fortified web services contracts for trusted components proof of concept
Post on 20-Dec-2015
218 views
TRANSCRIPT
Fortified Web Services Contracts for Trusted Components
Proof of Concept
Fortified Web Services Contracts for Trusted Components - Proof of Concept 210/2006
Contents
Outline POC Goals Travel Agent Use Case POC Architecture
POC Sequence Flow Basic Level Contracts Flow Behavioral Level Contracts Flow Synchronization Level Contracts Flow QoS Level Contracts Flow
Conclusions
Fortified Web Services Contracts for Trusted Components - Proof of Concept 310/2006
POC Goals
Build a working application using Web services and the WS-Contract language
Show improvement over regular Web services solution
Fortified Web Services Contracts for Trusted Components - Proof of Concept 410/2006
Travel Agent Use Case
A company (travel agent) wants to offer the ability to book complete vacation packages: plane/train/bus tickets, hotels, car rental, excursions, etc
Service providers (airlines, bus companies, hotel chains, etc) are providing Web services to query their offerings and perform reservations
Credit card companies are providing services to guarantee payments made by consumers
Fortified Web Services Contracts for Trusted Components - Proof of Concept 510/2006
Travel Agent Use Case
Travel Agent Service Customer Other players
Discovery ServiceCoordination ServiceSLA Service
Fortified Web Services Contracts for Trusted Components - Proof of Concept 610/2006
Architecture
CustomerTravelAgent
Interact according toContract
ContractContentService
Contract Management Service
ContractLevel
Service
WSDCON +
SOAP
Contract Runtime Service
Behavioral ContractRequest Handler
Sync. ContractRequest Handler
QoS ContractRequest Handler
Behavioral ContractReply Handler
Sync. Contract Reply Handler
QoS Contract Reply Handler
Fortified Web Services Contracts for Trusted Components - Proof of Concept 710/2006
Ticket Booking Client
Fortified Web Services Contracts for Trusted Components - Proof of Concept 810/2006
Basic Level Sequence Flow
CustomerTravelAgent
ContractContentService
Contract Management Service
ContractLevel
Service
WSDCON +
2 .Interact according toWSD
1 .Agree on WSD
WSD
SOAP
Fortified Web Services Contracts for Trusted Components - Proof of Concept 910/2006
Behavioral Level Sequence Flow
CustomerTravelAgent
ContractContentService
Contract Management Service
ContractLevel
Service
WSDCON +
SOAP
Contract Runtime Service
Behavioral ContractRequest Handler
Sync. ContractRequest Handler
QoS ContractRequest Handler
Behavioral ContractReply Handler
Sync. Contract Reply Handler
QoS Contract Reply Handler
IsLegalRequest(SOAPMessage)
2. Check Request Against Behavioral Contract
1 .Send SOAP Request
True
NumberOfSeats < 10
OK
NumberOfSeats = 2
Fortified Web Services Contracts for Trusted Components - Proof of Concept 1010/2006
Ticket Booking Client Result
Fortified Web Services Contracts for Trusted Components - Proof of Concept 1110/2006
Ticket Booking Client
Fortified Web Services Contracts for Trusted Components - Proof of Concept 1210/2006
Behavioral Level Sequence Flow
CustomerTravelAgent
ContractContentService
Contract Management Service
ContractLevel
Service
WSDCON +
SOAP
Contract Runtime Service
Behavioral ContractRequest Handler
Sync. ContractRequest Handler
QoS ContractRequest Handler
Behavioral ContractReply Handler
Sync. Contract Reply Handler
QoS Contract Reply Handler
IsLegalRequest(SOAPMessage)
2. Check Request Against Behavioral Contract
1 .Send SOAP Request
False
NumberOfSeats < 10
ERR
Behavioral Contract Broken
NumberOfSeats = 20
Fortified Web Services Contracts for Trusted Components - Proof of Concept 1310/2006
Ticket Booking Client
Fortified Web Services Contracts for Trusted Components - Proof of Concept 1410/2006
Synchronization Level Sequence Flow
CustomerTravelAgent
ContractContentService
Contract Management Service
ContractLevel
Service
WSDCON +
SOAP
Contract Runtime Service
Behavioral ContractRequest Handler
Sync. ContractRequest Handler
QoS ContractRequest Handler
Behavioral ContractReply Handler
Sync. Contract Reply Handler
QoS Contract Reply Handler
IsLegalRequest(SOAPMessage)
2. Check Request Against Synchronization Contract
1 .Send SOAP Request
True
Atomic: ConcurrentUsers == 0
OK
Fortified Web Services Contracts for Trusted Components - Proof of Concept 1510/2006
Ticket Booking Client Result
Two Concurrent
Clients
Fortified Web Services Contracts for Trusted Components - Proof of Concept 1610/2006
Synchronization Level Sequence Flow
CustomerTravelAgent
ContractContentService
Contract Management Service
ContractLevel
Service
WSDCON +
SOAP
Contract Runtime Service
Behavioral ContractRequest Handler
Sync. ContractRequest Handler
QoS ContractRequest Handler
Behavioral ContractReply Handler
Sync. Contract Reply Handler
QoS Contract Reply Handler
IsLegalRequest(SOAPMessage)
2. Check Request Against Synchronization Contract
1 .Send SOAP Request
False
Atomic: ConcurrentUsers == 0
ERR
Synchronization Contract Broken
Fortified Web Services Contracts for Trusted Components - Proof of Concept 1710/2006
Ticket Booking Client
Fortified Web Services Contracts for Trusted Components - Proof of Concept 1810/2006
QoS Level Sequence Flow
CustomerTravelAgent
ContractContentService
Contract Management Service
ContractLevel
Service
WSDCON +
SOAP
Contract Runtime Service
Behavioral ContractRequest Handler
Sync. ContractRequest Handler
QoS ContractRequest Handler
Behavioral ContractReply Handler
Sync. Contract Reply Handler
QoS Contract Reply Handler
IsLegalRequest(SOAPMessage)
2. Check Request Against QoS Contract
1 .Send SOAP Request
True
ResponseTime < 200
OK
Fortified Web Services Contracts for Trusted Components - Proof of Concept 1910/2006
QoS Level Sequence Flow
CustomerTravelAgent
ContractContentService
Contract Management Service
ContractLevel
Service
WSDCON +
SOAP
Contract Runtime Service
Behavioral ContractRequest Handler
Sync. ContractRequest Handler
QoS ContractRequest Handler
Behavioral ContractReply Handler
Sync. Contract Reply Handler
QoS Contract Reply Handler
IsLegalRequest(SOAPMessage)
2. Check Request Against QoS Contract
1 .Send SOAP Request
False
ResponseTime < 200
ERR
QoS Contract Broken
Fortified Web Services Contracts for Trusted Components - Proof of Concept 2010/2006
Ticket Booking Client
Fortified Web Services Contracts for Trusted Components - Proof of Concept 2110/2006
Conclusions