Data provenance in SOA: security, reliability, and integrity

Due to the dynamic nature, such as services composition and evaluation, it is critical for a Service-Oriented Architecture (SOA) system to consider its data provenance, which concerns security, reliability, and integrity of data as they are being routed in the system. In a traditional software system, one focuses on the software itself to determine the security, reliability, and integrity of the software. In an SOA system, however, one also needs to consider origins and routes of data and their impact, i.e., data provenance. This paper first analyzes the unique nature and characteristics of data provenance in an SOA system, particularly related to data security, reliability, and integrity. Then it proposes a new framework for data provenance analysis in an SOA system. Finally, this paper uses an example which illustrates these techniques.

[1]  Kiran-Kumar Muniswamy-Reddy Deciding How to Store Provenance , 2006 .

[2]  Kuo-Wei Hwang Information Services in Service Oriented Architecture-Challenges and Opportunities , 2006, SEKE.

[3]  Wei-Tek Tsai,et al.  DISTRIBUTED SERVICE-ORIENTED SOFTWARE DEVELOPMENT , 2008 .

[4]  Yong Zhao,et al.  Chimera: a virtual data system for representing, querying, and automating data derivation , 2002, Proceedings 14th International Conference on Scientific and Statistical Database Management.

[5]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[6]  James Frew,et al.  Lineage retrieval for scientific data processing: a survey , 2005, CSUR.

[7]  Raymond A. Paul,et al.  DoD towards software services , 2005, 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems.

[8]  D. Lanter Design of a Lineage-Based Meta-Data Base for GIS , 1991 .

[9]  Wei-Tek Tsai,et al.  RTSOA: Real-Time Service-Oriented Architecture , 2006, 2006 Second IEEE International Symposium on Service-Oriented System Engineering (SOSE'06).

[10]  Raymond A. Paul,et al.  Services-oriented dynamic reconfiguration framework for dependable distributed computing , 2004, Proceedings of the 28th Annual International Computer Software and Applications Conference, 2004. COMPSAC 2004..

[11]  Wei-Tek Tsai,et al.  Distributed policy specification and enforcement in service-oriented business systems , 2005, IEEE International Conference on e-Business Engineering (ICEBE'05).

[12]  José Meseguer,et al.  Unwinding and Inference Control , 1984, 1984 IEEE Symposium on Security and Privacy.

[13]  Francisco Curbera,et al.  Web Services Business Process Execution Language Version 2.0 , 2007 .

[14]  Sanjeev Khanna,et al.  Why and Where: A Characterization of Data Provenance , 2001, ICDT.

[15]  Wei-Tek Tsai,et al.  Web service group testing with windowing mechanisms , 2005, IEEE International Workshop on Service-Oriented System Engineering (SOSE'05).

[16]  Paul T. Groth,et al.  Security Issues in a SOA-Based Provenance System , 2006, IPAW.

[17]  V. Vianu,et al.  Edinburgh Why and Where: A Characterization of Data Provenance , 2017 .

[18]  Paul T. Groth,et al.  The requirements of recording and using provenance in e- Science experiments , 2005 .

[19]  Kenneth J. Laskey Metadata Concepts to Support a Net-Centric Data Environment , 2005 .

[20]  Yogesh L. Simmhan,et al.  A survey of data provenance in e-science , 2005, SGMD.

[21]  Michael Luck,et al.  A Protocol for Recording Provenance in Service-Oriented Grids , 2004, OPODIS.

[22]  David Sundaram,et al.  Business Processes: Operational Solutions for SAP Implementation , 2005 .

[23]  Ivan Janciak,et al.  UK e-Science All Hands Meeting , 2009 .

[24]  Wei-Tek Tsai,et al.  Service-oriented system engineering: a new paradigm , 2005, IEEE International Workshop on Service-Oriented System Engineering (SOSE'05).

[25]  清華大学 SOSE 2005 : IEEE International Workshop on Service-Oriented System Engineering : proceedings : Beijing, China, 20-21 October 2005 , 2005 .

[26]  Tim O'Reilly,et al.  What is Web 2.0: Design Patterns and Business Models for the Next Generation of Software , 2007 .

[27]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[28]  Yogesh L. Simmhan,et al.  A Framework for Collecting Provenance in Data-Centric Scientific Workflows , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[29]  Wei-Tek Tsai,et al.  The Impact of SOA Policy-Based Computing on C2 Interoperation and Computing , 2005 .

[30]  Liming Chen,et al.  A Proof of Concept: Provenance in a Service Oriented Architecture , 2005 .

[31]  Yaron Goland,et al.  Web Services Business Process Execution Language , 2009, Encyclopedia of Database Systems.

[32]  Raymond A. Paul,et al.  A software reliability model for web services , 2004, IASTED Conf. on Software Engineering and Applications.

[33]  Raymond A. Paul,et al.  Adaptive testing, oracle generation, and test case ranking for Web services , 2005, 29th Annual International Computer Software and Applications Conference (COMPSAC'05).

[34]  David W. Walker,et al.  Support for Provenance in a Service-based Computing Grid , 2004 .

[35]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[36]  David A Chappell,et al.  Enterprise Service Bus , 2004 .