Resumen de Secure adaptation of software services
José Antonio Martín Baena
Our world is overrun by software services. Previously we had software components (CORBA), then we had Web services (SOAP/WSDL/BPEL, JSON, RESTful, JavaScript) and now cloud computing (Amazon EC2, Google App Engine, Microsoft Azure). This trend, together with the rise of WSAN, smartphones, tablets and the Internet of Things, has paved the way to a world of interconnected devices where each node offers and requires new functionality, and services are composed into bigger systems which span across organizations and physical boundaries.
However, this new breed of distributed systems has to face the challenge of interoperability. When services are implemented by different developers, provided by different vendors and supported by different infrastructures, incompatibilities tend to arise. These incompatibilities can be present at different levels: signature (the name of the operations), behavior (the supported sequences of operations) and QoS. Such incompatibilities hinder the development and reusability of such services and usually lead these systems to deadlocks, livelocks and violations in the SLA.
In this thesis we have tackled this problem by means of software adaptation. The key concept is to use an adaptor (either monolithic or distributed) which intercepts the messages between the services and is able to verify, rewrite and reorder them in the manner expected by the destination services. Such adaptors are exponentially large with regard to the size and number of services and usually cope with subtle concurrency issues between the services. Therefore, adaptors are not hand-made but, instead, they are automatically synthesised from abstract high-level specifications of the orchestration called adaptation contracts.
We have addressed the whole development cycle of service oriented architectures (SOA) based on these adaptation contracts. We developed a search tree for the scalable discovery of adaptable services. Once the right services are found, we developed a tool (called Dinapter) for the automatic generation of adaptation contracts. These contracts were extended into security adaptation contracts (SAC) which include the verification, transformation and composition of cryptographic messages between services with incompatible security protocols (WS-Security, WS-SecureConversation, WS-Policy). We developed an algorithm for the automatic synthesis of secure adaptors compliant with a given SAC and services (encoded as Crypto-CCS processes). These secure adaptors are verified and refined to be robust against secrecy attacks. Finally, we also developed dynamic learning adaptors which do not need to be synthesized, and hence do not need to know the behavior of the services. Instead, these adaptors learn from successful and failed interactions so as to eventually converge to correct adaptors while preserving a small computational and spatial complexity. This efficiency and versatility makes them suitable for WSAN and the Internet of Things, where nodes have restricted capabilities and the environment might change unpredictably.
Part of this thesis has been implemented and integrated into ITACA (Integrated Toolbox for Automatic Composition and Adaptation).
