Campus Units

Computer Science

Document Type

Article

Publication Version

Accepted Manuscript

Publication Date

2008

Journal or Book Title

IEEE Transactions on Services Computing

Volume

1

Issue

4

First Page

201

Last Page

213

DOI

10.1145/2858965.2814289

Abstract

Verifying whether a service implementation is conforming to its service-level agreements is important to inspire confidence in services in a service-oriented architecture (SoA). Functional agreements can be checked by observing the published interface of the service, but other agreements that are more non-functional in nature, are often verified by deploying a monitor that observes the execution of the service implementation. A problem is that such a monitor must execute in an untrusted environment. Thus, integrity of the results reported by such a monitor crucially depends on its integrity. We contribute an extension of the traditional SoA, based on hardware-based root of trust, that allows clients, brokers and providers to negotiate and validate the integrity of a requirements monitor executing in an untrusted environment. We make two basic claims: first, that it is feasible to realize our approach using existing hardware and software solutions, and second, that integrity verification can be done at a relatively small overhead. To evaluate feasibility, we have realized our approach using current software and hardware solutions. To measure overhead, we have conducted a case study using a collection of Web service implementations available with Apache Axis implementation.

Comments

This article is published as Rajan, Hridesh, and Mahantesh Hosamani. "Tisa: Toward trustworthy services in a service-oriented architecture." IEEE Transactions on Services Computing 1, no. 4 (2008): 201-213. 10.1145/2858965.2814289. Posted with permission

Rights

© 2008 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Copyright Owner

IEEE

Language

en

File Format

application/pdf

Published Version

Share

COinS