Your search keyword '"Kanchana Rajaram"' showing total 11 results

1. WS-SM: Web Services - Secured Messaging Framework with Pluggable APIs

Author

Kanchana Rajaram, Chitra Babu, Anna University, Aravindan Chandrabose, Ulrich Furbach, Ashish Ghosh, Anand Kumar M., and TC 12

Subjects

Service (business), Authentication, Computer science, SOAP, computer.internet_protocol, Interoperability, Throughput, 02 engineering and technology, SOAP messages, 021001 nanoscience & nanotechnology, User requirements document, computer.software_genre, Computer security, 020204 information systems, Security, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], Confidentiality, Threats, Web service, 0210 nano-technology, computer, Web services, Composition

Abstract

Part 3: Data Science; International audience; Dynamic composition of web services is important in B2B applications where user requirements and business policies change and new services get added to the service registry frequently. In a dynamic composition environment, ensuring the security of messages communicated among the web services becomes challenging since, several attacks are possible on SOAP messages in the public network due to their standardized interfaces. Most of the existing works on web services security provide solutions to ensure basic security features such as confidentiality, integrity, authentication, authorization, and non-repudiation. Few existing works that provide solutions such as schema validation and schema hardening for attacks on web services do not provide attack-specific solutions. The web services security standard and all the existing works have addressed only the security of messages between a client and a single web service but not the security for messages between two services which is quite challenging. Hence, a security framework for secured messaging among web services has been proposed to provide attack-specific solutions. Since new types of web service attacks are evolving over time, the proposed security solutions are implemented as APIs that are pluggable in any server where the web service is deployed. The proposed framework has been tested for compliance with WSI-BP to demonstrate its interoperability and subjected to vulnerability testing which proved its immunity to attacks. The stress testing results revealed that the throughput decreased only by 35% achieving a good trade-off between performance and security.

Published

2020

2. Tx-FAITH

Author

Kanchana Rajaram, Arun Adiththan, and Chitra Babu

Subjects

Service (systems architecture), Computer Networks and Communications, Computer science, business.industry, Process (engineering), Distributed computing, Context (computing), computer.software_genre, User requirements document, Consistency (database systems), Workflow, The Internet, Web service, business, computer, Software, Information Systems

Abstract

A key challenge in B2B and B2C applications involving dynamic composition of workflow activities is to ensure their reliable execution, in view of frequent failures in the internet environment where a composed service is executed. Existing approaches for transactional coordination of composite web services, consider forward and backward recovery alone, in order to maintain consistency in the case of failures. However, while achieving reliable execution, service cancellability is important due to the predominance of long running processes in business applications and frequently changing user requirements and business policies. If the execution of a long running process is not cancelled in the case of a changed requirement, the completion of the process results in wastage of resources and the outcome may no longer be useful. Hence, a transactional coordination framework named as Tx-FAITH is proposed to handle the cancellation recovery under the external interruption and cancellation of transactions. Tx-FAITH considers hierarchically composed web services whose components are recursively nested to form a composition and adapts a coordination approach based on context information. The proposed coordination and recovery approach when tested with 200 simultaneous users and with a database size of 0.35 million records, incurs only 10 seconds to process a request.

Published

2014

3. Deriving reliable compositions using cancelable web services

Author

Chitra Babu and Kanchana Rajaram

Subjects

Composite services, Service (business), Engineering, Database, business.industry, Reliability (computer networking), General Medicine, Service composition, computer.software_genre, Transactional leadership, Order (business), Component (UML), Web service, Software engineering, business, computer

Abstract

Reliability is one of the main challenges while composing web services. Due to the inherent heterogeneity of web services, it is important to predict the behaviour of the overall composite service. Existing works that deal with reliable web service composition consider only three basic transactional properties such as pivot, retriable, and compensatable. When a service fails, its results can be ignored if it is pivot; it can be retried until it succeeds if it is retriable; or the previously completed services must be rolled back if they are compensatable, in order to achieve reliable execution. In general, business applications involve long running services. Service execution must be interrupted to adapt to dynamically changing user preferences since execution of the service to completion with the older requirements is no longer meaningful. Hence, service composition requires additional transactional support beyond the three transactional properties. To address this need, we introduce cancelable services and investigate the transactional properties of composite services that involve cancelable component services. The valid compositions, which result in a reliable execution are identified and formally verified.

Published

2014

4. Specification of Transactional Requirements for Web Services using Recoverability

Author

Chitra Babu, Kanchana Rajaram, and Arun Adiththan

Subjects

Service (business), General Computer Science, Database, Transactional leadership, SIMPLE (military communications protocol), Process (engineering), Computer science, Services computing, Service selection, Web service, computer.software_genre, WS-Policy, computer

Abstract

In Service-Oriented Computing (SOC), a business transaction comprises of several web services provided by multiple enterprises. The transactional behaviour of individual web services must be considered for service selection so that the composition of web services results in a reliable execution. It is difficult for a business analyst to envisage the desired business policies of a process in terms of transactional properties of the corresponding service. Hence, an abstract mechanism that enables the business analyst to specify the transactional properties in a simple manner must be introduced. Towards this objective, it is proposed to express the transactional properties in terms of the recoverability of services. The transactional web services are grouped into different levels of recoverability based on their recovery cost. The estimated recovery costs are empirically verified and validated.

Published

2013

5. QUANCE: Quality-Driven Automated Negotiation for Composite Web Services

Author

Kanchana Rajaram and Chitra Babu

Subjects

Service (business), Knowledge management, Process management, business.industry, Computer science, Quality of service, media_common.quotation_subject, 020206 networking & telecommunications, Context (language use), 02 engineering and technology, Service provider, computer.software_genre, Negotiation, Component (UML), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Quality (business), Web service, business, computer, media_common

Abstract

With the advent of web services, Quality of Service (QoS) serves as a benchmark to differentiate various available services and their providers. QoS characterizes the nonfunctional aspects of a web service and plays a crucial role in the area of dynamic composition of web services. There have been many works on QoS-based negotiation and service selection in deriving an appropriate web service composition. However, automated negotiation is more complex in the context of composite services. The negotiation between a service provider for a composite service and a requester has to be translated into complex one-to-many negotiations that involve the providers of the component services. In this context, this paper proposes an approach, namely, QUANCE that automates the negotiation of QoS parameter values between the service consumer and the service provider of a composite service in a service-oriented environment. This approach is tested using scenarios of an e-governance application that caters to the various operations related to vehicle registration.

Published

2016

6. Monitoring flow of web services in dynamic composition using event calculus rules

Author

R Shanmuga Priya and Kanchana Rajaram

Subjects

Service (business), Database, computer.internet_protocol, WS-I Basic Profile, Computer science, business.industry, Business process, Services computing, computer.software_genre, Business Process Execution Language, Web service, WS-Policy, Software engineering, business, computer, Event calculus

Abstract

Monitoring composition of web services is important to ensure provisioning of a valid business process. Most of the existing works on service monitoring focused either on QoS violations or service interactions during execution of services that are statically composed. However, dynamic composition of services wherein the services are discovered and composed at runtime based on user requirements and outcome of previously composed services is significant for business applications with frequently changing user requirements and business policies. In such scenarios, the order in which the services are composed must be monitored to comply with business polices. Otherwise, the composition leads to incorrect and inconsistent results. To address this issue, a runtime monitoring framework is proposed in this paper that monitors composition order of services that are dynamically composed, validates it using predefined rules and initiates corrective actions in case of violations from rules. The web services and the rules for composition flow have been expressed as event calculus axioms that are useful in validating the composition order. The performance of the proposed framework has been assessed and it is found out that it introduces only a marginal overhead on turnaround time of the user request as compared to absence of monitoring.

Published

2015

7. DILT: A Hybrid Model for Dynamic Composition and Execution of Heterogeneous Web Services

Author

Kanchana Rajaram, Akshaya Ganesan, and Chitra Babu

Subjects

Service (business), Database, Computer science, computer.internet_protocol, SOAP, Distributed computing, Services computing, Service-oriented architecture, computer.software_genre, Outcome (game theory), Workflow, Order (business), Web service, computer

Abstract

Business applications in domains such as e-Governance, require collaboration among both Governmental and non Governmental departments, which raises the need for composing SOAP-based as well as RESTful services. Existing works address this objective using static composition alone. However, it would be beneficial if users can specify the requirements during run-time, based on the outcome of the previous services executed. In general, business applications follow a predefined order and consequently the composition process can follow a template of business activities. Existing works on dynamic web service composition either separate the composition and execution phases distinctly or perform them in an interleaved fashion. The former approach cannot adapt to changes in run-time whereas the latter can select services based on the outcome of previous service executions. However, the interleaved approach does not support business activities that have a specific ordering among them. Hence, a novel hybrid model - Dynamic InterLeaved Template DILT - that enables interleaved composition and execution of web services based on predefined workflow templates has been proposed in this paper. This hybrid model lends itself naturally for composing both SOAP-based and RESTful services.

Published

2015

8. API based security solutions for communication among web services

Author

A. Kanchana Rajaram, B. Chitra Babu, and null C. Kishore Kumar R

Subjects

Web standards, Web server, Web development, Web 2.0, computer.internet_protocol, Computer science, SOAP, Covert channel, User requirements document, Asset (computer security), Internet security, Computer security, computer.software_genre, Web API, Electronic mail, Devices Profile for Web Services, Web page, WS-Addressing, Authentication, Cloud computing security, business.industry, WS-I Basic Profile, Service-oriented architecture, Service provider, Web application security, Application layer, Security service, Middleware (distributed applications), Middleware, Web service, business, WS-Policy, computer, XML, Computer network

Abstract

The popularity of web services has largely influenced the way in which enterprise business is conducted. Since web services enable easy accessibility of data, dynamic connections, and relatively less human interventions, ensuring confidentiality and integrity of data that is transmitted via web services protocols becomes more significant. If a single service does not fulfill the service consumer requirements, it is necessary to compose several web services, which together satisfy the user requirements. Security attacks occur on SOAP messages that are communicated among web services while accessing a service or during service composition. Most of the existing works on web services security have provided solutions only for ensuring client authentication, confidentiality, and integrity of information in network layer and not in application layer. WS-Security and XML based web service security also provides message layer security in network layer and not in application layer. Hence, a novel approach that prevents the message alteration attack on SOAP messages and a security solution that detects and overcomes XML injection attack have been proposed in this paper. Our approach uses pluggable APIs in the service provider side and security services in the middleware side. The attacks were simulated and non-vulnerability of the proposed solutions to these attacks have been verified.

Published

2013

9. Template based SOA framework for dynamic and adaptive composition of web services

Author

Kanchana Rajaram and Chitra Babu

Subjects

Web standards, medicine.medical_specialty, Web development, Web 2.0, computer.internet_protocol, Service delivery framework, Computer science, Services computing, computer.software_genre, World Wide Web, medicine, Mashup, Web services software architecture, WS-Addressing, business.industry, WS-I Basic Profile, Service-oriented architecture, Differentiated service, Web application security, Business Process Execution Language, Web mapping, Web service, Web intelligence, business, Software engineering, WS-Policy, Software architecture, computer, Web modeling

Abstract

Automated Web service composition is currently one of the major research problems in the area of service oriented computing. Web services facilitate seamless business-to-business integration. Whenever it becomes difficult to find a single service for a particular task, a composition of services that can together perform the given task, is required. In general, this is accomplished using Service Oriented Architecture (SOA). However, the requirements of the users are frozen before the system locates, composes and executes the required services. The response is not personalized to the user environment. Further, conventional web services cannot handle the context and the context aware web services need to contain the context processing logic. Hence, we propose a framework for dynamic composition of Web services using templates in SOA. This framework allows maximum flexibility for the users to change their requirements at runtime and provides adaptive composition irrespective of whether a web service is context enabled or not.

Published

2010

10. Dynamic Contract Generation and Monitoring for B2B Applications with Composite Services

Author

S. Usha Kiruthika and Kanchana Rajaram

Subjects

Service (business), Service system, Process management, Database, Service assurance, Computer science, business.industry, Service delivery framework, Service design, Service level objective, Service level requirement, Service provider, computer.software_genre, User requirements document, Outsourcing, Service-level agreement, Customer Service Assurance, Basic service, Web service, business, WS-Policy, computer, Service desk

Abstract

The Service Level Agreements (SLA) are e-Contracts that need to be established among business partners and monitored to ensure that web services comply with the agreed Quality of Service (QoS) values. Existing approaches deal with automated contract generation for simple Web Services. Many business enterprises implement their core business service, while outsourcing other application services. When a single service cannot satisfy the user requirements, multiple Web Services must be composed which can together fulfill the request. Therefore, establishment of SLA among the component services of a composite service and the users becomes important. Hence, we have designed and implemented a framework for generating and monitoring e-Contracts for business applications involving composite Web Services. We have demonstrated our work using the scenarios of an Insurance application. A template based approach is used for composing the Web Services dynamically.

Published

2010

11. Dynamic Transaction Aware Web Service Selection

Author

Chitra Babu, Kanchana Rajaram, and Arun Adiththan

Subjects

Database, Computer science, business.industry, Service delivery framework, Service design, Service level objective, Service level requirement, Differentiated service, computer.software_genre, Computer Science Applications, World Wide Web, Workflow, Web service, business, WS-Policy, computer, Information Systems

Abstract

Web service composition, that recursively constructs a composite web service out of the existing services based on a business workflow has been acknowledged as a promising approach to meet the user demands, whenever a single service alone cannot fulfil the needs. In view of frequent failures in the internet environment where the composed service is executed, reliability of the composed service must be ensured. The reliability is determined by the behavioral or transactional properties of component services. The component services for each activity of the workflow must be selected based on their behavior so that their execution results in a consistent termination. Service selection must happen at run-time in order to consider the services available in a service registry at the time of execution. Towards this need, a dynamic transaction aware web service selection approach is proposed in this paper. Further, whenever user requirements change, a long running transaction must be interrupted and cancelled which is not addressed by any of the existing works. Hence, service cancellability property is proposed in this paper and incorporated in the dynamic selection approach. The overhead of the proposed run-time selection approach is assessed and the impact of increased services on its performance is also measured.

Published

2014