fortified web services contracts for trusted components avi jencmen amiram yehudai

Fortified Web Services Contracts for Trusted Components

Avi Jencmen

Amiram Yehudai

Fortified Web Services Contracts for Trusted Components 213/12/2005

Contents

Web Services – An Introduction Software Contracts Problem Description Web Services Contracts

A Simple Example Basic Level Contracts Behavioral Level Contracts Synchronization Level Contracts QoS Level Contracts

Proof Of Concept Outline Related Work Future Work


Web Services Defined1

a software system designed to support interoperable machine-to-machine

interaction over a network

Other systems interact with Web Service using SOAP messages

Web Service interfaces are described using WSDL

1 from Web services Architecture; World Wide Web Consortium, February 2004


Web Services Architecture

SemSem

RequesterAgent

ProviderAgent

+ +

Requestor Entity Provider Entity

Requestor Human

Provider Human

4 .Parties Interact

2 .Parties Agree on Semantics & WSD

3 .Input Semantics & WSD

3 .Input Semantics & WSD

WSD WSD

Sem WSD+

1 .Parties Discover Each Other


Actors

Provider Entity A person or organization that provides an appropriate agent to

implement a particular service Provider Agent

A software agent that is capable of and empowered to perform the actions associated with a service on behalf of its owner

Requester Entity A person or organization that wishes to make use of a provider

entity’s Web Service Uses a requester agent to exchange messages with the provider

entity’s provider agent Requester Agent

A software agent that wishes to interact with a provider agent in order to request that a task be performed on behalf of its owner


Vocabulary

WSD Machine-processable specification of the Web Service interface Defines:

Message formats Datatypes Transport protocols Transport serialization formats

Written in WSDL SEM

Shared expectation about the behavior of the service The "agreement" regarding the purpose and consequences of

the interaction No standard language


Process Phases

Discover The requester entity somehow obtains both the Web

Service description (WSD) and the associated semantics (SEM) of the service

Agree The requester and provider entities agree on the

semantics and Web service description of the desired interaction

Interact The requester agent and provider agent exchange

SOAP messages on behalf of their owners


Web Services Standards

SOAP 1.2 An XML envelope

Headers + BodyAn HTTP binding

SOAP is “transport independent”A convention for doing RPCAn XML serialization format for

structured data


The SOAP Envelope<SOAP-ENV:Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">

< SOAP-ENV:Header> ... </ SOAP-ENV:Header>

< SOAP-ENV:Body> ... </ SOAP-ENV:Body> </ SOAP-ENV: Envelope>

Header:•A collection of zero or more SOAP header blocks•Extension mechanism

Body :Contains the messages to be passed between the agents


Software Contracts

Relationship between a class and its clients as a formal agreement

Expresses each party's rights and obligations Contract information can describe four different levels of

interaction: Basic level – Basic or syntactic contracts are required simply to

make a system work Behavioral level – Behavioral contracts, improve the level of

confidence in a sequential context Synchronization level – Synchronization contracts, improves

confidence in distributed or concurrency contexts QoS level – quality-of-service contracts, quantifies quality of

service and are usually negotiable


The Four Levels of Contracts


Problem Description

Web Services are a standard means to support interoperable machine-to-machine interaction

They do not solve the problem of trust between service requesters and providers

Thesis Goal: To provide a formal contract description language between the requester entity and the provider entity


A Simple Example

A company (travel agent) wants to offer the ability to book complete vacation packages: plane/train/bus tickets, hotels, car rental, excursions, etc

Service providers (airlines, bus companies, hotel chains, etc) are providing Web services to query their offerings and perform reservations

Credit card companies are providing services to guarantee payments made by consumers


Basic Level Contracts

Specify the methods, in/out parameters of the service as messages the service can receive

Basic level contracts are typically implemented as the Web Service’s underlying object interface

Interface TravelAgent { void enterDestination(in City destinationCity, in DateTime destinationDate); void setDestinationCity(in City destinationCity); void setDestinationDate(in DateTime destinationDate); FlightList getFilghts(); void chooseFlight(in Flight choosenFlight);}


WSDL 1.1

Definitions element at the root, and a collection of definitions inside

The definitions structure includes six major elements: types – provides data type definitions used to describe the

messages exchanged message – represents an abstract definition of the data being

transmitted. A message consists of logical parts, each of which is associated with a definition within some type system

portType – is a set of abstract operations. Each operation refers to an input message and output messages

binding – specifies concrete protocol and data format specifications for the operations and messages defined by a particular portType

port – specifies an address for a binding, thus defining a single communication endpoint

service – is used to aggregate a set of related ports


WSDL 1.1 Structure<wsdl:definitions name="nmtoken"? targetNamespace="uri"?> <wsdl:types> </wsdl:types> <wsdl:message name="nmtoken"> * </wsdl:message> <wsdl:portType name="nmtoken">* </wsdl:portType> <wsdl:binding name="nmtoken" type="qname"> * <-- extensibility element (1) --> * <wsdl:operation name="nmtoken"> * <-- extensibility element (2) --> * <wsdl:input name="nmtoken"? > ? <-- extensibility element (3) --> </wsdl:input> <wsdl:output name="nmtoken"? > ? <-- extensibility element (4) --> * </wsdl:output> <wsdl:fault name="nmtoken"> * <-- extensibility element (5) --> * </wsdl:fault> </wsdl:operation> </wsdl:binding> <wsdl:service name="nmtoken"> * <wsdl:documentation .... />? <wsdl:port name="nmtoken" binding="qname"> * <wsdl:documentation .... /> ? <-- extensibility element --> </wsdl:port> <-- extensibility element --> </wsdl:service> <-- extensibility element --> *</wsdl:definitions>

Binding extensibility elements are used to specify the concrete

grammar for the input (3), output (4), and fault messages (5)

Per-operation extensibility elements (2) as well as per-

binding extensibility elements (1)


Travel Agent Example<?xml version="1.0" encoding="utf-8" ?> <definitions>

<types><message name="chooseFlightSoapIn"><message name="chooseFlightSoapOut"><message name="getFilghtsSoapIn"><message name="getFilghtsSoapOut"><message name="setDestinationDateSoapIn"><message name="setDestinationDateSoapOut"><message name="setDestinationCitySoapIn"><message name="setDestinationCitySoapOut"><message name="enterDestinationSoapIn"><message name="enterDestinationSoapOut"><portType name="TravelAgentServiceSoap">

<operation name="chooseFlight"><operation name="getFilghts"><operation name="setDestinationDate"><operation name="setDestinationCity">

<operation name="enterDestination"></portType>

<binding name="TravelAgentServiceSoap" type="s0:TravelAgentServiceSoap"> <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document" />

<operation name="chooseFlight"><operation name="getFilghts"><operation name="setDestinationDate"><operation name="setDestinationCity"><operation name="enterDestination">

</binding><service name="TravelAgentService"> <port name="TravelAgentServiceSoap" binding="s0:TravelAgentServiceSoap"></service>

</definitions>

Messages to be used in the TravelAgent Web service

TravelAgentService Binding to SOAP

The service element definition


Basic Level Contracts Architecture

RequesterAgent

ProviderAgent

2 .Interact according toWSD

1 .Agree on WSD

WSD

WSDWSD

SOAP


Behavioral Level Contracts

Specify an operation’s behavior by using Boolean assertions, called pre- and postconditions, for each service offered, as well as for class invariants

Interface TicketBooking { Confirmation reserveSeats(in Flight choosenFlight, in int numOfSeats) {

Require CorrectNumber: numOfSeats > 0 and numOfSeats < reservationLimit();

Ensure SeatsReserved: availableSeats() = availableSeats()@pre – numOfSeats; } int availableSeats(in Flight choosenFlight); int reservationLimit();}


WS-Policy Framework

WS-PolicyA general-purpose model and corresponding

syntax to describe and communicate the policies of a Web service

WS-PolicyAttachmentAn addendum to WS-Policy indicating how to

attach policy assertions to an XML document (specifically to an WSDL document)


WS-Policy Structure

<?xml version="1.0" encoding="utf-8" ?><wsp:Policy>

<wsp:ExactlyOne><wsse:SecurityToken>

<wsse:TokenType>wsse:Kerberosv5TGT</wsse:TokenType></wsse:SecurityToken><wsse:SecurityToken> <wsse:TokenType>wsse:X509v3</wsse:TokenType></wsse:SecurityToken>

</wsp:ExactlyOne></wsp:Policy>

An Example Using Assertions from the WS-SecurityPolicy

Language


WS-BehavioralContractPolicy Syntax

<?xml version="1.0" encoding="UTF-8"?><wsp:Policy>

<wsbc:BehavioralContract><wsbc:PreCondition wsp:optional="true">

<exp:Expression>...</exp:Expression></wsbc:PreCondition><wsbc:PostCondition wsp:optional="true">

<exp:Expression>...</exp:Expression></wsbc:PostCondition><wsbc:Invariant wsp:optional="true">

<exp:Expression>...</exp:Expression></wsbc:Invariant>

</wsbc:BehavioralContract></wsp:Policy>


WS-BehavioralContractPolicy Example

<?xml version="1.0" encoding="UTF-8"?><wsp:Policy> <wsbc:BehavioralContract> <wsbc:PreCondition wsp:optional="true"> <exp:Expression> <GreaterThen>

<PropCall name="self" type="Object"> <PropCall name="numOfSeats" type="Attribute"/> </PropCall> <exp:Expression> <Literal value="0"/> </exp:Expression></GreaterThen>

</exp:Expression> </wsbc:PreCondition> </wsbc:BehavioralContract></wsp:Policy>

Precondition: numOfSeats > 0


Travel Agent Example

<?xml version="1.0" encoding="utf-8" ?> <definitions> <types> <message name="reservationLimitSoapIn"><message name="reservationLimitSoapOut"><message name="availableSeatsSoapIn"><message name="availableSeatsSoapOut"><message name="reserveSeatsSoapIn"><message name="reserveSeatsSoapOut"><portType name="TicketBookingServiceSoap"><operation name=“reserveSeats”> <input message=“reserveSeatsSoapIn”> <wsp:PolicyReference URI="#RSPRE" wsdl:required="true"/></input> <output message=“reserveSeatsSoapOut” >

<wsp:PolicyReference URI="#RSPOST" wsdl:required="true"/></output></definitions>

Attaching Behavioral Policy to the WSDL file


Behavioral Level Contracts Architecture

RequesterAgent

ProviderAgent

3 .Interact according toWSD & Behavioral Contract

2 .Agree on WSD & Behavioral Contract

WSDBEHCON

+

DiscoveryService

1.a.

1.c.

1.b. Supply WSD & Behavioral Contract Criteria

Obtain WSD and Behavioral Contract Info

Return WSD and Behavioral Contract Info

WSDBEHCON

+

WSDBEHCON

+ WSDBEHCON

+

WSDBEHCON

+


Synchronization Level Contracts

Specify the service behavior in a concurrent environment by indicating the coordination protocols it supports

Interface TicketBooking { Confirmation reserveSeats(in Flight choosenFlight, in int numOfSeats) Synchronization Atomic; int availableSeats(in Flight choosenFlight) Synchronization Atomic; int reservationLimit();}


WS-Coordination Framework

WS-Coordination Describes an extensible framework for providing

protocols that coordinate the actions of distributed applications

WS-AtomicTransaction Provides the definition of the atomic transaction

coordination type WS-BusinessActivity

Provides the definition of a business activity coordination type


WS-Coordination Framework Architecture


WS-SynchronizationContractPolicy Syntax


<wssc:SynchronizationContract><wssc:SupportedProtocol wsp:optional="true">

<wssc:AtomicTransactionProtocol/></wssc:SupportedProtocol><wssc:SupportedProtocol wsp:optional="true">

<wssc:BusinessProcessProtocol/></wssc:SupportedProtocol>

</wssc:SynchronizationContract></wsp:Policy>


WS-SynchronizationContractPolicy Example


<wssc:SynchronizationContract><wssc:SupportedProtocol wsp:optional="true">

<wssc:AtomicTransactionProtocol/></wssc:SupportedProtocol>

</wssc:SynchronizationContract></wsp:Policy>

Operation supporting only AtomicTransaction Protocol:



<?xml version="1.0" encoding="utf-8" ?> <definitions><types><wsp:Policy wsu:Id="SynchronizationContarctPolicy"><wsat:ATAlwaysCapability /></wsp:Policy> <message name="reservationLimitSoapIn"> <message name="reservationLimitSoapOut"> <message name="availableSeatsSoapIn"> <message name="availableSeatsSoapOut"> <message name="reserveSeatsSoapIn"> <message name="reserveSeatsSoapOut"></types><portType name="TicketBookingServiceSoap"><service name="TicketBookingService"><operation name=“reserveSeats” ><wsp:PolicyReference URI="# SynchronizationContarctPolicy" wsdl:required="true"/> </service></definitions>

Adding Synchronization Policy

to the WSDL file


Synchronization Level Contracts Architecture

RequesterAgent

ProviderAgent

4 .Interact according toContract

2 .Agree on WSD & Synchronization Contract

WSDSYNCON

+ WSDSYNCON

+

DiscoveryService

CoordinationService

1 .Discover Service

3 .Share Coordination ContextCxtCxt

WSDSYNCON

+


QoS Level Contracts

Specifies the obligation of a service provider to perform a service according to agreed-upon guarantees for IT-level service parameters (such as availability, response time and throughput)

Interface TicketBooking { Confirmation reserveSeats(in Flight choosenFlight, in int numOfSeats)

SLAParameter TransactionRate;}


WSLA Framework

A framework for specifying and monitoring Service Level Agreements for Web Services


WSLA Structure


WS-QoSContractPolicy Example


<wsqc:QoSContract><wsqc:SLAParameter name="TransactionRate"

type="float" unit="transaction/sec"><wsqc:Metric>

Transaction</wsqc:Metric>

</wsqc:SLAParameter></wsqc:QoSContract>

</wsp:Policy>



<?xml version="1.0" encoding="utf-8" ?> <definitions><types><message name="reservationLimitSoapIn"><message name="reservationLimitSoapOut"><message name="availableSeatsSoapIn"><message name="availableSeatsSoapOut"><message name="reserveSeatsSoapIn"><message name="reserveSeatsSoapOut"><portType name="TicketBookingServiceSoap"><service name="TicketBookingService"><operation name=“reserveSeats” ><wsp:PolicyReference URI="#QoSContractPolicy" wsdl:required="true"/> </service></definitions>

Adding QoS Policy

to the WSDL file


QoS Level Contracts Architecture

RequesterAgent

ProviderAgent

4 .Interact according toContract

2 .Agree on Semantics & QoS Contact

WSDQOSCON

+ WSDQOSCON

+

DiscoveryService

CoordinationService

1 .Discover Service

3 .Share Coordination Context

Measurement Service

Condition Evaluation

Service

Management Service

SLA Services

5 .Measure, Manage andEvaluate the Contract


SLASLA

WSDQOSCON

+


POC Outline

RequesterAgent

ProviderAgent

3.b. Interact according toContract

DirectoryService

1.b. SupplyContract Criteria 1.a. Obtain

Contract Info

1.c. ReturnContract Info

CONCON

Measurement Service

Condition Evaluation

Service

Management Service

SLA Service



Discovery Service

ContractService

BehavioralContractService

SynchronizationContractService

QoSContractService

3.a. Share Coordination Context

WSDCON +

WSDCON +

2 .Agree on Contract

CON

Cxt CxtCoordination

Service


POC Outline


Related Work

WSOL (work from Carleton University, Ontario, Canada) Web Service Offerings Language Formal specification of multiple classes of service for one Web

Service Focus on QoS (a.k.a., non-functional) constraints

OWL-S (w3c Member Submission by SRI International) Semantic Markup for Web Services Ontology for Web Services

WSDL-S (w3c Member Submission by IBM) Web Service Semantics A mechanism to associate semantic annotations with Web

services that are described using Web Service Description Language


Future Work

Enforcement mechanism UDDI Contract Attachment Ontology for Web Service Contracts

fortified web services contracts for trusted components avi jencmen amiram yehudai

Documents

contents web services

web services standards

provider entitys web

web service description

software agent

appropriate agent

provider entities

owner slide