利用SOAP的可扩展性提高Web服务的QoS

本文首先提出了SOAP对Web服务QoS的影响，从而利用SOAP的可扩展性提出了基于SOAP的中介体模型，介绍了实现该模型的技术，并说明了如何应用该模型在一些可能的方面提高Web服务的QoS。     

基于JXTA的SOAP传输库的设计与实现

对等计算彻底地摒弃了"客户机/服务器"架构,克服了集中式计算的缺点.本文则致力于把Web服务这一项当前非常流行的技术引入P2P领域.P2P和Web服务的整合,充分利用了P2P的特点,克服了当前Web服务基于"客户机/服务器"计算模型的缺点,并使得在P2P 网络上使用其它对等点提供的服务变得更加简单和高效.为此,我们提出Project SOJN.Pr oject SOJN是使用JXTA和Apache Axis实现的基础类库,它使得SOAP消息可以在JXTA管道上面传输,并使对等点有了处理SOAP消息的能力.     

带有附件的SOAP消息及实现

为了在服务之间传输图像、语音等二进制文件，需要在SOAP消息中加入附件与SOAP消息一同传输。分析了SOAP协议，论述了SOAP协议的体系结构、特点。对带附件的SOAP消息格式、附件的引用方法以及相应SOAP处理器的处理规则进行了详细论述，叙述了如何利用SOAP和MIME自身的功能把附件与SOAP消息捆绑传输，并用Apache SOAP给出处理附件的方法。     

SOAP消息多密级安全的研究与设计

为了满足多密级、特殊密码环境下的Web服务安全性,分析了SOAP消息多密级安全的实现原理,提出了SOAP消息多密级安全标识协议和SOAP消息多密级安全保障协议,设计并实现了一个基于上述协议的SOAP消息安全模型.该模型利用多密级密码服务接入技术,实现了SOAP消息多密级安全保障,验证了多密级安全协议的完整性、可用性.     

运用MSSoapT和SOAP扩展实现SOAP消息分析

运用MSSoapT和SOAP扩展技术实现了获取和分析进出Web服务SOAP消息方法,并重点讨论了这两种方式应用的场合,其中给出了在.NET平台下实现获取带安全SOAP消息的关键技术,这两种获取和分析SOAP消息的方法为研究Web服务安全策略是否可行提供了一种验证和测试手段。     

支持多密级的SOAP消息安全模型研究与实现

为了实现多密级、特殊密码环境下的Web服务安全性,在对WS-Security规范进行研究的基础上对其进行修改和扩展,提出支持多密级SOAP消息安全标识扩展协议和SOAP消息多密级安全协议,设计并实现一个基于上述协议的SOAP消息安全模型,该模型利用多密级密码服务接入技术,根据安全标识实现支持多密级的SOAP消息安全性要求,从而验证多密级安全协议的完整性、可用性。     

基于面向服务架构体系的WEB组合技术应用研究

Web服务是基于XML和HTTPS的一种服务,其通信协议主要基于简单对象访问协议(SOAP),服务的描述通过WSDL、UD-DI来发现和获得服务的元数据。Web服务建好以后,SOAP提供了标准的RPC方法来调用Web service,并意味着下面的Webservice是以对象的方式表示的。SOAP规范定义了SOAP消息的格式,以及怎样通过HTTP协议来使用SOAP。该文基于此,对面向服务架构体系的WEB组合技术应用进行了初步研究。     

一种基于SOA的SOAP消息安全传输机制

随着SOA技术的发展与普及应用,基于SOA的Web服务安全问题日益突出,而SOAP消息传输的安全性是决定Web服务安全的重要因素。目前SOAP消息的传输主要依赖于WS安全标准,但由于WS安全标准存在种种缺陷,因此SOAP消息在传输过程中会受到XML注入攻击等Web攻击。提出了一种新的SOAP消息安全传输机制,即在现有的基于WS安全标准的安全传输机制基础上添加SOAP Validation节点。最后通过实验验证,该安全传输机制能检测出XML注入攻击,提高SOAP消息传输的安全性。     

基于SOAP安全扩展的Web服务研究

SOAP(Simple Object Access Protocol,简单对象访问协议)是一种基于XML的通信协议。本文在分析基于SOAP的Web服务结构以及SOAP消息构成后,提出了一种加强Web服务安全的SOAP数字签名技术,确保了Web服务完整性和安全性。     

一个基于Agent的SOAP应用框架

简单对象访问协议SOAP是新一代分布式计算模型Web服务的基础,然而SOAP应用的性能问题是制约其发展的主要方面。该文从SOAP消息处理与SOAP消息传输两个方面,就影响SOAP应用性能的因素进行了分析,并论述了可以改进其性能的技术方法。在此基础上,该文采用Agent技术,提出了一个基于Agent的SOAP应用框架,并在面向Web服务的服务协作中间件中实现了此框架。该文的SOAP应用框架解决了SOAP应用的性能瓶颈问题,同时具有灵活的扩展机制,为基于Web的分布式计算提供了可行的实现模式。     

一种新型SOAP消息附件安全保障模型

随着Web服务的广泛应用和发展，提供安全保障能力是Web服务在商业应用中获得成功的关键因素。然而，目前还没有一种有效的方法对SOAP消息附件提供安全性支持。针对这一问题，本文提出了一种新型的SOAP附件安全保障模型，它可以在不改变客户端和服务器端内部实现的情况下，对附件进行加密和数字签名。在多中间节点的场景中，附件可以不经过任何中间节点从客户端直接发送到服务器，在减少附件被攻击可能性的同时提高了服务的执行效率。本模型在Web应用服务器上进行了原型实现，实验结果表明，该模型具有普遍性，可以高效地为企业提供附件安全保障。     

A Novel Intermediary Framework for Dynamic Edge Service Composition

Multimedia content,user mobility and heterogeneous client devices require novel systems that are able to support ubiquitous access to the Web resources.In this scenario,solutions that combine flexibility,efficiency and scalability in offering edge services for ubiquitous access are needed.We propose an original intermediary framework,namely Scalable Intermediary Software Infrastructure (SISI),which is able to dynamically compose edge services on the basis of user preferences and device characteristics.The SISI framework exploits a per-user profiling mechanism,where each user can initially set his/her personal preferences through a simple Web interface,and the system is then able to compose at run-time the necessary components.The basic framework can be enriched through new edge services that can be easily implemented through a programming model based on APIs and internal functions.Our experiments demonstrate that flexibility and edge service composition do not affect the system performance.We show that this framework is able to chain multiple edge services and to guarantee stable performance.     

Content Adaptation Architectures Based on Squid Proxy Server

The overwhelming popularity of Internet and the technology advancements have determined the diffusion of many different Web-enabled devices. In such an heterogeneous client environment, efficient content adaptation and delivery services are becoming a major requirement for the new Internet service infrastructure. In this paper we describe intermediary-based architectures that provide adaptation and delivery of Web content to different user terminals. We present the design of a Squid-based prototype that carries out the adaptation of Web images and combines such a functionality with the caching of multiple versions of the same resource. We also investigate how to provide some form of cooperation among the nodes of the intermediary infrastructure, with the goal to evaluate to what extent the cooperation in discovering, adapting, and delivering Web resources can improve the user-perceived performance.     

一种基于坐标和的保护位置隐私近邻查询方法

空间定位和无线通信技术的成熟促进了基于位置服务(Location Based Service,LBS)的发展,用户通过向LBS服务器发送位置和查询信息获取相应服务。这种模式不可避免地带来对用户个体隐私的侵犯。随着用户对个体隐私信息安全的日益关注,如何在保护用户位置隐私安全下提供基于位置的查询服务成为研究的热点。现有的基于可信第三方的方法主要存在以下问题:(1)难以寻找满足要求的可信第三方;(2)可信第三方容易成为系统的瓶颈,造成系统查询效率和扩展性较差。针对这些问题,提出一种不依赖于可信第三方的隐私保护查询策略,即客户端通过向LBS服务提供方发送其当前位置的二维坐标之和,实现对查询发起用户位置隐私的保护。LBS服务器通过设置基于坐标和的查询处理策略将包含查询结果的候选解反馈给客户端,进一步通过对候选解的有效剪枝,有效降低通信开销以及服务器与客户端的处理代价。理论分析和实验结果表明,算法是可行的,能够有效解决依赖于可信第三方的系统带来的查询效率和系统扩展性较差的问题。     

Cloud refactoring: automated transitioning to cloud-based services

Using cloud-based services can improve the performance, reliability, and scalability of a software application. However, transitioning an application to use cloud-based services is difficult, costly, and error-prone. The required re-engineering effort includes migrating to the cloud the functionality to be accessed as remote cloud-based services and re-targeting the client code accordingly. In addition, the client must be able to detect and handle the faults raised in the process of invoking the services. As a means of streamlining this transitioning, we developed a set of refactoring techniques—automated, IDE-assisted program transformations that eliminate the need to change programs by hand. In particular, we show how a programmer can extract services, add fault tolerance functionality, and adapt client code to invoke cloud services via refactorings integrated with a modern IDE. As a validation, we have applied our approach to automatically transform two third-party Java applications to use cloud-based services. We have also applied our approach to re-engineer a suite of services operated by General Electric to use cloud-based resources to better satisfy the GE business requirements.     

Trusted Agent-Mediated E-Commerce Transaction Services via Digital Certificate Management

Agent-mediated e-commerce (AMEC) transaction services will be a paradigm shift from the existing client–server e-commerce model. In order to fulfill the leverage of AMEC intermediary services with secure and trusted service capabilities, we propose an agent-oriented public key infrastructure (PKI) operating with a variety of digital certificates. Under this agent-oriented PKI, several trusted AMEC transaction service models will be demonstrated using human and agent certificates showing, delegation, and verification protocols. We establish human/agent authentication, authorization, delegation, access control, and trusted relationships before these trusted AMEC intermediary services can be realized. This paper shows that a trusted AMEC system can be implemented in the FIPA compliant multi-agent system.     

Bridging boundaries: CORBA in perspective

Applications that cross the boundaries of different computing machines, operating systems, and programming languages are increasingly the norm. As a result, the need for what might be called bridging technologies to develop software that works across heterogeneous environments has become more compelling. The Common Object Request Broker Architecture is one such technology that is both robust and commercially available. CORBA essentially describes how client applications can invoke operations on server objects using the services of an intermediary known as an Object Request Broker, or ORB. This article introduces CORBA by describing its key components. It then reviews the boundaries it helps to bridge. It concludes by comparing CORBA with a number of other bridging technologies available today     

Risk in agreement networks

The current trend towards dynamic and highly scalable service provisioning fosters the rise of Software as a Service (SaaS) platforms and manifests the need for dynamic composition of services. In order to enable the combination of services and hence, the collaboration between different service providers, technical challenges like the compatibility of interfaces have to be dealt with. Additionally, economic issues concerning profit, reliability and risk have to be taken into consideration. This work covers economic considerations from the viewpoint of a service intermediary that offers complex services to customers and purchases services from supplying providers. The intermediary has to decide, which SLAs to offer to consumers and which SLAs have to be established with supplying providers. The decision support for the intermediary that is presented throughout this paper is an adaptation of security portfolio optimization stemming from finance. It is based on monitoring data of SLAs that the intermediary had established in the past with consumers and with supplying providers. Finally, the decision support is exemplified in a case-study.     

基于中介体的可靠Web Service设计与实现

HTTP协议提供尽力传送服务无法满足Web Service对可靠SOAP消息传递的需求。针对WS-Reliability规范,设计开发了基于中介体的可靠Web Service消息传递系统。Web Service通信双方通过一组对等中介体发送和接收HTTP报文,由中介体实现报文的有保证传递、重复消除和传递排序,并提供日志管理和用户自定义可靠级别功能。实验结果表明,基于中介体的可靠Web Service消息传递系统完全符合WS-Reliability规范,且易于部署,保持了传统Web Service中必不可少的简单性和互操作性,为Web Service应用构建了可靠支撑平台。     

Dynamic Scheme Transition Adaptable to Variable Video Popularity in a Digital Broadcast Network

To provide on-demand video streaming services through the network, video objects with both high and low client request rates must be served efficiently. In this paper, we propose a dynamic scheme transition to provide on-demand streaming services efficiently regardless of video popularity. This approach can maintain quality-of-service (QoS) by transitioning the service scheme according to the request rate. The server provides services by heuristically broadcasting video segments when the video popularity is low and by a Periodic Broadcast when the video popularity is high. The server identifies the variations in client request rates from the number of service channels and determines transitions to more efficient service schemes autonomously. We evaluated this scheme transition for various parameters and traces from a company providing streaming services. The results show that the performance of scheme transition is very efficient.