Publications in 2003

Articles in Refereed Journals:

1. W. van der Aalst. Don't go with the flow: Web services composition standards exposed. IEEE Intelligent Systems, To Appear, Jan/Feb 2003.
   Abstract: The recently released Business Process Execution Language for Web Services (BPEL4WS) is said to combine the best of other standards for web services composition such as WSFL from IBM and XLANG of Microsoft. BPEL4WS allows for a mixture of block structured and graph structured process models thus making the language expressive at the price of being complex. Although BPEL4WS is not such a bad proposal by itself, it is remarkable how much attention this standard receives while the more fundamental issues and problems such as semantics, expressiveness, and adequacy do not get the attention they deserve. Having a standard is a very good idea. However, there are too many of them and most of them die before becoming mature. A simple indicator of this development is the increasing length of acronyms: PDL, XPDL, BPSS, EDOC, BPML, WSDL, WSCI, ebXML, and BPEL4WS are just some of the acronyms referring to various standards in the domain. Another problem is that these languages typically have no clearly defined semantics. The only way to overcome these problems is to critically evaluate the so-called standards for web services composition, i.e., Don't go with the flow!

2. Wil M. P. van der Aalst, Arthur H. M. ter Hofstede, Bartek Kiepuszewski, Alistair P. Barros. Workflow Patterns. Distributed and Parallel Databases, Vol. 14, Num. 1, pages 5-51, 2003.
   Abstract: Differences in features supported by the various contemporary commercial workflow management systems point to different insights of suitability and different levels of expressive power. The challenge, which we undertake in this paper, is to systematically address workflow requirements, from basic to complex. Many of the more complex requirements identified, recur quite frequently in the analysis phases of workflow projects, however their implementation is uncertain in current products. Requirements for workflow languages are indicated through workflow patterns. In this context, patterns address business requirements in an imperative workflow style expression, but are removed from specific workflow languages. The paper describes a number of workflow patterns addressing what we believe identify comprehensive workflow functionality. These patterns provide the basis for an in-depth comparison of a number of commercially availablework flow management systems. As such, this paper can be seen as the academic response to evaluations made by prestigious consulting companies. Typically, these evaluations hardly consider the workflow modeling language and routing capabilities, and focus more on the purely technical and commercial aspects.

3. Gian Luigi Ferrari, Stefania Gnesi, Ugo Montanari, Marco Pistore. A model-checking verification environment for mobile processes. ACM Trans. Softw. Eng. Methodol., Vol. 12, Num. 4, pages 440-473, 2003.
   Abstract: This article presents a semantic-based environment for reasoning about the behavior of mobile systems. The verification environment, called HAL, exploits a novel automata-like model that allows finite-state verification of systems specified in the $\pi$-calculus. The HAL system is able to interface with several efficient toolkits (e.g. model-checkers) to determine whether or not certain properties hold for a given specification. We report experimental results on some case studies.

4. Xavier Franch, Juan Pablo Carvallo. Using Quality Models in Software Package Selection. IEEE Software, Vol. 20, Num. 1, pages 34-41, 2003.
   Abstract: The growing importance of commercial off-the-shelf software packages requires adapting some software engineering practices, such as requirements elicitation and testing, to this emergent framework. Also, some specific new activities arise, among which selection of software packages plays a prominent role. All the methodologies that have been proposed recently for choosing software packages compare user requirements with the packages' capabilities. There are different types of requirements, such as managerial, political, and, of course, quality requirements. Quality requirements are often difficult to check. This is partly due to their nature, but there is another reason that can be mitigated, namely the lack of structured and widespread descriptions of package domains (that is, categories of software packages such as ERP systems, graphical or data structure libraries, and so on). This absence hampers the accurate description of software packages and the precise statement of quality requirements, and consequently overall package selection and confidence in the result of the process. Our methodology for building structured quality models helps solve this drawback.

5. Alexander Keller, Heiko Ludwig. The WSLA Framework: Specifying and Monitoring Service Level Agreements for Web Services. J. Network Syst. Manage., Vol. 11, Num. 1, 2003.
   Abstract: We describe a novel framework for specifying and monitoring Service Level Agreements (SLA) for Web Services. SLA monitoring and enforcement becomes increasingly important in a Web Service environment where enterprises rely on services that may be subscribed dynamically and on demand. For economic and practical reasons, we want an automated provisioning process for both the service itself as well as the SLA management system. It measures and monitors the QoS parameters, checks the agreed-upon service levels, and reports violations to the authorized parties involved in the SLA management process. The Web Service Level Agreement (WSLA) framework, our approach to these issues, is targeted at defining and monitoring SLAs for Web Services. Although WSLA has been designed for a Web Services environment, it is applicable as well to any inter-domain management scenario such as business process and service management or the management of networks, systems and applications in general. The WSLA framework consists of a flexible and extensible language based on XML Schema and a runtime architecture comprising several SLA monitoring services, which may be outsourced to third parties to ensure a maximum of accuracy. WSLA enables service customers and providers to unambiguously define a wide variety of SLAs, specify the SLA parameters and the way how they are measured, and relate them to managed resource instrumentations. Upon receipt of an SLA specification, the WSLA monitoring services are automatically configured to enforce the SLA. An implementation of the WSLA framework, the SLA Compliance Monitor, is publicly available as part of the IBM Web Services Toolkit.

6. Shuping Ran. A model for web services discovery with QoS. SIGecom Exch., Vol. 4, Num. 1, pages 1-10, ACM, 2003.
   Abstract: Web services technology has generated a lot interest, but its adoption rate has been slow. This paper discusses issues related to this slow take up and argues that quality of services is one of the contributing factors. The paper proposes a new Web services discovery model in which the functional and non-functional requirements (i.e. quality of services) are taken into account for the service discovery. The proposed model should give Web services consumers some confidence about the quality of service of the discovered Web services.

Articles in Refereed Conferences:

1. Wil M. P. van der Aalst, Arthur H. M. ter Hofstede, Mathias Weske. Business Process Management: A Survey . International Conference on Business Process Management (BPM), Lecture Notes in Computer Science, Vol. 2678, Springer Verlag, 2003.
   Abstract: Business Process Management (BPM) includes methods, techniques, and tools to support the design, enactment, management, and analysis of operational business processes. It can be considered as an extension of classical Workflow Management (WFM) systems and approaches. Although the practical relevance of BPM is undisputed, a clear definition of BPM and related acronyms such as BAM, BPA, and STP are missing. Moreover, a clear scientific foundation is missing. In this paper, we try to demystify the acronyms in this domain, describe the state-of-the-art technology, and argue that BPM could benefit from formal methods/languages (cf. Petri nets, process algebras, etc.).

2. Vikas Deora, Jianhua Shao, W. A. Gray, N. J. Fiddian. A Quality of Service Management Framework Based on User Expectations. ICSOC, pages 104-114, 2003.
   Abstract: The ability to gauge the quality of a service is critical if we are to achieve the service oriented computing paradigm. Many techniques have been proposed and most of them attempt to calculate the quality of a service by collecting quality ratings from the users of the service, then combining them in one way or another. We argue that collecting quality ratings alone from the users is not sufficient for deriving a reliable or accurate quality measure for a service. This is because different users often have different expectations on the quality of a service and their ratings tend to be closely related to their expectations, i.e. how their expectations are met. In this paper, we propose a quality of service management framework based on user expectations. That is, we collect expectations as well as ratings from the users of a service, then calculate the quality of the service only at the time a request for the service is made and only using the ratings that have similar expectations. We give examples to show that our approach can result in a more accurate and meaningful measure for quality of service.

3. Howard Foster, Sebastián Uchitel, Jeff Magee, Jeff Kramer. Model-based Verification of Web Service Compositions.. 18th IEEE International Conference on Automated Software Engineering (ASE 2003) , pages 152-163, IEEE Computer Society, 2003.
   Abstract: In this paper we discuss a model-based approach to verifying web service compositions for web service implementations. The approach supports verification against specification models and assigns semantics to the behavior of implementation models so as to confirm expected results for both the designer and implementer. Specifications of the design are modeled in UML, in the form of Message Sequence Charts (MSCs), and mechanically compiled into the Finite State Process notation (FSP) to concisely describe and reason about the concurrent programs. Implementations are mechanically translated to FSP to allow a trace equivalence verification process to be performed. By providing early design verification, the implementation, testing and deployment of web service compositions can be eased through the understanding of the differences, limitations and undesirable traces allowed by the composition. The approach is supported by a suite of cooperating tools for specification, formal modeling and trace animation of the composition workflow.

4. Rania Khalaf, Frank Leymann. On Web Services Aggregation. TES, pages 1-13, 2003.
   Abstract: The Web services framework is enabling applications from different providers to be offered as services that can be used and composed in a loosely-coupled manner. Subsequently, the aggregation of services to form composite applications and maximize reuse is key. While choreography has received the most attention, services often need to be aggregated in a much less constrained manner. As a number of different mechanisms emerge to create these aggregations, their relation to each other and to prior work is useful when deciding how to create an aggregation, as well as in extending the models themselves and proposing new ones. In this paper, we discuss Web services aggregation by presenting a first-step classification based on the approaches taken by the different proposed aggregation techniques. Finally, a number of models are presented that are created from combinations of the above.

5. Octavio Martín-Díaz, Antonio Ruiz Cortés, Amador Durán, David Benavides, Miguel Toro. Automating the Procurement of Web Services. ICSOC, pages 91-103, 2003.
   Abstract: As government agencies and business become more dependent on web services, software solutions to automate their procurement gain importance. Current approaches for automating the procurement of web services suffer from an important drawback: neither uncertainty measures nor non-linear, and complex relations among parameters can be used by providers to specify quality-of-service in offers. In this paper, we look deeply into the roots of this drawback and present a proposal which overcomes it. The key point to achieve this improvement has been using the constraint programming as a formal basis, since it endows the model with a very powerful expressiveness. A XML-based implementation is presented along with some experimental results and comparisons with other approaches.

6. Bart Orriëns, Jian Yang, Mike P. Papazoglou. Model Driven Service Composition. ICSOC, pages 75-90, 2003.
   Abstract: The current standards for web service composition, e.g. BPEL. neither cater for dynamic service composition nor for dynamic business configuration. Our firm belief is that business processes can be built dynamically by composing web services in a model driven fashion where the design process is controlled and governed by a series of business rules. In this paper we examine the functional requirements of service composition and introduce a phased approach to the development of service compositions that spans abstract definition, scheduling, construction and execution. Subsequently, we analyze the information requirements for developing service compositions by identifying the basic elements in a web service composition and the business rules that are used to govern the development of service compositions.

7. Vladimir Tosic, Bernard Pagurek, Kruti Patel. WSOL - A Language for the Formal Specification of Classes of Service for Web Services. ICWS, pages 375-381, 2003.
   Abstract: We are developing a language, Web Service Offerings Language (WSOL), for the formal specification of various constraints, management statements, and classes of service for Web Services. WSOL is an XML (Extensible Markup Language) notation compatible with WSDL (Web Services Description Language). A service offering in WSOL is a formal description of one class of service of a Web Service. It contains formal representation of various constraints: functional (pre-, post-, and future- conditions), Quality of Service (QoS, a.k.a. non-functional, extra- functional), and access rights. It also contains management statements, such as statements about prices, monetary penalties, and management responsibilities. One Web Service can be associated with multiple service offerings. For easier specification of similar service offerings, WSOL enables specification of constraint groups (CGs) and constraint group templates (CGTs). We have also developed a format for representation of dynamic relationships between service offerings. WSOL service offerings are simple contracts and SLAs (Service Level Agreements) between Web Services. Describing a Web Service in WSOL, in addition to WSDL, enables monitoring, metering, and management of Web Services. The Web Service, its consumer, or one or more designated third parties (usually SOAP message intermediaries) can meter QoS metrics and evaluate constraints in WSOL service offerings. Further, manipulation of service offerings can be used for dynamic adaptation and management of Web Service compositions. In addition, WSOL supports selection of a more appropriate Web Service and service offering for particular circumstances. The main distinctive characteristics of WSOL, compared to recent related works, are its expressive power, features that reduce run-time overhead, and orientation towards management applications.

Books and Monographs:

1. Mariya Koshkina. Verification of Business Processes for Web Services. Ms. Thesis, York University - Department of Computer Science, October 2003.
   Abstract: The Business Process Execution Language for Web Services (BPEL4WS or simply BPEL) is a recently developed language, which is used to specify interactions between web services. Among its features it allows specification of concurrent behavior. Erroneous specification can lead to such problems as deadlock. In our research we focus on the concurrency mechanism in BPEL. Our main goal is to analyze processes in order to detect possible deadlocks. To achieve this we introduce a process algebra called the BPE-calculus. It is a small language which captures all the BPEL features relevant to the analysis. This process algebra is modelled using a labeled transition system. An existing verification tool called the Concurrency Workbench is customized to use our BPE-calculus. This tool allows us to verify many properties of BPE-calculus processes specified in a logic called the mu-calculus, including deadlock freedom.

Publications in Refereed Workshops:

1. M. Tian, A. Gramm, T. Naumowicz, H. Ritter, J. Schiller. A Concept for QoS Integration in Web Services. Web Information Systems Engineering Workshops, pages 149-155, December 2003.
   Abstract: With the growing popularity of Web services, a general QoS support for Web services plays an important role for the success of this emerging technology. Unfortunately, current Web service environments do not offer comprehensive QoS support. In this paper, we present an approach that does not only enable the QoS integration in Web services, but also the selection of appropriate services based on QoS requirements regarding server and network performance. Furthermore, we present how application requirements regarding communication QoS are mapped onto the underlying QoS aware network at runtime, as well as how users can obtain real-time information about server performance in order to monitor the accomplishment of assured services, giving the user an instant QoS feedback.

Technical Reports and Manuals:

1. Tony Andrews, Francisco Curbera, Hitesh Dholakia, Yaron Goland, Johannes Klein, Frank Leymann, Kevin Liu, Dieter Roller, Doug Smith, Satish Thatte, Ivana Trickovic, Sanjiva Weerawarana. Business Process Execution Language for Web Services, version 1.1. BEA Systems, International Business Machines Corporation, Microsoft Corporation, SAP AG, Siebel Systems, 2003.
   Abstract: This document defines a notation for specifying business process behavior based on Web Services. This notation is called Business Process Execution Language for Web Services (abbreviated to BPEL4WS in the rest of this document). Processes in BPEL4WS export and import functionality by using Web Service interfaces exclusively. Business processes can be described in two ways. Executable business processes model actual behavior of a participant in a business interaction. Business protocols, in contrast, use process descriptions that specify the mutually visible message exchange behavior of each of the parties involved in the protocol, without revealing their internal behavior. The process descriptions for business protocols are called abstract processes. BPEL4WS is meant to be used to model the behavior of both executable and abstract processes. BPEL4WS provides a language for the formal specification of business processes and business interaction protocols. By doing so, it extends the Web Services interaction model and enables it to support business transactions. BPEL4WS defines an interoperable integration model that should facilitate the expansion of automated process integration in both the intra-corporate and the business-to-business spaces.

2. Heiko Ludwig, Alexander Keller, Asit Dan, Richard P. King, Richard Franck . Web Service Level Agreement (WSLA) Language Specification. IBM Corporation, 2003.
   Abstract: This document describes the specification language for service level agreements for Web Services, the Web Service Level Agreement (WSLA) language. WSLAs are agreements between a service provider and a customer and as such define the obligations of the parties involved. Primarily, this is the obligation of a service provider to perform a service according to agreed-upon guarantees for IT-level service parameters (such as availability, response time and throughput) for Web Services.
   An SLA also specifies the measures to be taken in case of deviation and failure to meet the asserted service guarantees, for example, a notification of the service customer. The assertions of the service provider are based on a detailed definition of service parameters including the algorithms - how basic metrics should be measured in systems and how they are aggregated into composite metrics and SLA parameters. In addition, a WSLA can express the operations of monitoring and managing the service. This may include third parties (such as Management Service Providers) that contribute to the measurement of metrics, supervision of guarantees or even the management of deviations of service guarantees. These multi-party constellations necessitate the definition of the interactions among the parties supervising the WSLA.
   However, a WSLA only covers the agreed common view of a service between the parties involved. To actually act as a participant in a WSLA, parties have various degrees of freedom to define an implementation policy for a service and its supervision. Typically, the obligations of a WSLA must be translated into system-level configuration information, which can be proprietary to each party involved.