Figure 1 - uploaded by Richard Sinnott
Content may be subject to copyright.
Source publication
The service-oriented computing paradigm and its application to support e-Infrastructures offers, at least in principle, the opportunity to realise platforms for multi- and inter-disciplinary research. Augmenting the service-oriented model for e-Research are mechanisms for services to be coupled and enacted in a coordinated manner through workflow e...
Context in source publication
Context 1
... enact this workflow if ALL services in the defined workflow agree; only enact this workflow if there is a given path through the workflow (which itself may contain branches) from the root node to a final leaf node. A simplistic model of how such security is supported is shown in Figure 1, where a client wants to execute a workflow comprised of two services. In our current implementation we have largely focused on static workflows and statically defined policies, and their enactment. ...
Similar publications
The emergence of the service-oriented computing paradigm has opened the possibility of using dynamic binding of application requirements to the resources needed to fulfill application tasks. Especially in pervasive computing that is characterized by disconnected operation and mobility, the process of using service specifications and dynamic binding...
Service-Oriented Computing (SOC) is the computing paradigm that utilizes services as fundamental elements for developing applications/solutions.
To build the service model, SOC relies on the Service Oriented Architecture (SOA), which is a way of reorganizing software
applications and infrastructure into a set of interacting services. However, the b...
![Figure 2. The "virgin" Nabaztag as a [P-D] molecule.](profile/Joelle-Coutaz/publication/234780692/figure/fig2/AS:667591471276058@1536177618957/The-virgin-Nabaztag-as-a-P-D-molecule_Q320.jpg)
In this article, we propose a model for networked artifacts inspired from molecular chemistry. It demonstrates the intrinsic complexity of the domain illustrated with unsolved problems such as mastering the semantics of networked artefacts. Based on this model, we identify similarities with the service-oriented computing paradigm and suggest possib...
Service-oriented computing (SOC) is the computing paradigm that utilizes services as fundamental elements for developing applica- tions. In order to realize the vision of services being utilized as funda- mental elements of business collaboration, security is a critical issue that must be addressed. As SOC adopts messages as the binding factor for...
Service-oriented computing is a new emerging computing paradigm that changes the way applications are designed, implemented and consumed in a ubiquitous computing environment. In such environments computing is pushed away from the traditional desktop to small embedded and networked computing devices around us. However, developing mobile and pervasi...
Citations
... We believe, none of these systems addresses social sciences for modeling/experiments as we do here. As an illustration, suicide data is analyzed with Taverna in [77] and Galaxy is used for genomic research [78]; neither has a component for modeling. ...
There is large interest in networked social science experiments for understanding human behavior at-scale. Significant effort is required to perform data analytics on experimental outputs and for computational modeling of custom experiments. Moreover, experiments and modeling are often performed in a cycle, enabling iterative experimental refinement and data modeling to uncover interesting insights and to generate/refute hypotheses about social behaviors. The current practice for social analysts is to develop tailor-made computer programs and analytical scripts for experiments and modeling. This often leads to inefficiencies and duplication of effort. In this work, we propose a pipeline framework to take a significant step towards overcoming these challenges. Our contribution is to describe the design and implementation of a software system to automate many of the steps involved in analyzing social science experimental data, building models to capture the behavior of human subjects, and providing data to test hypotheses. The proposed pipeline framework consists of formal models, formal algorithms, and theoretical models as the basis for the design and implementation. We propose a formal data model, such that if an experiment can be described in terms of this model, then our pipeline software can be used to analyze data efficiently. The merits of the proposed pipeline framework is elaborated by several case studies of networked social science experiments.
... To the best of our knowledge, none of these systems addresses social sciences for modeling/experiments as we do here. For example, Taverna is used to analyze suicide data in (Sinnott and Hussain 2010); there is no modeling component. Most workflows in the social sciences are for social network analyses (Garijo et al. 2014); we go well beyond that here. ...
There has been significant growth in online social science experiments in order to understand behavior at-scale, with finer-grained data collection. Considerable work is required to perform data analytics for custom experiments. We also seek to perform repeated networked experiments and modeling in an iterative loop. In this work, we design and build four composable and extensible automated software pipelines for (1) data analytics; (2) model property inference; (3) model/simulation; and (4) results analysis and comparisons between experimental data and model predictions. We design a formal data model to which experiments and models must conform, for reasoning about them. Our data model is for scenarios where subjects can repeat actions (from a set) any number of times over the game duration. Because the types of interactions and action sets are flexible, this class of experiments is large. Two case studies, on collective identity and complex contagion, illustrate use of the system.
... This area of security-oriented workflows has not been tackled successfully thus far, with the majority of approaches focusing on authentication-only security models [21,22]. Finer-grained authorisation-oriented security has not been tackled and their importance in the scientific workflows was explored in our earlier work in [23,24]. In a given workflow execution path (selected during execution), if a particular service fails to be executed either due to its unavailability or lack of sufficient credentials, the whole workflow process may fail to complete. ...
Scientific workflows are composed of different services to support scientific experiments. Often such services are provided by different organizations that can have their own autonomous access control policies. Workflows are often shared and repurposed with the same and/or different datasets to repeat scientific experiments, therefore, different users can require different privileges to access different services to execute (enact) a given workflow. It can be the case that a given user may not have sufficient privileges to access some of the services of the workflow. As such, it needs to be ascertained whether a user (or enactment engine acting on behalf of a user) with a given set of security credentials should be allowed to enact a workflow and whether this will lead to runtime failure of the workflow. Ideally it should be determined a priori whether a path exists from the root node of the workflow graph to the leaf node, i.e. that it is possible for the workflow to be fully executable or partially executable on the basis of the available credentials of the user. This paper presents an algorithm and its realization that exploits existing workflow patterns to determine the structural path of the workflow whilst checking the availability of credentials at different service points in the workflow path.
... This way, only one credential will be required to access all secure NeISS services. The issues of security-oriented workflows and their realisation are also described in [33,34]. ...
... This way, only one credential will be required to access all secure NeISS services. The issues of security-oriented workflows and their realisation are also described in [33,34]. ...
This paper reports on progress towards the development of an e-research infrastructure for social simulations. We argue that simulation models are increasingly of interest to social scientists across a wide range of disciplines, and of value to both academics and policy-makers. The constituent services of an e-infrastructure for social simulation are described, and examples of social simulation workflows that connect these services into more substantial general purpose tasks shown. The paper discusses the ways in which workflows might themselves be embedded into portals for both spatial analysis and decision support, and reviews some of the outstanding barriers to further development.
Scientific experiments often involve use of shared resources across organization boundaries in distributed collaborative environments. They are more often enabled through web services. A plethora of research is undertaken to protect individual web services. They include centralized security models wherein the main focus is on centralised Virtual Organization (VO) specific attribute authorities, e.g. VOMS, which can be used by collaborative service providers to make authorisation decisions. And a decentralized security model wherein each service provider themselves are responsible for the assignment of roles/privileges to the different members of collaborative environments. Workflows themselves can be orchestrated in centralized or decentralized orchestration models. In this research work we have identified a number of architectural design patterns for security-enabled workflows executions. These patterns are based on the different workflows execution and security models. The key issues in such patterns as well as a rationale of choice are provided. An overview of a security-oriented workflow framework is provided that can tackle some of the issues identified in these patterns.
Decentralized enactment of workflows is generally advocated for data intensive scientific applications. This approach offers a number of advantages including avoiding a single (centralized) point of failure, and associated (centralized) performance bottlenecks. However, such services are often assumed to be openly available with little or no security. This is increasingly not the case. Instead organizations and the services they offer require autonomous ways of defining and enforcing their own access control policies supporting fine-grained authorization. Tackling such scenarios raises many issues regarding workflow definition, enactment and potential re-enactment. This research explores the issues related to security-oriented decentralized workflow definition and enactment. The solution is respectful of the need for autonomy of service providers and allows each participating service to define their own access control policies. We also show how different security delivery models can be supported leveraging the pulling and pushing of security credentials.
