1 / 63

E-Service Composition and Behavioral Signatures

E-Service Composition and Behavioral Signatures. October 18, 2003 slides will be available at http://db.bell-labs.com/user/hull. Rick Hull Bell Labs Research. Based in part on the PODS 2003 talk entitled “E-Services: A Look Behind the Curtain”, co-authored with.

oliana
Download Presentation

E-Service Composition and Behavioral Signatures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. E-Service Compositionand Behavioral Signatures October 18, 2003 slides will be available at http://db.bell-labs.com/user/hull Rick Hull Bell Labs Research Based in part on the PODS 2003 talk entitled “E-Services: A Look Behind the Curtain”, co-authored with Michael Benedikt (Bell Labs) Vassilis Christophides (FORTH, Greece) Jianwen Su (UC Santa Barbara) Behavioral Signatures and E-Service Composition

  2. Our focus: how to build, analyze The E-Services Paradigm • Goal: Simplify and/or automate e-service • Discovery • Composition • Orchestration (invoke, monitor; “choreography”) • Provenance (e-science, recovery) • Primary roots of e-services paradigm (a) Process description formalisms (b) Distributed computing middleware (c) Data management • What makes e-services “new” • Much more de-centralized than workflow • More flexible, less structured than CORBA • Data management has larger role in (a) and (b) • Importance of standards to enable interoperation and analysis Behavioral Signatures and E-Service Composition

  3. Outline • Events, messaging, and sequential behavior are facts of life • We need a notion of “behavioral signature” • An automata-based framework • Inspired by CSPs, -calculus, verification theory • Analysis “tools” • Several approaches available • Automated composition • Including a bridge to DLs • Conclusions Behavioral Signatures and E-Service Composition

  4. Web Services Definition Language (WSDL): Messages and (traditional) I/O signatures • Peer-to-peer: e-service can act as client or server • Proactive : send request send request, block till response • Reactive : receive request receive request, send response bill_payment out: bill in: payment order bill order Supplier’ Supplier receipt payment receipt • Port: mechanism to cluster operations • Port as unit of interoperation between services Behavioral Signatures and E-Service Composition

  5. authorize ok payment1 receipt2 bill1 order2 bill2 payment2 receipt1 order1 supplier2 • Add new services dynamically • Does supplier2 fit? (what if supplier2 uses “prepay”) E-Commerce: Patterns of Messages buy bank store • Certain patterns “acceptable”, others not • Enactments with different life-cycles • E.g., one credit authorize for many orders get supplier1 Behavioral Signatures and E-Service Composition

  6. Using order toinfer IOPA properties order bill Supplier • Conditions on input/output • if valid client sends order, then bill is created • if payment is received, then receipt is sent • Conditions on “state of world” • Amount of $$ in line of credit • Supplier ships order when payment is received • Performing inference (“everything else fixed”) • Assume the Bank satisfies: if bill received and sufficient funds, then payment is sent • Infer that: “an order from a valid client with sufficient funds will result in a receipt and shipment of the order” receipt payment Behavioral Signatures and E-Service Composition

  7. Services use events • “Full” plane reservation service includes alerts if plane is delayed • To person flying • To car rental service, to hotel service, … • Services may have to retain context over a period of time • Will be “waiting” for incoming event • Put it into proper context • Take appropriate actions • BPEL4WS has explicit constructs for asynchronous events • receive, wait, pick Behavioral Signatures and E-Service Composition

  8. Telecom/Collaborative Services Profile Data Session Coordinator Pre-Pay • Emerging standards will enable flexible, dynamic invocation of services & incorporation of features • Can be viewed as a special case of web services • Bearer traffic vs. signaling/control traffic • Asynchronous events: call dropped, person becomes present, … • Feature interactions: call screening, call waiting, … Presence Server Media Server (voice) Media Server (video) Behavioral Signatures and E-Service Composition

  9. Outline • Sequential behavior and messaging are a fact of life • We need a notion of “behavioral signature” • An automata-based framework • Uses a “black-box” perspective • Contrast to “white-box” formalisms • Some “tools” are available • Including a bridge to DLs • Conclusions Behavioral Signatures and E-Service Composition

  10. Two perspectives on E-Services • “Black box”: Signature languages • Web Services Description Language (WSDL) • Focus on input/output signatures only • Pre-/post conditions á la OIL-S • Behavioral: • Focus on sequencing of messages transmitted • W3C Choreography group working here • Focus on sequencing of actions performed • “White box”: Implementation languages • Essence of WSFL, XLANG, BPEL4WS*, BPML, etc. standards • OIL-S process constructs • Typically, parallel flowcharts with synchronization, scopes, some event handling, internal variables *BPEL4WS also supports a “black box” view of e-services Behavioral Signatures and E-Service Composition

  11. Do until halt nondeterministic choice: read an input; send an output to some other peer; halt; end choice Modeling I: Individual E-services • In the most general case, an e-service can be a Turing machine inputmessages to othere-services message log local store • For analysis, optimization, and automation it is useful to study more restricted models Behavioral Signatures and E-Service Composition

  12. Behavioral signatures using messages • Use Mealy Peers: Finite State Automata with input/output • Follows spirit of process algebras, communicating processes • Can model single or sequenced enactments • Advantages for analysis, e.g., verifying temporal properties, characterizing global behavior order order bill bill !b !r ?p !b ?p !r ?o ?o !r !b !r ?p rcpt pymnt pymnt rcpt (a) “cautious” supplier (b) “trusting” supplier Behavioral Signatures and E-Service Composition

  13. Peer 1 Peer 2 . . . Peer n Modeling II: A composition framework • A peer: autonomous process executing an e-service • Assumereliablecommunication Behavioral Signatures and E-Service Composition

  14. authorize bank store • P : finite set of peers (e-services) ok payment1 receipt2 • C : finite set of peer-to-peer channels bill1 order2 bill2 payment2 receipt1 order1 • M : (finite) set ofmessage classes supplier2 supplier1 E-Composition Schema • An E-C schema is a triple (P, C, M) Specifies the infrastructure of composition • Many variations on this base model possible, e.g., • Different levels of granularities • Assume finite domains  can model parameters explicitly Behavioral Signatures and E-Service Composition

  15. !o1 ?b1 ?k !a !k ?a !o2 ?r2 ?o2 ?o1 !b1 !b2 Combining Peer and Composition Models store bank • Peer fsa’s begin in their start states . . . . . . supplier2 supplier1 . . . . . . Behavioral Signatures and E-Service Composition

  16. !o1 ?b1 ?k !a !k ?a !o2 ?r2 ?o2 ?o1 !b1 !b2 Executing a Mealy Composition (cont.) store bank • STORE produces letter aand sends to BANK a . . . . . . supplier2 supplier1 . . . . . . Behavioral Signatures and E-Service Composition

  17. !o1 ?b1 ?k !a !k ?a !o2 ?r2 ?o2 ?o1 !b1 !b2 Executing a Mealy Composition (cont.) store bank • BANK consumes letter a • Execution successful if all queues are empty and fsa’s in final state . . . . . . supplier2 supplier1 . . . . . . Behavioral Signatures and E-Service Composition

  18. !o1 ?b1 ?k !a !k ?a !o2 ?r2 ?o2 ?o1 !b1 !b2 “State” and “Conversation” store bank b2 b1 . . . • The state of the composition is based on • state of each peer • contents of the queues • Conversation: one enactment of global process • Can have “sub-conversations” of a conversation • Little known about formal properties of conversations r2 . . . supplier2 supplier1 . . . . . . o2 r2 o2 o1 Behavioral Signatures and E-Service Composition

  19. Peer 1 Peer 2 . . . Peer n Important Choices for Message-based Composition Model • Representation formalism for peer implementations • Expressive power of peer implementations • Bounded vs unboundedqueues • Several queues vs one queue vs heap vs … • Open vs closed • Restricted topologies/control: peer-to-peer,hub-and-spoke, hierarchical,… • Show full language or subset Behavioral Signatures and E-Service Composition

  20. authorize bank store ok payment1 receipt2 payment2 receipt1 bill2 order1 order2 bill1 bank store supplier2 supplier1 k’ a’ a k r b o p mediator p2 o1 b2 r1 r2 b1 o2 p1 supplier1 supplier2 • Hub-and-spoke (centralized control) Composition Infrastructure • Peer-to-peer (distributed control) • BPEL4WS, BPML, GSFL useful to define mediators • Composition of compositions  hierarchy . . . Behavioral Signatures and E-Service Composition

  21. BPEL4WS: Example white-box language begin parallel Initialize • Flowcharts “with parallelism” • “Pick” construct to enable waiting for input (or time out) • Synchronization within parallel threads • Comparison of supported constructs: see [van der Aalst ’03] do until flag Receive Bill1 send Order end_date reached pick Send Bill receive order receive Receipt1 flag := true case Receive Payment send Receipt suppl2 order suppl1 order Send Payment1 end case end parallel Behavioral Signatures and E-Service Composition

  22. OIL-S Process Model • Process class • Atomic, composite (mediator), or simple (virtual) • Inputs, outputs, effects • Pre-conditions, post-conditions • Constructs for composite processes • Sequence • Concurrency: Split; Split+Join; Unordered • Choice • If-Then-Else • Looping: Repeat-Until; Iterate (non-deterministic) • Data Flow • No explicit variables, no internal data store, no wait • Predicate “sameValues” to match input of composite service and input of subordinate service • Less refined than, e.g., BPEL4WS Behavioral Signatures and E-Service Composition

  23. Outline • Events, messages, and sequential behavior are facts of life • An automata-based framework • Analysis “tools” • Petri nets • Tools using temporal logics • Bounded vs. unbounded queues • Automatic composition • Conclusions Behavioral Signatures and E-Service Composition

  24. Verifying Properties of DAML-S Processes via Petri nets [Narayanan+McIlraith ’02] • Specify a DAML-S semantics using a situation calculus • Includes Knows, Kwhether, Kref for condition testing • Captures “completion assumptions”: essentially prevents world from changing without e-service knowing about it • Operational semantics via Petri nets • Assume finite domains • Map to “1-safe” Petri nets, which corresponds to bounded queue case • Verify properties such as reachability, termination • Complexity depends on constructs and model • Range from PTIME to EXPSPACE-hard Behavioral Signatures and E-Service Composition

  25. !o1 ?b1 ?k !a !k ?a “shipment just made” “shipment just made” !o2 “line-of-credit available” ?r2 ?o2 ?o1 !b1 !b2 Verifying Temporal Properties of Mealy Compositions • Label states with propositions • Level of indirection between states and “observables” • Express temporal formulas, e.g., • “shipment just made” only after “line-of-credit avail” store bank . . . . . . warehouse2 warehouse1 !b2 . . . ?r2 . . . Behavioral Signatures and E-Service Composition

  26. Results on Temporal Verification • Long history, e.g., [Clarke et.al. ’00] • E.g., verification for fsa’s and propositional LTL • Complexity: PSPACE in size of formula + fsa linear time in size of fsa • Application to Mealy compositions • Results apply to open and closed case • Bounded queues • Composition can be simulated as Mealy machine • Verification is decidable • Standard techniques to reduce cost • Unbounded queues • In general, undecidable • Approximation techniques can be applied Behavioral Signatures and E-Service Composition

  27. Peer 1 Peer 2 . . . Peer n . . . a k o1 o2 b1 p1 Qualitative Analysis of Unbounded Queue Compositions • “Conversation Languages” [Bultan et.al. WWW’03] • Assume a “watcher” that observes all messages sent • In contrast to previous approach, the “observables” here are simply the messages sent • Language of peer implementation is set of words formed by successful executions of the implementation Watcher Behavioral Signatures and E-Service Composition

  28. ?b1 !k ?a ?r2 ?o2 !b2 ?o1 !b1 Example Conversation Language store bank !o1 • Language: ak SH( (o1r1b1 p1)*, (o2 SH(r2,b2p2))* ) • First ak, then a shuffle of orders against Supplier1 and orders against Supplier2 • Supplier1 is “cautious” and Supplier2 is “trusting” • This language is regular • Same language for bounded or unbounded queues ?k !a . . . . . . !o2 supplier2 supplier1 . . . . . . Behavioral Signatures and E-Service Composition

  29. ?o ?a !a ?b !b !o Unbounded Queues  Unexpected Behaviors (c) Bank’ (a) Store’ (b) Supplier’ • Abstract versions of previous e-services • But, no “handshakes” for messages • Conversation language L: • L  ao*b* = { aonbn| n  0 }, i.e., L is not regular • Take aways: • “Bottom up” design of compositions may lead to undesirable global behaviors • Service mediators can have important role in preventing undesirable behaviors Behavioral Signatures and E-Service Composition

  30. How bad is it ? • In general, conversation language with Mealy peers and unbounded queues is context-sensitive • Accepted by a quasi-realtime automaton with 3 queues • All conversation languages are closed under two key properties • Join: if w is generated, then certain “shuffle products” of w are also generated • Prepone: interchange order of input and output messages of a peer p under certain conditions • For hierarchical ec-schemas: Conversation language is join-prepone closure of a regular language  Each peer is a Mealy implementation Behavioral Signatures and E-Service Composition

  31. Outline • Events, messaging, and sequential behavior are facts of life • An automata-based framework • Analysis “tools” • Automatic composition • Hierarchical composition • Results from DAML-S community • Results using Mealy machines • A bridge to DLs • Conclusions Behavioral Signatures and E-Service Composition

  32. Hierarchical Composition • A pragmatic approach to automating e-service composition Customized Travel Service Travel Service Templates Air Travel Templates Airport Transfer Hotel Reservation Behavioral Signatures and E-Service Composition

  33. Hierarchical Composition (cont.) • Approach: • Assume a library of e-service “templates” and ground specs • Based on input criteria select a root template, then fill in “gaps” with other templates and/or ground specs • [Christophides et.al. ’01] does this for “structured workflows” • Take-away: Hierarchical structuring is important for e-service formalisms • Need to incorporate this into OWL-S, Mealy model Behavioral Signatures and E-Service Composition

  34. Automatic Composition for DAML-S [Narayanan+McIlraith ’02]: Search over all combinations • Recall simulation of DAML-S via 1-safe Petri nets • For set of atomic e-services, create Petri Net that represents all possible combinations of them • Specify desired goal as a state of this Petri Net • Determine if this goal state is reachable • In this frameworkreachability is PSPACE- complete in size of Petri net • Petri net itself may be exponential in size of atomic e-services • Heuristics can be used to avoid full construction [McIlraith+Son ’02]Generic compositions + customization • develops mapping of DAML-S into ConGolog, and uses to create compositions • Approach based on 2-level hierarchy… Behavioral Signatures and E-Service Composition

  35. Composition for Mealy Peers • Traditional synthesis problem statement: • Given: ec-schema and LTL formula  • Create: an fsa for each peer so that  is satisfied • Synthesis results for Mealy implementations with bounded queues • Closed compositions: folklore results imply that synthesis is decidable • Propositional LTL description  PSPACE • -regular set represented as automaton  PTIME • Open compositions: Undecidable for LTL for arbitrary ec-schemas [Pnueli+Rosner ’90] • Decidable for hierarchical topology, but non-elementary even for linear case [Kupferman+Vardi ’01] Behavioral Signatures and E-Service Composition

  36. Reformulation of the Synthesis Problem to use extended “UDDI Repository” • UDDI Repository: globally accessible store for web service descriptions and locations • Imagine that it supports Mealy descriptions • Possible approach • Given: ec-schema, LTL formula , “UDDI repository” • Find: peers in repository so that  is satisfied • Variation: allow creation of a mediator to choreograph the selected peers • Database aspect of this problem • How to search across large space of Mealy descriptions? • What is appropriate query language? Behavioral Signatures and E-Service Composition

  37. Synthesis for Unbounded, Closed Case[Bultan et. al. ’03] • Use conversation language to express global behavior • Problem statement: • Given: ec-schema and regular language L over messages • Create: an fsa for each peer so that composition generates L’ =join-prepone closure of L • Result: Mealy peers can be constructed whose composition gives global behavior L’ • Do a “projection” on fsa accepting L • Can again ask UDDI version of synthesis question Behavioral Signatures and E-Service Composition

  38. Recent work from Lenzerini’s group(DL ’03) • Based on a different model for peers • Focus on sequences of actions, not messages • Includes a “user” who repeatedly makes choice (from limited set) about next action she wants • All actions “visible” at top level • Actions that client can ask for: • initiate, end • search • listen • cart • buy Client on-line music store Service • Abstract behavior of the Service: Do until Client selects “End” • Give Client a choice of actions to be performed • Wait for Client choice • Perform action chosen by Client Behavioral Signatures and E-Service Composition

  39. Solve composition by synthesizing mediator • Assuming peers and spec are regular, can • Determine if a composition exists • If one does, then select peers and construct mediator Desired behavior (as FSA) Mediator (constructed)  Services (selected from “UDDI”) Extended UDDI • Using standard automata techniques: NEXPTIME • Using reduction to ALU DL: EXPTIME Behavioral Signatures and E-Service Composition

  40. Conclusions • Sequential behavior and messaging are a fact of life • We need a notion of “behavioral signature” • Automata-based perspective • Provides formal framework that incorporates events and sequencing • Can draw on broad theory of analysis “tools” • Offers a framework for automated composition • Can represent (at least some) in DLs – link to OWL? • Automata-based perspective should be exploited in semantic web services • Results suggest key challenges in composition • Select peers: queries over sets of peers • Mediator crucial: find/build the mediator Behavioral Signatures and E-Service Composition

  41. We are just getting started … • Enhanced Mealy – can we incorporate • Messages + actions • Pre-/post-conditions á la OWL-S • Hierarchical structure for messages (state charts?) • Temporal constraints • (your favorite) PSL constructs • Composition of Mealy++ machines • Can we adapt the Roman approach ? • Augment traditional planning with approach for cyclic behaviors • Mealy++ vis-à-vis BPEL4WS, OWL-S process model, PSL, FIPA A-UML, … • Jianwen Su et. al. developing tool for translating between Mealy and BPEL4WS • Searching a large set of Mealy++ signatures • What is appropriate query language? • Finding relevant results from various communities: verification, -calculus, planning, DL, DB, agent, … Behavioral Signatures and E-Service Composition

  42. Backup Slides Behavioral Signatures and E-Service Composition

  43. E-Services • The Web: Flexible human-machine interaction • E-services: Flexible machine-machine interaction • Working Definition: Network-resident software services accessible via standardized protocols • Simple Object Access Protocol (SOAP): very flexible remote procedure call • Lots of interest in trade press, academic community, standards bodies, . . . • Applications in e-commerce, telecom, science, GRID, government, education, . . . Behavioral Signatures and E-Service Composition

  44. E-Science Controller • E.g., find best location for waste treatment plant • Possibly 100s of nodes, and running for weeks • Data size difference: • Control and calibrations (small) • Experimental data (large) • Provenance: need to access derivation history control and calibrations Sea Circu- lation Atmo- spheric Simu- lation Waste Transport notifications and/or experimental data Behavioral Signatures and E-Service Composition

  45. Web Services Protocol Stack* Web service composition: WSFL, XLANG, BPEL4WS, BPML, W3C Choreography Publishing and discovery: UDDI Service Description Layer: WSDL, WSCL, WSCI XML messaging layer: SOAP Transport layer: HTTP, SMTP, FTP, etc. *Based on [van der Aalst ’03] Behavioral Signatures and E-Service Composition

  46. Pre-/post-conditions order bill Supplier • DAML-S provides for pre- and post-conditions • Examples • if valid client sends Order, then Bill is created • if Payment is received, then Receipt is sent • Performing inference (“everything else fixed”) • Assume a Bank service such that: if bill received and sufficient funds, then payment is sent • Then we can infer that: “an order from a valid client with a sufficient account balance will result in a receipt” • Reasoning with pre- and post-conditions • Different models will lead to different complexity • [Narayanan+McIlraith ’02] axiomatization in situation calculus for a Petri-net based model • Complexity from PTIME to EXPSPACE-hard receipt payment Behavioral Signatures and E-Service Composition

  47. Web Services Conversation Language (WSCL) • Alternative automata-based approach for describing behavior of e-services • States are the WSDL operations (input and/or output) • Transitions are pairs of operations, with associated condition • Condition refers to type of documents passed as input or output • Relationship of Mealy machine vs. WSCL machine remains open • Mealy machine formalism given above could be extended to include conditions based on types of documents passed • Number of states in WSCL machine bounded by number of WSDL operations • So Mealy machines (with conditions) appear more expressive than WSCL machines Behavioral Signatures and E-Service Composition

  48. Technical Definition A Mealy peer is an FSA M = (T, s, F, in, out, ) • T : a set of states • s: the initial state • F : a set of final states • in: input message classes • out: output message classes •  : transition relation that either • consumean input, (s1, ?m, s2), or • produce output, (s1, !m, s2), or • make an empty (internal ) move, (s1, e, s2) Behavioral Signatures and E-Service Composition

  49. Abstract model fore-services with data • Variation of relational transducer [Abiteboul et al ’00] • Extend Mealy machine to (Q,q0, F, I, H, O, ) • Input schema I (can hold data associated with incoming messges) • Internal/hidden schema H • Output schema O •  has tuples (q, q’, G, T) • G is “guard” -- boolean query on I and H • T is “transform” - queries that create new H and output O • Can use different data models (relational, XML, …) • General decision problems are undecidable • E.g., if use relational calculus as data manipulation language • Restricted cases are decidable, tractable • E.g., reachability of a state, if using conjunctive queries • E.g., “Spocus” transducers of [Abiteboul et al ’00] have PTIME decidability results Behavioral Signatures and E-Service Composition

  50. Data Transducers as White-Box Peers • Add database to fsa (XML, relational) • Store e-service with • Customer_care • Inventory_replenishment • Store_databaseused as shared data store • Cf., XL [Florescu et.al.’03] • Process + XQuery • Cf., Relational Transducer [Abiteboul et. al. ’00] • Analysis undecidable; NEXPTIME for restrictions buy ?y !t take customer_care store_inventory part qty . . . store_database order1 ?r1 ?r2 !o1 !o2 authorize receipt1 ?k !a order2 ok !o1 !o2 inventory_ replenishment ?r1 receipt2 ?r2 Behavioral Signatures and E-Service Composition

More Related