Catálogo de publicaciones - libros

Recently the term Web Services Orchestration has been introduced to address composition and coordination of Web Services. Several languages to describe orchestration for business processes have been presented and many of them use concepts such as long-running transactions and compensations to cope with error handling. WS-BPEL is currently the best suited in this field. However, its complexity hinders rigorous treatment. In this paper we address the notion of orchestration from a formal point of view, with particular attention to transactions and compensations. In particular, we discuss an untimed subcalculus of [15] which is a simple and conservative extension of the -calculus. We introduce it as a theoretical and foundational model for Web Services coordination. We simplify some semantical and pragmatical aspects, in particular regarding temporization, gaining a better understanding of the fundamental issues. To discuss the usefulness of the language we consider a case study: we formalize an e-commerce transactional scenario drawing on a case presented in our previous work [12].

We describe an abstract machine, called GP, for the distributed execution of Safe Ambients (SA), a variant of the Ambient Calculus (AC).

Our machine improves over previous proposals for executing AC, or variants of it, mainly through a better management of special agents (), created upon code migration to transmit messages to the target location of the migration.

We establish the correctness of our machine by proving a weak bisimilarity result with a previous abstract machine for SA, and then appealing to the correctness of the latter machine.

More broadly, this study is a contribution towards understanding issues of correctness and optimisations in implementations of distributed languages encompassing mobility.

The definition of suitable abstractions and models for identifying, understanding and managing Quality of Service (QoS) constraints is a challenging issue of the Service Oriented Computing paradigm. In this paper we introduce a process calculus where QoS attributes are first class objects. We identify a minimal set of primitives that allow capturing in an abstract way the ability to control and coordinate services in presence of QoS constraints.

The paper investigates a formal approach to the verification of non functional software requirements, e.g. portability, time and space efficiency, dependability/robustness. The key-idea is the notion of observable, i.e., an abstraction of the concrete semantics when focusing on a behavioral property of interest. By applying an abstract interpretation-based static analysis of the source program, and by a suitable choice of abstract domains, it is possible to design formal and effective tools for non-functional requirements validation.

Software systems are becoming more open, distributed, pervasive, and connected. In such systems, the relationships between loosely-coupled application elements become non-deterministic. Coordination can be viewed as a way of making such loosely coupled systems more adaptable. In this paper we show how coordination-systems, which are analogous to nervous systems, can be defined independently from the functional systems they regulate. Such coordination systems are a network of organisers and contracts. We show how the contracts that make up the coordination-system can be used to monitor, regulate and configure the interactions between clusters of software entities called roles. Management and functional levels of contracts are defined. Management contracts regulate the flow of control through the roles. Functional contracts allow the specification of performance conditions. These contracts bind clusters of roles into self-managed composites — each composite with its own organiser role. The organiser roles can control, create, abrogate and reassign contracts. Adaptive systems are built from a recursive structure of such self-managed composites. The network of organiser roles and the contracts they control constitute a coordination-system that is a to the functional system. Association aspects are suggested as a mechanism to implement such coordination-systems.

In the context of open distributed systems, the ability to coordinate the agents coupled with the possibility to control the actions they perform is important. As open systems need to be scalable, capabilities may provide the best-fit solution to overcome the problems caused by the loosely controlled coordination of -like systems. Acting as a ‘ticket’, capabilities can be given to the chosen agents, granting them different privileges over different kinds of data—thus providing the system with a finer control on objects’ visibility to agents. One drawback of capabilities is that they can only be applied to named objects—something that is not universally applicable in since, in contrast to tuple-spaces, tuples are nameless. This paper demonstrates how the advantages of capabilities can be extended to tuples, with the introduction of , which generalise capabilities to collections of objects.

Within one model, behavioural consistency of its constituents is often problematic. Within UML such horizontal behavioural consistency between the objects of a concrete model, is particularly needed in the context of dynamic patterns. Here, we investigate delegation, which is fundamental to patterns that separate the locality of receiving a request, and one or more localities actually handling it. We specify delegation by means of the coordination language Paradigm. In particular, we present some variants of delegation in the context of a broker pattern and clarify how the Paradigm notions are the basis for understanding a solution as well as for adapting it to deal with other dynamic features.

With its decoupling of processes in space and time, the shared data space model has proven to be a well-suited solution for developing distributed component-based systems. However, as in many distributed applications, functional and extra-functional aspects are still interwoven in components. In this paper, we address how shared data spaces can support separation of concerns. In particular, we present a solution that allows developers to merely specify performance and availability requirements for data tuples, while the underlying middleware evaluates various distribution and replication policies in order to select the one that meets these requirements best. Moreover, in our approach, the middleware continuously monitors the behavior of application and system components, and switches to different policies if this would lead to better results. We describe our approach, along with the design of a prototype implementation and its quantitative evaluation.

Architectural security of a distributed system is best considered at design time rather than further down the software life cycle where it may become very expensive to make even minor modifications to the software architecture. In this paper we take Architectural Interaction Diagrams (AID) [9,8], an architecture description framework with an unique ability to encode communication efficiently and augment actions of AID components with security levels to produce SAID. This new architecture description language enables the designer to impose information flow restriction policies on system communications at design time which in turn allows a reduction of the information flow analysis problem for distributed systems to the simpler problem of information flow analysis of individual components of the distributed system.

There are many ways of achieving scalable dynamic web content. In previous work we have focused on dynamic content degradation using a standard architecture and a design-time “Just In Case” methodology. In this paper, we address certain shortcomings witnessed in our previous work by using an alternate coordination-based architecture, which has interesting applicability to run-time web server adaptation. We first establish the viability of using this architecture for high-volume dynamic web content generation. In doing so, we establish its ability to maintain high throughput in overload conditions. We go on to show how we used the architecture to achieve a “Just In Time” adaptation to achieve dynamic web content degradation in a running web application server.