches are based on assessments of QoS properties. In practice, these assessments are rarely available. In other systems, trust relationships between users and services are used. These relationships are established based on invocations evaluations of similar services. However, invoking the same service do not necessarily mean having the same preferences. Hence, we propose, in our third approach, the use of the relations of interest between users to recommend services. The approach relies on modeling services’ ecosystem by database graphs.

Service Web

Découverte

Recommandation

Graphe

Web service

Discovery

Recommendation

Graph

Um sistema servidor web distribuído com provisão de QoS absoluta e relativa / Distributed Web server system with provision of absolute QoS

Mamani, Edwin Luis Choquehuanca

08 December 2010

Este trabalho de pesquisa apresenta um protótipo de servidor Web distribuído com diferenciação de serviços baseado em QoS relativa e absoluta. São implementados e comparados diferentes algoritmos de escalonamento. Um dos algoritmos avaliados é o EBS. O objetivo é transpor a teoria da política para o mundo real, e comparar o seu comportamento com os resultados das simulações, utilizando o tempo de resposta como medida de desempenho. Além do EBS, outros algoritmos são avaliados, tais como, Round-Roubin e Weighted Round Robin / This work presents a prototype of a distributed Web server with service differentiation based on relative and absolute QoS. Are compared different schedule algorithms. One of the policies to be evaluated is the EBS. The goal is to implement the policy theory to the real world, comparing their behavior with the simulation results, using the response time as a performance measure. In addition to the EBS, others policies are evaluated, such as Round-Roubin and Weight Round Robin

QoS

QoS

RT systems

Servidor Web

Sistemas RT

Web server

Découverte d'annuaires de services web dans un environnement distribué / Web services registries discovery in a distributed environment

Sellami, Mohamed

18 October 2011

Les services Web (SW) sont considérés comme étant un bloc pilier pour la réalisation de transactions électroniques entre entreprises. Ainsi, de plus en plus d'entreprises utilisent des SW pour réaliser des transactions avec leurs partenaires et/ou offrir des services en ligne. Dans un tel contexte, chaque entreprise possède un ou plusieurs référentiels privés de descriptions de SW. Pour que ses SW soient consultables et puissent être découverts par d'autres entreprises, une entreprise devra rendre ses référentiels de SW publics. La solution couramment utilisée consiste à publier les descriptions de ses SW dans des annuaires de SW. En conséquence, le nombre d'annuaires disponibles peut être aussi important que le grand nombre d'entreprises et la découverte d'un SW devient ainsi une tâche fastidieuse pour un demandeur de services et coûteuse pour un système de découverte. L'objectif principal de cette thèse est de fournir des solutions pour assurer une découverte d'annuaires de SW adaptée à un environnement distribué. Pour ce faire, nous proposons tout d'abord d'organiser le réseau d'annuaires en communautés. Ensuite, afin de préserver la consistance de cette organisation face aux changements qui peuvent se produire (départ/arrivée d'annuaires), nous définissons les mécanismes de gestion nécessaires. Enfin, nous proposons une approche pour la découverte d'annuaires de SW qui utilise deux filtres pour limiter l'espace de recherche d'un demandeur de services. Les solutions proposées ont été testées par la mise en place d'un réseau de communautés d'annuaires, l'implémentation d'un gestionnaire de communautés et d'un système de découverte d'annuaires. / Web services (WS) can be seen as a pillar block for achieving electronic B2B transactions. More and more companies are using WS to achieve transactions with their partners and/or offer on-line services. These companies have to make their WS available for consultation through their own private WS registries. As a result, the number of WS registries that are made available for use can be as many as the large number of companies. This raises an old, search engine, problem in a new form: discovery mechanisms of WS are not efficient both in response times and quality of results. In this context, if appropriate solutions are not considered, "traditional" WS discovery mechanisms that consist of scanning all the registries would for instance slow down the increase rate of WS. In this thesis, we are interested in WS discovery in a distributed registry environment. To do this, we first propose to organize a registries network into communities based on functionalities offered by the WS of a registry. Then, to handle the dynamic nature of communities and their members, we define the needed management mechanisms to monitor changes and reconcile potential conflicts. Finally, we propose an approach for WS registries discovery that uses two filters to limit the search space. We first use the functional requirement of a service requester to select the appropriate registry community. Then we use the requester's non-functional requirements and his behavior to select the registries. The proposed solutions were tested by setting up a P2P network of registry communities, implementing a community manager and a discovery system.

Services web

SOC

Annuaires de services web

Communautés d'annuaires

Gestion de communautés d’annuaires

Découverte d’annuaires

Web services

SOC

Web services registry

Web services registries organization

Communities of web service registries

Registries discovery

Desarrollo de una aplicación web para la reserva del servicio de estacionamiento mediante geolocalización en la provincia de Huancayo

Quispe Limaylla, Josué, Yallico Lazo, Ruly Gildersón

30 November 2018

En la ciudad de Huancayo se identificó el problema del incremento de la congestión vehicular por la gran cantidad de vehículos que transitan en avenidas principales a esto se adhiere el poco conocimiento por parte de los conductores sobre las ubicaciones de las playas de estacionamiento. Este trabajo de investigación se centra en el desarrollo de una aplicación web adaptable a cualquier dispositivo que mediante la geolocalización permite ubicar playa de estacionamiento más cercanas a su ubicación actual para poder ocupar o reservar un espacio de estacionamiento así mismo cualquier persona dueño de una playa de estacionamiento podrá registrarse para brindar el servicio de reserva de espacios de estacionamiento y los usuarios podrán valorar el servicio obtenido. Se empleo SCRUM como metodología ágil de desarrollo de software y el lenguaje de programación PHP como herramienta de desarrollo; para generar el entorno administrativo backend de la aplicación de los módulos de ocupación y reserva de un espacio de estacionamiento, registro de usuario, registro de playa de estacionamiento y de geolocalización.

Aplicación web

Reserva de servicio

Estacionamiento

Geolocalización

Aplicación web