Towards A Dependable Software Paradigm for Service-Oriented Computing

  • Xiaoxing Ma
  • S.C. Cheung
  • Chun Cao
  • Feng Xu
  • Jian Lu


Service-Oriented Computing (SOC) is an emerging computational paradigm that achieves business goals through dynamic service integration over the Internet. It provides interesting features such as flexible service coordination, dynamic system evolution, and service access control. While these features increase the power and flexibility of computation, they brings along new challenges. This chapter reviews the various challenges of supporting SOC and discusses the issues of addressing them using adaptive service coordination architecture. The architecture is motivated by the principle of solving complex problems through concern separation. For example, our architecture separates the concerns of (a) coordination logic from service entities, (b) service evolution from service interaction, and (c) user-centric trust management from dependability analysis. The concern separation is achieved by four artifacts: a service coordination and evolution model, environment-driven self-adaptation support, a coordination-aware access control mechanism and a trust management framework. The architecture provides a flexible infrastructure by which SOC can be seamlessly supported.


Access Control Software Architecture Trust Relationship Trust Management Access Control Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.



The work is supported by the NSFC grant under no. 60736015, 60721002, 60603034, the 973 Program of China under no. 2009CB320702 and the 863 Program of China under no. 2007AA01Z178.


  1. [1]
    Aldrich J (2003) Using Types to Enforce Architectural Structure. PhD thesis, University of Washington, August 2003.Google Scholar
  2. [2]
    Avizienis A, Laprie JC, Randell B, Landwehr C (2004) Basic concepts and taxonomy of dependable and secure computing. IEEE Transactions on Dependable and Secure Computing. 1(1):11-32CrossRefGoogle Scholar
  3. [3]
    Bhatti R, Bertino E, Ghafoor A (2005) A Trust-based Context-Aware Access Control Model for Web Services. International Distributed and Parallel Databases Journal 18(1): 83-105CrossRefGoogle Scholar
  4. [4]
    Bhatti R, Joshi JBD, Bertino E, Ghafoor A (2004) XML-based RBAC Policy Specification for Secure Web-Services. IEEE Computer 37(4):41-49Google Scholar
  5. [5]
    Blaze M, Feigenbaum J, Lacy J (1996) Decentralized trust management. In: Proc. 17th Symposium on Security and Privacy. 164-173Google Scholar
  6. [6]
    Blaze M, Feighenbaum J, Keromytis, AD (1999) Keynote: trust management for public-key infrastructures. In: Christianson B, Crispo B, William S, et al., eds. Cambridge 1998 Security Protocols International Workshop. Berlin: Springer-Verglag, 59-63Google Scholar
  7. [7]
    Cao C (2007) On Access Control in Service Computing. PhD thesis, Nanjing University, 2007.Google Scholar
  8. [8]
    Cheng SW (2008) Rainbow: Cost-effective software architecture-based self-adaptation. Ph.D. thesis. School of Computer Science, Carnegie Mellon University, Pittsburgh, PA.Google Scholar
  9. [9]
    Cheng BHC, de Lemos R, Giese H, et al. (2008) Software engineering for self-adaptive systems: A research road map. In: Dagstuhl Seminar Proceedings 08031.Google Scholar
  10. [10]
    Sirer EG, Wang K (2002) An access control language for web services. In: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies ACM, New York, NY, 23-30. doi:10.1145/507711.507715CrossRefGoogle Scholar
  11. [11]
    Ferguson DF, Stockton ML (2005) Service-oriented architecture: Programming model and product architecture. IBM SYSTEMS JOURNAL 44(4):753-780CrossRefGoogle Scholar
  12. [12]
    Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chandramouli R. (2001) Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. 4(3): 224-274CrossRefGoogle Scholar
  13. [13]
    Garlan D, Allen R, Ockerbloom J (1995) Architectural mismatch or why it's hard to build systems out of existing parts. In: Proceedings of the 17th international Conference on Software Engineering 179-185.Google Scholar
  14. [14]
    Garlan D, Cheng SW, Huang AC, Schmerl B, Steenkiste P. (2004) Rainbow: Architecture-based self-adaptation with reusable infrastructure. Computer, 37(10):46–54CrossRefGoogle Scholar
  15. [15]
    Garlan D, Monroe RT, Wile D (2000) Acme: Architectural description of component-based systems. In: Leavens GT, Sitaraman M, eds. Foundations of Component-Based Systems, Cambridge University Press. 47–68Google Scholar
  16. [16]
    Hulsebosch RJ, Salden AH, Bargh MS, Ebben PW, Reitsma J (2005) Context sensitive access control. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies(Stockholm, Sweden, June 01 - 03, 2005). SACMAT '05. ACM, New York, NY, 111-119CrossRefGoogle Scholar
  17. [17]
    Krammer J, Magee J (1998) Analysing dynamic change in distributed software architectures. IEE Proceedings-Software, 145(5):146-154CrossRefGoogle Scholar
  18. [18]
    Lamsweerde AV. (2000) Goal-oriented requirements engineering: a guided tour. In: Proceedings of the 5th IEEE International Symposium on Requirements Engineering. Toronto: IEEE Computer Society, 249–262CrossRefGoogle Scholar
  19. [19]
    Le Metayer D (1998) Describing software architecture styles using graph grammars. IEEE Transactions on Software Engineering 24(7):521–533CrossRefGoogle Scholar
  20. [20]
    Li N, Mitchell JC, Winsborough WH (2002) Design of a Role-Based Trust-Management Framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy(May 12 15, 2002). SP. IEEE Computer Society, Washington, DC, 114.Google Scholar
  21. [21]
    Lu J, Ma X, Tao X, Cao C, Huang Y, Yu P (2008) On environment-driven software model for Internetware, Science in China, Series F: Information Science, 51(6):683-721CrossRefGoogle Scholar
  22. [22]
    Ma X, Cao C, Yu P, Zhou Y (2008). A supporting environment based on graph grammar for dynamic software architectures. Journal of Software, 19(8):1881–1892.CrossRefGoogle Scholar
  23. [23]
    Ma X, Zhou Y, Pan J, Yu P, Lu J (2007) Constructing Self-Adaptive Systems with Polymorphic Software Architecture. In: Proceedings of the 19 th International Conference on Software Engineering and Knowledge Engineering 2-8Google Scholar
  24. [24]
    Maes P (1987) Concepts and experiments in computational reflection. SIGPLAN Not. 22(12):147-155CrossRefGoogle Scholar
  25. [25]
    Mamei M, Menezes R, Tolksdorf R, and Zambonelli F (2006) Case studies for self-organization in computer science. Journal of Systems Architecture 52(2):440-460Google Scholar
  26. [26]
    Martin D, Paolucci M, McIlraith S, et al. (2005) Bringing Semantics to Web Services: The OWL-S Approach. In: Cardoso J, Sheth A eds. SWSWPC 2004. LNCS 3387:26 – 42Google Scholar
  27. [27]
    Medvidovic N, Taylor RN (2000) A classification and comparison framework for software architecture description languages. IEEE Transaction on Software Engineering, 26(1):70–93CrossRefGoogle Scholar
  28. [28]
    Milanovic N, Malek M (2004) Current solutions for Web Service composition. IEEE Internet Computing. November/December 2004:51-59Google Scholar
  29. [29]
    Papadopoulos GA, Arbab F (1998) Coordination Models and Languages, Advances in Computers 46:330-401Google Scholar
  30. [30]
    Papazoglou MP, Georgakopoulos D (2003) Service-oriented computing: Introduction. Commun. ACM 46(10):24-28. doi:10.1145/944217.944233CrossRefGoogle Scholar
  31. [31]
    Papazoglou MP, Traverso P, Dustdar S, Leymann F, Krämer BJ (2006) Service-Oriented Computing: A Research Roadmap. In: Service Oriented Computing, Dagstuhl Seminar Proceedings.Google Scholar
  32. [32]
    Papazoglou MP, van den Heuvel WJ (2005) Web services management: a survey. IEEE Internet Computing 9(6):58 – 64CrossRefGoogle Scholar
  33. [33]
    Pressman S (2005)Software Engineering: A Practitioner's Approach. Sixth Edition. McGraw-Hill EducationGoogle Scholar
  34. [34]
    Reussner R, Schmidt H, Poernomo I (2003) Reliability prediction for component-based software architectures, Journal of Systems and Software 66(3):241-252CrossRefGoogle Scholar
  35. [35]
    Samarati P, de Vimercati SC (2001) Access Control: Policies, Models, and Mechanisms. In: Focardi R, Gorrieri R eds. Revised Versions of Lectures Given During the IFIP WG 1.7 international School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial LecturesLecture Notes In Computer Science, vol. 2171. Springer-Verlag, London. 137-196Google Scholar
  36. [36]
    Shaw M (2000) Sufficient correctness and homeostasis in open resource coalitions: How much can you trust your software system. In: Proceedings of the Fourth International Software Architecture Workshop, IEEE Computer Society, 2000. 46˜50.Google Scholar
  37. [37]
    Shaw M (2002) Self-Healing": Softening Precision to Avoid Brittleness. Position paper for Workshop on Self-Healing Systems.Google Scholar
  38. [38]
    Shaw M, Garlan D (1996) Software Architecture: Perspective on an emerging discipline. Prentice Hall.Google Scholar
  39. [39]
    Wang Y, Lu J, Xu F, Zhang L. (2006) A trust measurement and evolution model for Internetwares. Journal of Software 17(4):682-690 (in Chinese with English abstract).MATHCrossRefGoogle Scholar
  40. [40]
    Wang W, Wu Y, Chen M (1999) An architecture-based software reliability model. In: Proc. Of Pacific Rim International Symp. On Dependable Computing Google Scholar
  41. [41]
    Xu F, Pan J and Lu W. (2008) A Trust-based Approach to Estimating the Confidence of the Software System in Open Environments. Technical Report. Institute of Computer Software, Nanjing UniversityGoogle Scholar
  42. [42]
    Zhang G, Parashar M (2003) Dynamic Context-aware Access Control for Grid Applications. In: Proceedings of the 4th international Workshop on Grid Computing IEEE Computer Society, Washington, DC.Google Scholar

Copyright information

© Springer-Verlag US 2009

Authors and Affiliations

  • Xiaoxing Ma
    • 1
    • 2
  • S.C. Cheung
    • 2
  • Chun Cao
    • 1
  • Feng Xu
    • 1
  • Jian Lu
    • 1
  1. 1.State Key Laboratory for Novel Software TechnologyNanjing UniversityNanjingChina
  2. 2.Department of Computer Science and EngineeringHong Kong University of Science and TechnologyKowloonHong Kong

Personalised recommendations