Abstract: Service-oriented architectures are rapidly gaining presence and popularity in the development of distributed software systems. Their rapid diffusion is changing the software engineering landscape and is opening the way to implement the idea of “software as a service” [19], i.e. something that one uses to compose a workflow that achieves a business goal, and then disengages. A service-oriented system can be thought of a set of services that collaborate in some way to carry on a given task. Also, service-oriented system can be, on its own, a service, usually referred as a composite service or composed service. A conceptual model for service-oriented systems [18] defines it as: “A Composed Service is a particular kind of Service, developed by a Service Integrator, which makes use of other Services”. From this definition emerges how the Service Integrator has a key role while dealing with service compositions. In fact, to have the right prospective of the existing problems, it is desirable to make a clear distinction between different services users i.e.:

Abstract: A key reason for the slow adoption of the Platform for Privacy Preferences (P3P) is the lack of a formal semantics. Without a formal semantics, a P3P policy may be semantically inconsistent and may be interpreted and represented differently by different user agents. In this paper, we redress these problems by proposing a relational formal semantics for P3P policies, which precisely models the relationships between different components of P3P statements (i.e., collected data items, purposes, recipients and retentions) during online information collection. Based on this semantics, we present SemPref, a simple, efficient and expressive semantics-based preference language. Unlike previously proposed preference languages, SemPref queries the meaning of a privacy policy rather than its syntactic representation. The proposed formal semantics and preference language are an important step towards improving P3P, making it more comprehensible to enterprises and individual users, and ultimately accelerating the large-scale adoption of P3P across the Internet.

Abstract: The fast emergence and acceptance of service oriented architectures leads to fast development of extensional technologies like service delivery, discovery and composition. As main effort is being spent on automatic discovery and composition, current solutions do not reflect real world scenarios sufficiently. Services are offered by different vendors with different quality levels and prices. Large service oriented architectures with dynamic service compositions are not able to adapt without manual inspection of service quality and negotiation of service contracts. We propose an ontology for modelling Quality of Services (QoS) and ServiceLevel-Agreements (SLA). A semantic approach should bridge the gap of different terminology, languages and metrics making Service-Level offers and requests agent understandable and automatic quality-aware discovery possible.

Abstract: W3C Recommendations XML Encryption and XML-Digital Signature can be used to protect the confidentiality of and provide assurances about the integrity of XML documents transmitted over an insecure medium. The focus of this paper is how to control access to XML documents, once they have been received. This is particularly important for services where updates are sent to subscribers. We describe how certain access control policies for restricting access to XML documents can be enforced by encrypting specified regions of the document. These regions are specified using XPath filters and the policies are based on the hierarchical structure of XML documents. We also describe how techniques for assigning keys to a security lattice can be adapted to minimize the number of keys that are distributed to users and compare our approach with two other access control frameworks. Finally we consider how role-based access control can be used to enforce more complex access control policies.

Abstract: A methodology is proposed for the development of multi-agent systems using the JADE platform. The proposed methodology focuses on the key issues in the analysis and design of multi-agent systems. The analysis phase is generic in nature, while the design phase specifically focuses on the constructs pr ovided by the popular FIPA-compliant JADE platform. The methodology essentially serves as a guide, providing a direction for the multi-agent system designer, while also giving them the opportunity to add or remove components as desired, based on the specific problem domain. In contrast to current methodologies, support is also provided for existing systems and people to be included and accounted for in the multi-agent system. The methodology is illustrated by applying it to a hypothetical but illustrative scenario. Moreover, it is presented in such a way that designers new to the field of agent-based computing and the JADE platform can quickly grasp the most important concepts in the development of a multi-agent system. Similarly, people currently familiar with the JADE platform can also benefit from the methodology, which, when applied, should lead to a significant reduction in system development time.

Abstract: The recent investigation of privacy-preserving data mining has been motivated by the growing concern about the privacy of individuals when their data is stored, aggregated, and mined for information. In an effort towards practical algorithms for privacy-preserving data mining solutions, we analyze and implement solutions to an important primitive: the privacy-preserving scalar product of two vectors held by different parties. Privacypreserving scalar products are an important component of privacy-preserving data mining algorithms, particularly when data is vertically partitioned between two or more parties. We examine a cryptographically secure privacypreserving data mining solution in different computational settings. Our experimental results show that in the absence of special-purpose hardware accelerators or practical optimizations, the computational complexity, rather than the communication complexity, is the performance bottleneck. We also evaluate several practical optimizations to improve the efficiency.

Abstract: The increasing complexity of distributed computer systems has led researchers to utilise various tools of abstractions in order to improve the software engineering process However, the requirements of an increasing number of computing scenarios go beyond the capabilities of traditional computer science and software engineering abstractions, such as object-orientation According to Zambonelli and Parunak (2003), four main characteristics distinguish future software systems from traditional ones:

Abstract: Outsourcing database services is a recent trend thanks to advances in the networking technologies and continued growth of the Internet. In the outsourced database service (ODBS) model, clients rely on the premises of the provider, which include hardware, software and manpower, for the storage, maintenance, and retrieval of their data. This ODBS model brings in a variety of conveniences as well as introduces numerous research challenges, and thus has rapidly become one of the hot topics in the research community [1–6]. Because a client stores its private data at an external service provider, who is typically not fully trusted, making outsourced data confidential is one of the foremost challenges in this model. Basically, despite the untrusted server at the provider’s side, the final goal that clients want is to use the outsourced database service as an in-house one. This includes a requirement that clients can operate on their outsourced data without worrying about leak of their sensitive information. This in turn poses several additional challenges related to privacy-preserving for client’s queries as well as the outsourced data during the execution of operations at the untrusted server. Overall, with an assumption that clients are trusted (cf. section 7), the following security requirements must be met:

Abstract: The objective of this work is to develop a platform supporting the secure and quick deployment of distributed medical applications creating an environment and associated tools for the usage of medical personnel in their interaction with patients. We adopted the electronic health record (EHR) architecture blueprint as developed by Canada Health Infoway, which proposes Web service technology as an integration platform. We developed this environment for distributed and collaborative use by selected medical personnel using the combination of communication networks such as the Ca*net 4, ORION, NETERAnet and NCIT*net. This intelligent platform will enable the mining, retrieval, modification, management, and synchronization of various databases used by doctors in handling data in regards to patients and their illnesses, and last but not least, will examine and provide the security requirements associated with Web services in the context of e-Health applications.

Abstract: Moving objects database (MOD) contains the information (locations and times) of moving objects, e.g., taxicabs, trucks, airplanes, polar bears, etc. This information continuously changes and thus needs to be updated frequently in order to maintain the accuracy and usefulness of the information. This paper presents a fuzzy-timing Petri net model for updating a MOD and a method for estimating the time needed to update its database using the concept of the minimum cycle time of a Petri net. It is expected that the results of this paper are useful to study MOD design issues, such as the trade-off between update cost and information accuracy, and how often the database can be updated, given the number of moving objects, MOD system resources, delays of various MOD operations, etc.

Abstract: Collaboration plays a critical role when a group is striving for goals which are difficult or impossible to achieve by an individual. Knowledge about collaborators’ contributions to a task is important when solving problems as a team. However, a problem in many collaboration scenarios is the uncertainty and incompleteness of such knowledge. To investigate this problem, we present a collaboration framework where team members use models of collaborators’ performance to estimate contributions to a task, and propose agents for tasks based on these estimations. We conducted a simulation-based study to assess the impact of modeling limitations on task performance. The main results of our simulation are that maintaining models of agents improves task performance, but exhaustive model maintenance is not essential. Additionally, we found that the ability of agents to update their models has a large impact on task performance. We then extended our framework to support more refined agent models, and performed additional simulated studies. Our results indicated that task performance is improved by the availability of additional reasoning resources and the use of probabilistic models that represent variable

Abstract: Applications with run-time changing architectures constitute a challenge for both modelling and reasoning. Their description is not limited to the specification of a unique static topology but must cover the scope of all the correct configurations. We develop, in this paper, the concept of architectural styles to achieve this goal. We elaborate and specify the basic architectural styles for the design of service-oriented applications. For this purpose we develop an appropriate formal framework using graph grammars. Our approach enables both generating architectures in conformance with a given style and checking conformance of ad-hoc architectures. We first, describe formally the basic interaction style involving elementary interactions between a service requestor and a service provider. Then we consider the orchestrated interaction style where an orchestrator manages the workflow of several service requestors and providers. Finally, we define a complex architectural style to address the compositional aspect of service-oriented architectures considering composite services. We also provide rules for composing the previous styles to define the composite basic invocation style and the composite orchestrated style.

Abstract: Service definition

Abstract: Risk is present in almost every activity Alternately speaking, almost every activity may have some undesired outcomes which the person doing the activity hopes that they do not occur when it undertakes that particular activity The quantification of those undesired outcomes can be termed as Risk Risk is associated with Trust, Security and Privacy Risk is also associated with transactions, businesses, information systems, environments, networks, partnerships, etc Generally speaking, Risk signifies the likelihood of financial loss, human casualties, business destruction and environmental damages It is important to define Risk according to the context of the transaction in order to understand and analyse it better In the literature Risk has been defined and discussed in areas such as security, health, finance, environment and social life, but there is no systematic study of Risk in decentralized communications, which involves e-business, computer networks and service oriented environments Hence in this paper, a particular attention is given to define and analyse Risk in the area of Peer-to-Peer business communications, where Risk is every individual and organization?s concern Also in this paper we develop a risk indicator scale and develop a methodology by which the Riskiness of the peer can be rated according to its behaviour in an interaction Risk indicator gives an early warning to the party involved and helps avoid disasters

Abstract: In this paper, we first define a logical theory representing an XML database supporting XPath as query language and XUpdate as modification language. We then extend our theory with predicates allowing us to specify the security policy protecting the database. The security policy includes rules addressing the read and write privileges. We propose axioms to derive the database view each user is permitted to see. We also propose axioms to derive the new database content after an update.