Your SlideShare is downloading. ×
Semantic Web Services  (Standards, Monitoring, Testing and Security)
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Semantic Web Services (Standards, Monitoring, Testing and Security)

1,259
views

Published on

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,259
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
58
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Web Services technologies are working towards an environment where organizations can make some of their abilities accessible via the Internet. Web Service technology provides a standard and widely accepted way of defining these interfaces
  • This is done by ‘wrapping’ some computational capability with a Web Service interface, and allowing other organizations to locate it (via UDDI) and interact with it (via WSDL). Hence, Web Service technology allows the description of an interface in a standard way,
  • Scalability in expansion of scaling the capabilities in geographic location scale in administration of scaling
  • The Semantic Web Services vision is to combine Web Services as well as Semantic Web technologies and through this to enable automatic and dynamic interaction between software systems.
  • We can annotate software being offered via Web Service interfaces with machine interpretable descriptions describing what and how the software does (namely the service it provides a potential user). Furthermore, with ontologies able to describe the services that can be provided, we can bring about ‘advertising’ of services in a way which is both rich and machine-interpretable. This allows more sophisticated discovery of services than is currently possible with UDDI.
  • Service-Providerprovides a service to a Service-Requester when the first party does something for the benefit of the secondTo describe services, the Semantic Web approach uses techniques based on knowledge representationService Description : When describing a service, there are two key design decisions which must be made initially. First, what formal language is going to be used to describe it? Should it be described using horn clause logic, description logic, non-monotonic logic or some other approach?Secondly, what specific concepts and relations are going to be permitted in descriptions? what is the meaning of these?
  • Hence, the agent property is a role the component takes, rather than some intrinsic property of the component.Often, they will be reactive not proactive, and will be hardwired to follow some pre-determined process.
  • Grounding : When two parties engage in a conversation, they must each have one or more communication endpoints to send and receive the messages according to some transport protocol. This is referred to as the grounding of the choreography.Orchestration :NOTE: the choreography specifies what is permitted of both parties, while an orchestration specifies what each party will actually do.
  • Reasoning : if one party is to reason with a description produced by the other party, then some additional reasoning will be necessary to translate between the two approaches. This additional reasoning is termed ontology mediationProtocol : Two components which are to interact with each other may each have been designed with a particular interaction choreography in mind. Unless agreement was reached between the two designers (either directly or indirectly through the adoption of a standard) then it is unlikely that the two choreographies will be identical. Process :Behind any interaction, each party has some internal process which manages the reasoning and resources necessary to bring about that interaction. Like business processIn some cases, even though the two parties are able to interact via some protocol, there may be some difference between their processes which means this interaction will not succeed.
  • It is key to enabling service interaction to take place automatically
  • Because all details of the service will be known at the outset (e.g., the provider of the service is not known, and the cost of the service may not be known), the description will be of an abstract service. This abstract service description makes up the service requirement description of the service requester.
  • Centralized Service Discovery:The most common Centralized Discovery ‘Service’ is a which is contacted by the requester using a Simple Message Exchange Protocol
  • Random And Analysis Selection: the Selection of which to contact may simply be random, or may involve some analysis of the service providers and choice of which appear in some sense ‘best’
  • 1-When the definition of a service has been agreed, then service delivery can take place ……End: If communication takes place, this is again governed by an interaction choreographyService delivery choreography : covers the exchange of messages associated directly with the delivery of the serviceMonitoring choreography : covers the exchange of messages which allow the service requester to receive information regarding the progress of the service from the providerCancellation/renegotiation choreography: allows the service requester, in certain circumstances, to cancel or alter the service which they are receiving from the provider
  • HTTP is everywhere — any machine that can run a Web browser supports HTTP because a Web browser’s protocol is HTTP.Firewalls normally allow HTTP traffic; in other words, you can use HTTP to talk to any machine.
  • WSDL : In other words, it is an advertisement of the service you provide. .
  • It defines a standard protocol specifying how one application should communicate and exchange data with another one over the Internet
  • UDDI is an open industry initiative enabling businesses to discover each other and define how they interact over the Internet.Parts: i) A registry of all a web service's metadata including a pointer to the WSDL description of a serviceii) A set of WSDL port type definitions for manipulating and searching that registry
  • Process Configuration (Discovery and Constraint analysis)Process Execution (Addressing run time heterogeneities like data heterogeneities.)
  • The Web Services Description Language (WSDL) with Semantic Annotations for WSDL and XML Schema (SAWSDL). The figure shows WSDLcomponents and the SAWSDL annotations that point to semantic concepts for specifying semantics or to schema mappings of data transformations
  • WSDL components (Interfaces, Operations, Faults)WSDL Type Definitions (Simple/ Complex types, Element/ Attribute declarations)
  • Annotation of the operation element specifies its behavioral aspects or includes other semantic definitionsAnnotation of the interface elementdescribes the Interface
  • A tool for execution of OWL-S web services must be able to interpret the Process Model of the service according to its semantics and provide a generic mechanism for invocation of web services represented as atomic processes in the Process Model. OWL-S processor that allows Web services and clients to interact on the basis of the OWL-S description of the Web service and OWL ontologiesexecution engine which can be used to develop applications that need to interact with OWL-S web servicesExecutes the Process Model by going through the Process Model while respecting the OWL-S operational semantics and invoking individual services represented by atomic processes.
  • Process Call Presents probably the most important event type. For each process type specific event types are defined representing its start and end.
  • Process Call Presents probably the most important event type. For each process type specific event types are defined representing its start and end. output data binding means the dataflow of the process model specifies that the output is produced by some previous processes).
  • NOTE : This is application layer security (not network layer security)
  • XML encryption allows for encryption of any combination of the message body, header, attachments, and sub-structures
  • SQL injection is a common malicious code. Typical identification method is to look for “;’ (semicolon) that allows for SQL commands to follow.
  • If the sender previously unknown: send credential to verify oneself.
  • In any organization, data located may have levels of sensitivity
  • Access Matrix A general model of access control as exercised by a file or database management system is that of an access matrix
  • handling activities on the WebEnables greater automation of discovery, selection, invocation, composition, monitoring, and other service management tasksEnabling the use of agents on the WebSimplicity and widespread adoption of WS building blocks are enablers
  • Transcript

    • 1. Semantic Web Services
      (Standards, Monitoring, Testing and Security)
      Department of Engineering-Information Technology
      Presented by : Reza Ghanbari
      2010
    • 2. Outline
      Introduction of Web Service
      Semantic Web Services
      Introduction
      Life Cycle
      Foundation Standards of Web Service
      HTTP
      WSDL
      SOAP
      UDDI
      Foundation Standards of Semantic Web Service
      OWL-S
      OWL-S Virtual Machine
      Monitoring of Semantic Web Service
      Security of Semantic Web Service
      Message Level Protection
      Message Privacy
      Parameter Checking
      Authentication
      Authorization
      Conclusion of Semantic Web Services
      References
    • 3. Web Service
      • A program programmatically accessible over standard internet protocols
      • 4. Loosely coupled, reusable components
      • 5. Encapsulate discrete functionality
      • 6. Distributed
      • 7. Add new level of functionality on top of the current web
    • Web Services Framework
    • 8. Problems of Web Services
      Descriptions are syntactic
      It says nothing (in machine - interpretable form) about what the software system does, or what sequence of messages is used to interact with it.
      All tasks associated with web services application development have to be carried out by humans like discovery, composition and invocation
      Problems of scalability
    • 9. Vision of Semantic Web Services
    • 10. Semantic Web Services
      Semantic Web Technology
      Machine readable data
      Ontological basis
      Applied to
      Web Services Technology
      Reusable computational resources
      To automate all aspects of application development through reuse
    • 11. Semantic Web Services Concepts
      Service
      Service Provider & Requester
      Concrete Service
      A specific performance of actions at a given time by one party for another
      Service Description
      A computational machine-readable representation of the service, in terms of the value which it provides
      Abstract Service Description
      Concrete Service Description
    • 12. S.W.S. Concepts[1]
      Agents
      Software components which represent the parties as agents for the online presence as well as the automated representation
      Service Provider Agent
      Service Requester Agent
      Act as representatives online on behalf of some party
    • 13. S.W.S. Concepts[2]
      Communication
      An online service interaction between the Service Provider Agent and the Requester Agent to exchange of messages according to a certain protocol known by both the parties
      Choreography
      A communication protocol among multiple parties during the automated online services
      Determines the constraints on the ordering of messages sent
      Grounding
      One or more communication endpoints to send and receive the messages according to some transport protocol
      Orchestration
      A specification of an agent to provide type as well as sending time of a message
    • 14. S.W.S. Concepts[3]
      Mediation
      Data Mediation
      Consists of transforming from one syntactic format to another which may expect different syntactic formats of the messages provided by different Service Provider Agents
      Ontology Mediation
      Is used to make different choices based on the vocabulary when two parties describe services
      Reasoning
      One party is to reason with a description produced by the other party
      Some additional reasoning will be necessary to translate between the two approaches
      Protocol Mediation
      Reconciles the two different design of the interaction choreographies
      Translating a message sequence into a different message sequence to accomplish the same end
      Process Mediation
      Reconciles the differences in the internal processes at the side of each party
      The hardest form of mediation ( may impossible without engaging in process re-engineering)
    • 15. S.W.S. Concepts[4]
      If the messages and choreographies are annotated semantically, then the mediation is possible automatically
    • 16. S.W.S. Concepts[5]
      Life Cycle
    • 17. S.W.S. Concepts[6]
      Service Modeling Phase
      Outset of the discovery phase
      Service Requester prepares a description of the service what is interested in receiving
      Service Providers create abstract service descriptions representing the service in which can be provided
    • 18. S.W.S. Concepts[7]
      Service Discovery Phase
      Matching
      Compatibility of the requirement description and the offer description
      Centralized Service Discovery
      SMEP (Simple Message Exchange Protocol)
      During discovery, a requester may identify several providers which are potentially able to meet their needs
    • 19. S.W.S. Concepts[8]
      Service Definition Phase
      The conversation among the Service Requester and one or more contacted as well as identified Service Providers
      Random Selection
      Analysis Selection
      Service Requester and Provider have agreed a service to be delivered, when the phase is successfully completed between two parties
    • 20. S.W.S. Concepts[9]
      Service Delivery Phase
      It can take place ;
      Immediately
      while after service definition has been completed
      entirely off-line
      involve communication between the two parties
      It is again organized by an interaction choreography by;
      Service Delivery
      Monitoring
      Cancellation
    • 21. Foundation Standards of Web Service
      Hypertext Transfer Protocol (HTTP)
      Communication Protocol to achieve interoperability via the web based on a set of standards built directly upon it regardless of their choice of platform or programming language
      Benefits:
      HTTP is everywhere
      Firewalls normally allow HTTP traffic
    • 22. Foundation Standards of Web Service
      Web Service Description Language (WSDL)
      Is an XML-based language since ;
      It is a pure text format
      It is platform independent,
      It can be easily parsed by any programming language
      It is fairly easy to read
      Describes the service including the service name, functions, input and output parameters
    • 23. Foundation Standards of Web Service
      Simple Object Access Protocol (SOAP)
      Its significant lies in its relationship with HTTP
      Platform and language independent based on XML
      Communication between applications via Internet
      format of the sending messages
      W3C recommendation
      Simple and extensible
      Allows to get around firewalls
    • 24. SOAP
    • 25. Foundation Standards of Web Service
      Universal Description, Discovery and Integration (UDDI)
      UDDI is an XML-based standard for describing, publishing, and finding Web services.
      It is a specification for a distributed registry of Web services
      platform independent, open framework
      It can communicate via SOAP, CORBA, Java RMI Protocol
      It uses WSDL to describe interfaces to web services
      Open industry initiative
      Parts:
      A registry of all a web service's metadata
      A set of WSDL port type definitions
    • 26. Why add semantics to Web Services?
      Better Reuse
      Semantic descriptions of services to help find relevant services
      Better Interoperability
      Beyond syntax to semantics, mapping of data exchanged between the services
      Configuration/Composition
      Enable dynamic binding of partners
      Some degree of automation across process lifecycle
      Process Configuration
      Process Execution
    • 27. Foundation Standards of Semantic Web Services
      Semantic Annotation for WSDL and XML Schema (SAWSDL)
      Standard finished in 2007
      Annotating WSDL with semantic information
      Built on existing Web Services standards using only extensibility elements
      Mechanism independent of the semantic representation language
      Provides means for mapping data between different Web Services
    • 28.
    • 29. Foundation Standards of Semantic Web Services
      SAWSDL
      Extensibility attributes
      modelReference
      Association between a WSDL component and a concept in some semantic model
      Annotations
      WSDL components
      WSDL Type Definitions
      liftingSchemaMapping
      Mappings between WSDL Type Definitions and semantic data
      loweringSchemaMapping
      Mappings between semantic data and WSDL Type Definitions
    • 30. Foundation Standards of Semantic Web Services
      SAWSDL
      Annotation of the operation element
      Carries a reference to a concept in a semantic model that provides a high level description of the operation
      Annotation of the interface element
      Provides a reference to a concept or concepts in a semantic model
    • 31. Foundation Standards of Semantic Web Services
      SAWSDL
      Tools
      SAWSDL4J
      Java API for manipulating and creating annotated SAWSDL documents
      WSMO Studio
      Semantic Web Service and Semantic Business Process modeling environment
      Set of Eclipse plugins
      Radiant
      WSDL-S/SAWSDL Annotation Tool
      Eclipse plug-in
    • 32. OWL-S
      Ontology Web Language for Services
      Represents an upper ontology for the description of Semantic Web Services expressed in OWL
      It is a Semantic Web Services description language, expressed in OWL which describes the properties and capabilities of Web services
      Covers areas as;
      Web services capability-based search and discovery,
      Specification of service requester and provider interactions
      Service execution
    • 33. OWL-S Virtual Machine
      The OWL-S Virtual Machine (OVM)
      A generic OWL-S processor
      A generic execution engine
      Executes the Process Model of a given service
      During the execution,
      processes inputs of Service Requester and outputs returned by the Service Providers,
      realizes the control and data flow of the composite Process Model,
      uses the Grounding to invoke WSDL based web services when needed.
    • 34. Monitoring[1]
      During the process model execution
      What exactly should be monitored?
      Clear semantics of the process model
      Which model should be chosen?
      Analyzing the process model and the grounding (It is possible to identify important events that might be monitored)
      Event Types
      Process Call
      Inputs Assignment
      Outputs Processing
      Preconditions evaluation
      (Conditional) result evaluation
      Control construct execution
      Grounding events
      Failures and erroneous events
    • 35. Monitoring[2]
      Event types are derived only from the logic of the process model and therefore can be used in any application
      Event types are neutral to the purpose for which they can be used
      Process Call
      Start events are associated with input values and end events additionally with produced output values and effects.
      A simple and a composite process represent decomposition of a process into subprocesses while an atomic process represents an execution of an existing web service operation
    • 36. Monitoring[3]
      Inputs assignment
      Input values of processes can be provided either by the user (client) of the process model or by the data binding that is used
      Outputs Processing
      Outputs of atomic processes are obtained as a result of the service execution which is covered by the process call event type For simple and composite processes a new event type is needed to represent that the output value of the process is obtained from some output data binding
    • 37. Monitoring[4]
      Preconditions evaluation
      Represents process of the preconditions evaluation with variables values assigned and with the true or false status
      (Conditional) result evaluation
      Represents an evaluation of a result comprising the grounded inCondition, produced effects and output bindings. A special event type represents a situation when no result can be applied which can be failed for all conditional results.
    • 38. Monitoring[5]
      Control construct execution
      For each control construct one event type represents its start and one its end
      For control constructs whose execution depends on an expression evaluation (if-then-else, repeat-while, repeat-until) the information representing this expression evaluation and the branch chosen is included in the starting event type
    • 39. Monitoring[6]
      WSDL grounding events
      Defines mappings of atomic processes to WSDL operations and of inputs and outputs to WSDL messages and message parts
      Failures and erroneous events
      For different categories of errors specific event types are defined
    • 40. Web Services Security Background
      Standards are proposed or accepted regarding authentication, encryption, and identity management
      RSA ,Hash Functions and Digital Signature Algorithms
      Fundamental areas
      Message level protection
      Message privacy
      Parameter checking
      Authentication
      Authorization
      XML signatures
      SAML – Security Assertion Markup Language
    • 41. Web Services Security
      RSA
      Used for any public/private key pair
      Properties:
      E(P, E(M,P))  M
      E(P, E(M,P))  M
      Where M is Sent Message and P is the Public Key
      Hash/Digest Functions
      message dependent
      Digital Signature
      Used for Authentication , Data Integrity and Non-Repudiation
    • 42. Message Level Protection
      Message Integrity
      A provider gets the hashed message which is created by SHA-1 Algorithm , Then creates the digest again and compares with the one from the sender to verify the integrity of the messages
    • 43. Message Privacy
      Confidential Message
      Message header has token and signature
      Typically WS are chained together to form a complex service
      end-to-end encryption schemes unlike SSL
      Solution: XML encryption
    • 44. Parameter Checking
      Message validity
      To ensure the contents of a message are appropriate to the service and well formed
      To prevent the SQL injection attack , look for “ ; “ syntax
    • 45. Authentication
      Verifying that the requester is who he/she claims to be
      E.g. user name / password
      Send credential by issuing certificates to the trusted authorities
    • 46. Authorization
      Takes place after authentication and grantees the rights of accessing
      Access Control Implementations
      Access matrix
      Access Control List (ACL)
      Role Based Access Control (RBAC)
    • 47. Authorization (Access Control Implementations)
      Access matrix
      Subject: An entity capable of accessing objects. The concept of subject equates that of a process
      Object: Anything to which access is controlled. E.g. files, programs, segments of memory
      Access right: The way in which an object is accesses by the subject. Examples: read, write, and execute
      Access Control List (ACL)
      Access matrix can be decomposed by columns, yielding access control lists
      For each object, it lists the users and their permitted access rights
      It may also have a default or public entry to covers subjects that are not explicitly listed
      Elements of the list may include individual as well group of users
    • 48. Authorization (Access Control Implementations)
      Role Based Access Control (RBAC)
      Reference model
      Objects, Operations, Permissions, Roles and Users (in-band artifacts)
      System and Administrative model
      System functionality, Administrative operations and reviews
      Permission to access a resource
      Defines Roles and assigning permissions to Roles
      NOTE: OWL-S should map Users, Roles, Groups etc. to the ontology
    • 49. Conclusion of Semantic Web Services
      It is becoming an important and integral part of the Web (including intranets)
      It aims to provide an expressive, comprehensive framework for
      handling activities on the Web
      Enabling the use of agents on the Web
      Many tools and applications exist today; mostly prototype
      It is an active research area
      Strong interest and many paths to adoption also exist like the standards path
    • 50. References
      Introduction to the Semantic Web and Semantic Web Services, by Liyang Yu
      Semantic Web Services Concepts, Technologies, and Applications by Rudi Studer, Stephan Grimm, Andreas Abecker (Eds.)
      J. Kopecky, C. Bournez, and E. Prud’hommeaux, “Semantic annotations forwsdl working group,” 2007 http://www.w3.org/2002/ws/sawsdl/
      R. Akkiraju and B. Sapkota, “Semantic annotations for wsdl and xml schema usage guide,” 2007 http://www.w3.org/TR/sawsdl-guide/
      K. Verma and A. Sheth, “Using sawsdl for semantic service interoperability,”2007. http://lists.w3.org/Archives/Public/www-archive/2007May/att0081/SAWSDLSTC07-May21.pdf
      “Sawsdl4j,” http://www.schneier.com/essay-037.pdf
      “Wsmo studio,” http://www.wsmostudio.org
      “Radiant,” http://lsdis.cs.uga.edu/
      Adding Semantics to Web Services Standards, by KaarthikSivashanmugam, KunalVerma, AmitSheth, John Miller
      SAWSDL: Semantic Annotations for WSDL and XML Schema, by JacekKopecky, Tomas Vitvar, CarineBournez and Joel Farrell
      Semantic Web Services Monitoring: An OWL-S based Approach, by Roman Vaculín, KatiaSycara
      Specifying and Monitoring Composite Events for SemanticWeb Services, by Roman Vaculín, KatiaSycara
      Web Service Security Management Using Semantic Web Techniques, by Diego ZuquimGuimarães Garcia , Maria Beatriz Felgar de Toledo
      Authorization and Privacy for Semantic Web Services, by LalanaKagal and Tim Finin, NaveenSrinivasan, and KatiaSycara, SRI International
    • 51. Thank You !