Design of Service–Based Systems with Adaptive Tradeoff Between Security and Service Delay

  • Stephen S. Yau
  • Min Yan
  • Dazhi Huang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4610)


Service-based Systems (SBS) have the advantage of composing distributed systems from various services provided by multiple providers transparently. In addition to functional correctness, multiple non-functional QoS requirements should also be satisfied in such systems. Among these QoS requirements, security protection and real-time performance are the two major concerns. However, neither application users, nor service providers, have adequate control over such QoS of SBS. In this paper, an approach to the design of SBS with the capability of tradeoff between security and service delay of composite services running across various service hosts is presented in order to satisfy both security and real-time performance requirements simultaneously.


Service Composition Security Level Composite Service Service Interface SPARQL Query 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Jones, S.: Toward an Acceptable Definition of Service. IEEE Software 22(3), 87–93 (2005)CrossRefGoogle Scholar
  2. 2.
    Yau, S.S., et al.: Situation-Awareness for Adaptable Service Coordination in Service-based Systems. In: Proc. 29th Annual Int’l. Computer Software and Application Conf. pp. 107–112 (2005)Google Scholar
  3. 3.
    Yau, S.S., et al.: Automated Agent Synthesis for Situation Awareness in Service-based Systems. In: Proc. 30th Annual Int’l. Computer Software and App. Conf. pp. 503– 510 (2006)Google Scholar
  4. 4.
    Yau, S.S., et al.: A Software Cybernetic Approach to Deploying and Scheduling Workflow Applications in Service-based Systems. In: Proc. 11th Int’l. Workshop on Future Trends of Distributed Computing Systems, pp. 149–156 (2007)Google Scholar
  5. 5.
    Abdelzaher, T.F., et al.: Feedback Performance Control in Software Services. IEEE Control Systems Magazine 23(3), 74–90 (2003)CrossRefGoogle Scholar
  6. 6.
    Tsai, W.T., et al.: RTSOA: Real-Time Service-Oriented Architecture. In: Proc. 2nd IEEE Int’l. Workshop on Service-Oriented System Engineering, pp. 49–56 (2006)Google Scholar
  7. 7.
    Hao, W., et al.: An Infrastructure for Web Services Migration for Real-Time Applications. In: Proc. 2nd IEEE Int’l. Workshop on Service-Oriented System Engineering, pp. 41–48 (2006)Google Scholar
  8. 8.
    Lu, C., et al.: Feedback Control Architecture and Design Methodology for Service Delay Guarantees in Web Servers. IEEE Trans. on Parallel and Distributed Systems 17(9), 1014–1027 (2006)CrossRefGoogle Scholar
  9. 9.
    Yau, S.S., Yao, Y., Yan, M.: Development and Runtime Support for Situation-Aware Security in Autonomic Computing. In: Proc. 3rd Int’l. Conf. on Autonomic and Trusted Computing, pp. 173–182 (2006)Google Scholar
  10. 10.
    Wada, H., Suzuki, J., Oba, K.: A Service-Oriented Design Framework for Secure Network Applications. In: Proc. 30th Annual Int’l. Computer Software and App. Conf, pp. 359–368 (2006)Google Scholar
  11. 11.
    Spyropoulou, E., Levin, T., Irvine, C.: Calculating Costs for Quality of Security Service. In: Proc. 16th Annual Conf. Computer Security Applications, pp. 334–343 (2000)Google Scholar
  12. 12.
    Son, S.H., Zimmerman, R., Hansson, J.: An Adaptable Security Manager for Real-Time Transactions. In: Proc. 12th Euromicro Conf. on Real-Time Systems, pp. 63–70 (2000)Google Scholar
  13. 13.
    Xie, T., et al.: Real-Time Scheduling with Quality of Security Constraints. Int’l. Jour. High Performance Computing and Networking (2006)Google Scholar
  14. 14.
    Berbner, R., et al.: Heuristics for QoS-aware Web Service Composition. In: Proc. Int’l Conf. on Web Services, pp. 72–82 (2006)Google Scholar
  15. 15.
    SPARQL Query Language for RDF. W3C Working Draft 26 (2007),
  16. 16.
    Yau, S.S., Liu, J.: Functionality-based Service Matchmaking for Service-Oriented Architecture. In: Proc. of 8th Int’l. Symp. on Autonomous Decentralized Systems, pp. 147–152 (2007)Google Scholar
  17. 17.
    Kang, K., Son, S.: Systematic Security and Timeliness Tradeoffs in Real-Time Embedded Systems. In: Proc. 12th IEEE Int’l. Conf. on Embedded and Real-Time Computing Systems and Applications, pp. 183–189 (2006)Google Scholar
  18. 18.
    Yau, S.S., Liu, J.: Incorporating Situation Awareness in Service Specifications. In: Proc. 9th IEEE Int’l. Symp. on Object and Component-oriented Real-time Distributed Computing, pp. 287–294 (2006)Google Scholar
  19. 19.
    Cavanaugh, C.D.: Toward a Simulation Benchmark for Distributed Mission-Critical Real-time Systems. In: Proc. Networking, Sensing and Control, pp. 1037–1042 (2005)Google Scholar
  20. 20.
    Goldsack, S.J., Finkelstein, A.C.W.: Requirements Engineering for Real-time Systems. Jour. Software Engineering 6(3), 101–115 (1991)CrossRefGoogle Scholar
  21. 21.
    Wang, C., Wulf, W.A.: A Framework for Security Measurement. In: Proc. National Information Systems Security Conf. pp. 522–533 (1997)Google Scholar
  22. 22.
    Barbieri, R., Bruschi, D., Rosti, E.: Voice over IPsec: Analysis and Solutions. In: Proc. 18th Annual Computer Security Applications Conference, pp. 261–270 (2002)Google Scholar
  23. 23.
    Nascimento, A., Passito, A., Mota, E.: Can I Add a Secure VoIP Call. In: Proc. 2006 Int’l. Symp. On a World of Wireless, Mobile and Multimedia (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Stephen S. Yau
    • 1
  • Min Yan
    • 1
  • Dazhi Huang
    • 1
  1. 1.Department of Computer Science and Engineering, School of Computing and Informatics, Arizona State University, Tempe, AZ 85287-8809USA

Personalised recommendations