Computational aspects of infinite automata simulation and closure system related issues / Aspects de complexité du problème de composition des services web

Ennaoui, Karima

28 September 2017

La thèse est consacrée à des problématiques d’algorithmique et de complexité sur deux sujets. Le premier sujet s’intéresse à la composition comportementale des services web. Ce problème a été réduit à la simulation d’un automate par le produit fermé d’un ensemble d’automates. La thèse étudie dans sa première partie la complexité de ce problème en considérant deux paramètres : le nombre des instances considéré de chaque service et la présence des états hybrides : état à la fois intermédiaire et final dans un automate. Le second sujet porte sur les systèmes de fermeture et s’intéresse au calcul de l’extension maximale d’un système de fermeture ainsi qu’à l’énumération des clefs candidates d’une base implicative. On donne un algorithme incrémental polynomial qui génère l’extension maximale d’un treillis codé par une relation binaire. Puis, la notion de key-ideal est définie, en prouvant que leur énumération est équivalente à l’énumération des clefs candidates. Ensuite, on donne un algorithme qui permet de générer les key-ideal minimaux en temps incrémental polynomial et les key-ideal non minimaux en délai polynomial. / This thesis investigates complexity and computational issues in two parts. The first concerns an issue related to web services composition problem: Deciding whether the behaviour of a web service can be composed out of an existing repository of web services. This question has been reduced to simulating a finite automata to the product closure of an automata set. We study the complexity of this problem considering two parameters; the number of considered instances in the composition and the presence of the so-called hybrid states (states that are both intermediate and final). The second part concerns closure systems and two related issues; Maximal extension of a closure system : we give an incremental polynomial algorithm that computes a lattice's maximal extension when the input is a binary relation. Candidate keys enumeration : we introduce the notion of key-ideal sets and prove that their enumeration is equivalent to candidate keys enumeration. We then give an efficient algorithm that generates all non-minimal key-ideal sets in a polynomial delay and all minimal ones in incremental polynomial time.

Service web

Comportement de service web

Composition de service web

Simulation des automates

Complexité

Exptime-complet

Théorie d’ordre

Système de fermeture

Treillis

Extension maximale

Bases de données

Base d’implications

Relation binaire

Clé candidate

Énumération

Délai polynomial

Délai incrémental

Web service

Web service behaviour

Web service composition

Automata simulation

Complexity

Product closure of automata

Asynchronous product

Exptime-complete

Order theory

Closure system

Lattice

Maximal extension

Database

Implicational base

Candidate key

Binary relation

Enumeration

Polynomial delay

Incremental delay

Application de gestion des droits numériques au système d'information d'entreprise / Applying Digital Rights Management to Corporate Information Systems

SU, Ziyi

23 March 2012

Pour faire face aux enjeux d’une économie mondialisée et aux fluctuations du marché, les entreprises (et principalement les PMEs) doivent développer de nouvelles stratégies de collaboration et d’organisation en réseau permettant de s’intéresser effectivement au réseau de création de valeur (et non pas se limiter à une simple organisation de chaîne de valeur) plus en rapport avec le contexte économique « blue ocean » visant le développement de produits et services innovants. Actuellement, ces réseaux de collaborations sont basés sur des relations de confiance et des communautés bien identifiées. Pour passer à une collaboration à très grande échelle, il importe d’accroître l’agilité et l’interopérabilité des entreprises et de leurs systèmes d’information pour permettre leur interconnexion. Cette stratégie de collaboration pose le problème d’une gestion de la sécurité « de bout en bout » pendant tout le cycle de vie des informations et processus partagés. Or les approches traditionnelles de sécurité ne proposent qu’une protection « statique » et « instantanée » ce qui ne permet pas de répondre aux contraintes de gestion des usage et d’adaptation dynamique requises par les organisations collaboratives. Pour répondre à ces enjeux, nous proposons d’adapter les approches de gestion des droits numériques (DRM) aux systèmes d’information. Après avoir proposé une architecture semi-distribuée de gestion des droits d’usage, nous avons proposé un modèle de politique de sécurité intégrant les droits d’usage et les obligations associées. Ceci nous a conduits à définir une syntaxe et une sémantique adaptée pour enrichir les politiques traditionnelles. Nos travaux ont porté ensuite sur la prise en compte de la dimension collaborative. Dans ce cadre nous avons proposé une algèbre d’intégration permettant de gérer la composition des politiques en fonction de l’ajout ou du retrait de partenaires dans l’organisation en analysant les processus métiers mis en œuvre par la collaboration. Enfin, notre architecture a été validée par un prototype incluant un moteur de négociation (construit sur l’outil «SUN XACML implementation»), un moteur d'agrégation s'appuyant sur JAVA DOM et JDOM et une composante d'analyse de contexte. / To fit the globalised economical environment, enterprises, and mostly SMEs, have to develop new networked and collaborative strategies, focusing on networked value creation (instead of the classical value chain vision), fitting the blue ocean context for innovative products and service development. Such collaborative networks are by now often based on trusted and well known communities. Developing large scale networked and collaborative strategies involve increasing both enterprise and information system agility and interoperability in order to allow their interconnection. This requires paying attention on an end-to end security and on the way information and process are used during their full life-cycle. As traditional security approaches and methodologies provide only an “instant” and rather static protection, they do not fit the dynamicity nor the life-cycle long protection constraints involved by such collaborative organisation. To overcome this limit, we propose to adapt the Digital Right Management approach (first defined for multimedia contents) to collaborative information systems. After proposing a semi-distributed architecture used to manage usage rights, we propose a security policy model including both usage rights and related obligations. This leads us to extend the security policy descriptions, including a dedicated syntax and semantics to model both policy organisation, usage and obligations before paying attention on the “collaborative environment constraints”. Paying attention on the way collaborative organisations are set and evolve, we have proposed an integration algebra to manage the way security and usage policies are composed depending on the way partners join and quit the collaborative context. This composition process and integration algebra analyse the collaborative business processes to identify the way policies are composed and negotiated. Lastly, we implement parts of our architecture to validate our proposals, mostly regarding the negotiation engine (using «SUN XACML implementation»), the aggregation engine(built upon JAVA DOM et JDOM) and a context analysis component.

Informatique

Système d'information

Sécurité informatique

Gestion des droits numériques

Service web

Information Technology

Information system

Security

Digital right management

Web service

658.403 801 107 2

Web services oriented approach for privacy-preserving data sharing / Une approche orientée service pour la préservation des données confidentielles dans les compositions de services Web

Tbahriti, Salah Eddine

03 December 2012

Bien que la technologie de composition de services Web soit considérée comme l’une des technologies les plus prometteuses pour l’intégration des sources de données hétérogènes et multiples ainsi que pour la réalisation d’opérations complexes, la question de la protection des données personnelles demeure l’une des préoccupation majeure liés à cette technologie. Ainsi, lors d’un processus de composition, l’échange de données entre toutes les entités – tels que, les services Web recueillant et fournissant des données, les individus dont les données peuvent être fournies et gérées par les services Web, les systèmes qui composent les services Web et les clients finaux des services – est une étape nécessaire et indispensable pour répondre à des requêtes complexes. En conséquence, des données personnelles sont échangées et manipulées entre toutes les entités du système. Notre objectif dans cette thèse est la conception et le développement d’un cadre permettant d’améliorer la composition des services Web avec des mécanismes de protection des données personnelles. Pour atteindre cet objectif, nous avons proposé une approche générale composée de trois éléments. Premièrement, nous avons proposé un modèle formel de confidentialité pour permettre aux services Web de décrire leurs contraintes de confidentialité liées aux données personnelles. Notre modèle permet une spécification des contraintes de confidentialité relative non seulement au niveau des données manipulées, mais aussi au niveau des opérations invoquées par les services. Deuxièmement, nous développons un algorithme de compatibilité qui permet de vérifier formellement la compatibilité entre les exigences et les politiques de confidentialité de tous les services lors d’un processus de composition. Troisièmement, dans le cas où certains services dans la composition sont incompatibles par rapport à leur spécification de confidentialité, nous avons introduit une nouvelle approche basée sur un modèle de négociation dans la perspective de trouver une composition compatible (c’est-à-dire, d’obtenir la compatibilité de toutes les spécifications de confidentialité des services impliqués dans la composition). Enfin, nous avons mis en œuvre les techniques présentées dans cette thèse au sein du prototype PAIRSE et mené une étude de performance sur les algorithmes proposés / While Web service composition technologies have been beneficial to the integration of a wealth of information sources and the realization of complex and personalized operations, the issue of privacy is considered by many as a major concern in services computing. Central to the development of the composition process is the exchange of sensitive and private data between all parties: Web services collecting and providing data, individuals whose data may be provided and managed by Web services, systems composing Web service to answer complex queries, and requesters. As a consequence, managing privacy between all parties of the system is far from being an easy task. Our goal in this thesis is to build the foundations of an integrated framework to enhance Web service composition with privacy protection capabilities. To this aim, we firstly propose a formal privacy model to allow Web services to describe their privacy specifications. Our privacy model goes beyond traditional data-oriented models by dealing with privacy not only at the data level but also service level. Secondly, we develop a compatibility-matching algorithm to check privacy compatibility between privacy requirements and policies within a composition. Thirdly, in the case where some services in the composition are incompatible regarding their privacy specifications, we introduce a novel approach based on a negotiation model to reach compatibility of concerned services (i.e. services that participate in a composition which are incompatible). Finally, we conduct an extensive performance study of the proposed algorithms. The techniques presented in this dissertation are implemented in PAIRSE prototype

Services Web

Vie privée

Composition de services Web

Préservation de la vie privée

Négociation

Web services

Privacy

Web service composition

Privacy preserving

Negotiation

004.67

Dynamic Performance-based Decision Support for Service Reusability / Aide à la décision dynamique basée sur les performances pour la réutilisation des services

Masood, Tehreem

26 October 2018

La réutilisation des services pour prendre en charge de nouveaux processus métier, en plus de l'alignement de l'informatique sur les fonctions métier, constitue une motivation clé pour l'utilisation de l'architecture orientée services (SOA) pour le développement de solutions métier. Dans une architecture orientée services, il est important de faciliter la sélection, la configuration et la composition des services existants pour faire face aux changements d’exécution ou à l’évolution des besoins des utilisateurs finaux. Contrairement aux autres systèmes logiciels traditionnels, le comportement dynamique des systèmes basés sur les services nécessite des informations de qualité de service (QoS) actualisées pour assurer une gestion appropriée dans les différentes étapes du cycle de vie. Les entreprises doivent connaître les performances des services Web et des processus métier pour préserver leur pérennité en matière de réutilisation des services. Les trois principaux avantages de la réutilisation des services sont l'amélioration de l'agilité des solutions en assemblant rapidement de nouveaux processus métier à partir des services existants pour répondre aux besoins changeants du marché, réduire les coûts en ne développant pas de nouveaux services pour activer des fonctions métier similaires dans plusieurs processus métier, mais également le déploiement et la gestion des services dans les environnements d'exécution tout au long du cycle de vie SOA. Cependant, il existe actuellement de nombreux défis liés à la durabilité et à la gouvernance du comportement des services pendant son cycle de vie. Parmi ces défis, on peut citer le niveau de performance, la persistance des exigences et l'adaptabilité du service. De plus, il existe certaines limites des outils de surveillance. Ils manquent d’anticipation dans la détection des problèmes et ils sont passifs et ne sont ni réactifs ni prédictifs. Cette thèse porte sur l’évaluation et les recommandations en matière de performance et de gouvernance des systèmes d’information pour suggérer la réutilisation des services au cours de son évolution. L'objectif est de maintenir la durabilité, la robustesse, l'adaptabilité, la réutilisabilité et l'évolutivité des systèmes d'information. À cette fin, nous évaluons les performances de l'architecture orientée service. Il existe plusieurs solutions de surveillance existantes conçues pour prendre en charge une couche spécifique de SOA. En particulier, BAM est un outil de surveillance des activités commerciales permettant de surveiller le flux de données pour les processus métier. Cependant, la surveillance BAM ne fournit pas l'évaluation des performances pour recommander des services et des processus à réutiliser. Il existe très peu d'approches prenant en charge la surveillance des couches SOA. De plus, les solutions sont partiellement dynamiques avec une aide à la décision limitée. Par conséquent, nous proposons une aide à la décision basée sur la performance pour une architecture orientée services. Il se compose de quatre couches en tant que couches de spécification, de gestion des données, d'exploration de données et de décision. La couche de spécification identifie les exigences de l'utilisateur final et les traite via l'ontologie proposée. La couche de données analyse les indicateurs techniques conformes aux normes de qualité les plus récentes, ISO 25010. Les caractéristiques de qualité sont liées à l'efficacité des performances, à la fiabilité et à la réutilisation. La couche d'exploration de données génère des décisions spécifiques basées sur des instances de service en appliquant les algorithmes d'apprentissage automatique. Il utilise les concepts ontologiques proposés et les règles d'inférence sémantique du service, des processus métier, des couches serveur et d'intégration. La couche d'exploration de données renvoie aux ontologies avec ces décisions spécifiques où des règles plus raffinées ont été générées.... / Reuse of services in supporting new business processes, in addition to alignment of IT with business functions, is a key motivation in using Service-Oriented Architecture (SOA) for developing business solutions. In a service-oriented architecture, it is important to smooth the selection, configuration and composition of existing services to deal with the runtime changes or the evolution of End User requirements. In contrast to other traditional software systems, the dynamic behavior of service based systems requires up-to-date quality of service (QoS) information for its proper management in the different stages of the lifecycle. Organizations need to know the performance of Web services and business processes to maintain their sustainability for reuse of services. The three key benefits of service reuse are improving agility of solutions by quickly assembling new business processes from existing services to meet changing marketplace needs, reducing cost by not developing new services for enabling similar business functions across multiple business processes, but also spanning service deployment and management in runtime environments throughout the SOA lifecycle. However currently, there are many challenges related to the sustainability and governance of service behavior during its lifecycle. Among those challenges, one can mention level of performance, persistence of the requirements and adaptability of the service. Moreover, there are some limitations of monitoring tools. They lack of anticipation in problem detection, and they are passive and neither reactive nor predictive. This thesis focuses on providing assessment and recommendations for performance and governance of information systems for suggesting service reuse during its evolution. The aim is to maintain sustainability, robustness, adaptability, reusability and evolvability of information systems For this purpose, we evaluate the performance of service oriented architecture. There are several existing monitoring solutions designed to support a specific layer of SOA. Particularly, BAM is a business activity monitoring tool for monitoring the flow of data for business processes. However, BAM monitoring do not provide the performance evaluation for recommending services and processes to reuse. There are very few approaches that support monitoring of SOA layers together. Furthermore, the solutions are partially dynamic with limited decision support. Therefore, we propose performance based decision support for service oriented architecture. It consists of four layers as specification, data management, data mining and decision layers. The specification layer identifies the requirements from the End User and process through the proposed ontology. The data layer analyzes technical indicators that are compliant to the latest quality standard, ISO 25010. Quality characteristics are related to performance efficiency, reliability and reusability. The data mining layer generates specific decisions based on service instances by applying the machine learning algorithms. It uses the proposed ontological concepts and semantic inference rules of service, business process, server and integration layers. The data mining layer returns back to ontologies with these specific decisions where more refined rules have been generated from new ontological concepts. The decision layer processes these results and generates a global decision in terms of recommendations. It provides multi-viewpoints decision to reuse existing services or suggesting their composition. To motivate the proposition of this approach, we illustrate the implementation of the proposed algorithms for all the four layers by a business process use case and data set of public repository of shared services. The output of our system is recommendation for reuse of atomic service, composite service and resource allocation provisioning. We ensure the sustainability, adaptability...

Service Web

Réutilisation des Services

SOA

SBS

Performance

Ontologie

Risque

Maturité

Dynamique

Aide à la Décision

Web service

Service reuse

SOA

SBS

Performance

Ontology

Risk

Maturity

Dynamicity

Decision support

004

Rehearsal: Um arcabouço para teste automatizado de coreografias de serviços web / Rehearsal: A framework for automated testing of web service choreographies

Besson, Felipe Meneses

14 September 2012

Servicos web sao componentes de software fracamente acoplados projetados para promover a comunicacao interoperavel entre aplicacoes na Internet. O acesso a servicos web da-se de maneira padronizada (via protocolos definidos pelo W3C), independente da linguagem de programacao, sistema operacional ou plataforma em que sao desenvolvidos. Devido a essas caracteristicas, servicos simples podem ser combinados em servicos mais completos. Coreografia consiste em uma abordagem descentralizada para a composicao de servicos. Diferentemente de orquestracoes, abordagem na qual servicos distribuidos sao coordenados de modo centralizado, a interacao entre os servicos de uma coreografia e colaborativa e a coordenacao descentralizada. Apesar das vantagens, o desenvolvimento de coreografias, incluindo as atividades de testes, nao e algo consolidado. O objetivo desta dissertacao foi desenvolver uma arcabouco de teste que facilite o uso de Desenvolvimento Guiado por Testes (Test-Driven Development, TDD) em coreografias de servicos web. Rehearsal, o arcabouco proposto, fornece funcionalidades para o teste automatizado de (i) servicos web atomicos (teste de unidade); (ii) composicao de servicos (teste de integracao) e (iii) uma parte ou toda a coreografia (teste de aceitacao). Esses testes podem ser implementados utilizando funcionalidades do arcabouco, tais como a criacao dinamica de clientes para servicos web, o interceptador de mensagens e a abstracao da coreografia em objetos Java. Alem disso, Rehearsal facilita a criacao e uso de Mocks de servicos web, uma importante pratica de TDD. Além de avaliar o arcabouco desenvolvido, um estudo ex- ploratorio qualitativo foi conduzido com estudantes de Ciencia da Computacao. De acordo com os resultados obtidos, as funcionalidades do Rehearsal mostraram-se adequadas para a utilizacao de TDD em coreografias de servicos web. / Web services are loosely-coupled software components designed to support interoperable machine- to-machine interaction over the Internet. To achieve such interoperability, web services are accesible through W3C web standards, independently of which language, operating system, or hardware platform they are developed. Due to these characteristics, simple web services can be combined in more complex ones. Choreographies are a distributed approach for composing web services. Compared to orchestrations, which have a centralized approach to distributed service management, the interaction among the choreographed services is collaborative with decentralized coordination. Despite the advantages, choreography development, including the testing activities, is not consolidated. The goal of this research is to develop a testing framework to support Test-Driven Development (TDD) of choreographies. Rehearsal, the proposed framework, provides features for automating the testing of (i) atomic web services (unit testing); (ii) their integration in the choreography (integration testing); and (iii) part of or the entire choreography (acceptance testing). These several levels of testing are implemented by using framework features such as the dynamic generation of web service clients, message interception, and the abstraction of the choreography into Java objects. In addition, Rehearsal supports important practices of TDD such as service mocking. To assess the developed framework, we conducted a qualitative exploratory study with Computer Science students. According to the results obtained, the features of Rehearsal were adequate for applying TDD to web service choreography development successfully.

Agile Methods

Automated testing

Coreografias de servicos web

Desenvolvimento Guiado por Testes

Metodos Ageis

Servicos web

Test-Driven Development (TDD)

Testes automatizados

Web service choreographies

Web services

Gouvernance et supervision décentralisée des chorégraphies inter-organisationnelles / Decentralized Monitoring of Cross-Organizational Service Choreographies

Baouab, Aymen

27 June 2013

Durant la dernière décennie, les architectures orientées services (SOA) d'une part et la gestion des processus business (BPM) d'autre part ont beaucoup évolué et semblent maintenant en train de converger vers un but commun qui est de permettre à des organisations complètement hétérogènes de partager de manière flexible leurs ressources dans le but d'atteindre des objectifs communs, et ce, à travers des schémas de collaboration avancée. Ces derniers permettent de spécifier l'interconnexion des processus métier de différentes organisations. La nature dynamique et la complexité de ces processus posent des défis majeurs quant à leur bonne exécution. Certes, les langages de description de chorégraphie aident à réduire cette complexité en fournissant des moyens pour décrire des systèmes complexes à un niveau abstrait. Toutefois, rien ne garantit que des situations erronées ne se produisent pas suite, par exemple, à des interactions "mal" spécifiées ou encore des comportements malhonnêtes d'un des partenaires. Dans ce manuscrit, nous proposons une approche décentralisée qui permet la supervision de chorégraphies au moment de leur exécution et la détection instantanée de violations de séquences d'interaction. Nous définissons un modèle de propagation hiérarchique pour l'échange de notifications externes entre les partenaires. Notre approche permet une génération optimisée de requêtes de supervision dans un environnement événementiel, et ce, d'une façon automatique et à partir de tout modèle de chorégraphie / Cross-organizational service-based processes are increasingly adopted by different companies when they can not achieve goals on their own. The dynamic nature of these processes poses various challenges to their successful execution. In order to guarantee that all involved partners are informed about errors that may happen in the collaboration, it is necessary to monitor the execution process by continuously observing and checking message exchanges during runtime. This allows a global process tracking and evaluation of process metrics. Complex event processing can address this concern by analyzing and evaluating message exchange events, to the aim of checking if the actual behavior of the interacting entities effectively adheres to the modeled business constraints. In this thesis, we present an approach for decentralized monitoring of cross-organizational choreographies. We define a hierarchical propagation model for exchanging external notifications between the collaborating parties. We also propose a runtime event-based approach to deal with the problem of monitoring conformance of interaction sequences. Our approach allows for an automatic and optimized generation of rules. After parsing the choreography graph into a hierarchy of canonical blocks, tagging each event by its block ascendancy, an optimized set of monitoring queries is generated. We evaluate the concepts based on a scenario showing how much the number of queries can be significantly reduced

SOA

Chorégraphie inter-organisationelle

Services web

CEP

BPM

Processus métier

SOA

Cross organizational choreography

Web service Security

Monitoring

Complex Event Processing (CEP)

BPM

658.503

004.67

Uma abordagem para gerenciamento de Linhas de Produtos de Software baseada em serviços / A service-based approach for managing Software Product Lines

Pacini, Karen Dias Rabelo

05 April 2016

Linhas de Produtos de Software (LPS) abstraem a semelhança entre produtos e envolvem o conceito de reúso de software para desenvolver software em larga escala com mais rapidez e qualidade. O reúso dos artefatos em uma LPS é planejado e executado desde sua concepção, sendo assim possível armazenar esses artefatos em um repositório (núcleo de ativos reusáveis) para utilização posterior. Porém, ao se construir um repositório para uma certa LPS, este atende apenas às especificações desta arquitetura e não promove o reúso desses ativos em outras LPS, causando uma certa perda no potencial de reusabilidade dos ativos produzidos e armazenados. Além disso, a definição e os dados da execução do processo de desenvolvimento dessas LPS também não são armazenados prevendo o reúso, o que gera retrabalho para definir e instanciar um processo de software sempre que uma nova LPS é criada. Neste contexto, este trabalho tem por objetivo apresentar uma abordagem baseada em um conjunto de serviços para promover o amplo reúso de ativos produzidos e de elementos de processo utilizados, além de facilitar a criação e o desenvolvimento de linha de produtos de software, permitindo o gerenciamento do núcleo de ativos reusáveis. Por possuir uma interface baseada em serviços, esta abordagem poderá ser incorporada também a outros ambientes. Para validar a abordagem, verificar vantagens e sugerir melhorias, foi conduzida uma prova de conceito com sua aplicação. Os resultados dessa prova comprovaram a viabilidade da abordagem em cumprir os objetivos propostos. / Software Product Lines (SPL) extract the similarity among products and use the software reuse concept to produce large-scale software with increased quality and reduction in the development time. Reuse in SPL is planned and executed since the beginning for each artifact resulting from the development process, and then these artifacts are stored in a repository (reusable core assets) for later use. However, when a repository is built for a specific SPL, it supports only the specifications for that architecture and do not promote the reuse of these assets among distinct SPL, which inhibits their reuse potential. In addition, the definition and execution data of the development process applied are not stored properly for reuse, which causes a re-work to define and instantiate a software process when creating a new SPL. In this context, this work aims at present a service-based approach to promote the wide reuse of the produced assets and process elements, also to facilitate the creation and the management of SPL and to allow the management of the reusable core assets. Once this approach has a service-based interface, it can be embedded into other environments. In order to validate this approach, point out advantages and suggest improvements, a concept proof was performed applying it. The results of this proof ensured the approach viability to fulfill the proposed goals.

Gerenciamento de LPS

Linhas de produtos de software

LPS

Managing SPL

Reúso de software

Service-based development.

Software product lines

Software reuse

SPL

Web service.

Réseaux de service web : construction, analyse et applications / Web service networks : analysis, construction and applications

Naim, Hafida

13 December 2017

Cette thèse se place dans le cadre de services web en dépassant leur description pour considérer leur structuration en réseaux (réseaux d'interaction et réseaux de similitude). Nous proposons des méthodes basées sur les motifs, la modélisation probabiliste et l'analyse des concepts formels, pour améliorer la qualité des services découverts. Trois contributions sont alors proposées: découverte de services diversifiés, recommandation de services et cohérence des communautés de services détectées. Nous structurons d'abord les services sous forme de réseaux. Afin de diversifier les résultats de la découverte, nous proposons une méthode probabiliste qui se base à la fois sur la pertinence, la diversité et la densité des services. Dans le cas de requêtes complexes, nous exploitons le réseau d'interaction de services construit et la notion de diversité dans les graphes pour identifier les services web qui sont susceptibles d'être composables. Nous proposons également un système de recommandation hybride basé sur le contenu et le filtrage collaboratif. L'originalité de la méthode proposée vient de la combinaison des modèles thématiques et les motifs fréquents pour capturer la sémantique commune maximale d'un ensemble de services. Enfin, au lieu de ne traiter que des services individuels, nous considérons aussi un ensemble de services regroupés sous forme de communautés de services pour la recommandation. Nous proposons dans ce contexte, une méthode qui combine la sémantique et la topologie dans les réseaux afin d'évaluer la qualité et la cohérence sémantique des communautés détectées, et classer également les algorithmes de détection de communautés. / As a part of this thesis, we exceed the description of web services to consider their structure as networks (i.e. similarity and interaction web service networks). We propose methods based on patterns, topic models and formal concept analysis, to improve the quality of discovered services. Three contributions are then proposed: (1) diversified services discovery, (2) services recommendation and (3) consistency of detected communities. Firstly, we propose modeling the space of web services through networks. To discover the diversified services corresponding to a given query, we propose a probabilistic method to diversify the discovery results based on relevancy, diversity and service density. In case of complex requests, it is necessary to combine multiple web services to fulfill this kind of requests. In this regard, we use the interaction web service network and the diversity notion in graphs to identify all possible services compositions. We also propose a new hybrid recommendation system based on both content and collaborative filtering. Its originality comes from the combination of probabilistic topic models and pattern mining to capture the maximal common semantic of a set of services. Finally, instead of processing individual services, we consider a set of services grouped into service communities for the recommendation. We propose in this context, a new method combining both topology and semantics to evaluate the quality and the semantic consistency of detected communities, and also rank the detection communities algorithms.

Service web

Réseau de services

Modèles thématiques

Motifs fréquents

Communautés

Analyse de concepts formels

Recommandation

Web service

Service network

Probabilistic topic modeling

Patterns mining

Community

Formal concept analysis

Recommendation

004

派翠網路運用於建構雲端服務之研究 / Using petri net for cloud computing

陳俊廷, Jiun-Ting Chen

Unknown Date

雲端運算是近來全世界最熱門的資訊議題，任何設備只要能夠連上網路，就可以享有各種不同的網路服務，這些服務可能建置在不同的機器設備上，甚至可能在相隔遙遠的雲端裡，因此也稱之為雲端服務，在操作過程中，使用者不需要擔心服務安裝在哪裡，亦不用擔心服務如何達成，可想而知網路服務的背後，隱藏著很複雜的技術與架構。 網路服務的開發方式相當地簡單且快速，為系統帶來更大的便利與彈性，不過在管理的部份，卻變得越來越複雜，例如不易瞭解網路的結構與狀態、潛在的無窮迴圈及冗餘的流程問題，甚至是在資源共享的情況下，因等待或其他因素而導致死結的情況產生。這些問題將使得網路服務組合在執行時期，可能發生無法預期的錯誤。情況嚴重時，系統可能會完全鎖死或停止，對公司將造成重大的財務及商譽上的損失。這些流程的問題，需要在網路服務組合執行前先進行驗證，本研究透過流程轉換成派翠網路的分析，以確保流程設計的正確性與穩定性。 因此，本論文運用網路服務標準，將雲端服務轉換成派翠網路模型，再以派翠網路中的針織法為分析基礎，檢驗模型的狀態，避免死結發生，並提供網路特徵報告書，以降低管理的複雜度，進而提升服務的穩定性。 / Cloud computing is regarded as the most popular recent ICT topic. Any equipment which can be connected to Internet can provide its user have the access to the various services, which may be built on different machines, or even may exist in the distant 'clouds' far away. However, in the operating process, the user has no need to worry where the service locates, needless to say how the service operates, which means that a considerably amount of data and techniques hide behind the Web service. Web service is an artifical piece of art, the user and the manager can concatenate several Web services online into a bigger one according to the conditions they need, which is a considerably simple and fast developing method bringing more convenience and flexibility for the system. Nonetheless, the managerial part also becomes more complex in problems like potential infinite loops and abundant procedures, for instance. What is worse is under the circumstance of resource sharing, the deadlocks happen while pending or other factors occur. These issues will lead to severe errors while the Web service compound operates. If the system completely locks and stops, serious financial damage and loss of commercial reputation will be caused to the company. Hence the design of procedures needs to be validated and transformed as Petri Net analysis before the Web service compound operates in order to assure the accuracy and stability of the procedure design. Therefore, this paper uses Web service standards, turning Web services into Petri Net models with knitting technique as analytical base, to validate the accuracy and stability of the model to avoid deadlock to happen in order to enhance the reliability of the service.

網路服務

雲端服務

派翠網路

針織法

死結

Web Service

Cloud services

Petri Net

knitting technique

deadlock

Security Architecture and Technologies for the Electronic Document Exchange with SOAP as Communication Protocol / Säkerhetsarkitektur och -tekniker för utbyte av elektroniska dokument med SOAP som kommunikationsprotokoll

Dahlén, Marcus

January 2005

<p>In many industries the tracking and tracing of products within the supply chain is required by law. Companies in the metal working industry exchange so-called material test reports, which specify the product’s properties, the customer’s requirements, and serve as an assurance between the supplier and the customer. Internet technologies have changed the way companies exchange information and conduct business. In the metal working industry companies can implement an intermediary platform and make the exchange of material test reports more efficient. Furthermore, a client application that allows the company to export test reports from their information system directly to the intermediary can significantly decrease the processing costs. This inter-organizational collaboration can render an increase in productivity for customers and suppliers. </p><p>The main goal of the thesis is to analyze how companies in a supply chain can exchange documents with an intermediary over the protocol SOAP as well as support companies by showing a structured procedure for how to achieve security in a system using SOAP. SOAP is a platform independent XML-based communication protocol. The Extensible Markup Language (XML) is of major importance in e-business applications, because of its platform, language, and vendor independent way of describing data. As a universal data format, it enables the seamless connection of business systems. </p><p>SOAP does not provide any security and is usually implemented over HTTP, which allows it to pass through firewalls. Companies are only prepared to join an inter-organizational collaboration if IT-security is guaranteed. In the exchange of material test reports, security has two objectives. The first is to replace the handwritten signature in the paper-based document exchange. The second is to guarantee security for the material test reports as well as for the information intermediary. </p><p>SOAP’s extensibility model allows organizations to develop new extensions, which build upon the protocol and provide functions which aren’t specified. Specifications for attachments as well as for security should be implemented in the electronic document exchange. To design a secure system, each security concept, such as confidentiality, authentication and integrity, can be analyzed in its context and the appropriate standard can thereafter be implemented.</p>

Informationsteknik

SOAP

XML

Web Service

J2EE

security

SSL

MTOM

Risk Assessment

XML Digital Signature

XML Encryption

XKMS

Informationsteknik

Information technology

Informationsteknik