A Semantic Contract Model and Knowledge-driven Process for Supporting Controllability in Service-oriented Approaches

Link to publication: PhD Elena Jaramillo (Philippe Aniorté, dir.), (Manuel Munier, co-dir.)

Jury (PhD defense December 12, 2016)

• Ernesto Damiani (PR), Universtà degli Studi di Milano
• Maria Teresa Gómez López (PR), Universidad de Sevilla
• Philippe Aniorté (PR), LIUPPA, UPPA
• Camille Salinesi (PR), Université Paris 1 Panthéon-Sorbonne
• Manuel Munier (MC), LIUPPA, UPPA

Extended abstract

Service-oriented paradigms have dramatically changed the way of providing applications and doing businesses. Both SOA and the Cloud have enabled the creation of new paradigms based on dynamic collaborations. For final users, services offer a simplified access to functionalities and data. For organizations, the delegation of some business processes and the integration of external processes into the business logic have represented an opportunity to generate competitive advantages by saving costs, increasing the visibility in the market and exploiting the expertise of their partners by offering added-value products and services to their clients.

Despite the attractive advantages of the service-based technologies, the loss of control on the exchanged resources is a well reported drawback which decelerate their wide adoption. Basically, within an organization some business rules are associated to its resources in order to keep some properties over them and ensure that they are correctly used. Those rules reflect the conditions aiming to prevent possible organizational damages at any level, such as, conditions preventing the loss of reputation or guaranteeing compliance with some legal normative. However, when the resource moves out beyond the walls of the organization there is no guarantee that resource was used by respecting those rules. The consequences of such loss of control on the usage are not trivial since the way in which the shared resources are used by the external partner can affect the organization causing monetary fines, loss of customers or lawsuits. The impacts of such damages justify the need to having methods aiming to control the use on the resources shared during an external service provision. In this scenario, the challenge is to guarantee that the external partner behaves as expected when the resource is in his domain and when the business logic of each organization need to be preserved.

This thesis¹ proposes that the service provision be governed by a service contract, which differs from traditional SLAs in several ways:

• It extends the expressiveness of the SLA guarantees, traditionally based on security and performance, with contractual business terms representing the expected use of resources.
• It is based on a formal semantics which avoids misinterpretations of the contractual terms thanks to a common understanding of their meaning.
• The compliance with the business terms is inferred from the available knowledge collected during the contract execution.

Our controllability method is supported by two building blocks: a modeling component aiming the creation of policies, and a process component which operates with policies. In the former, two complementary models are proposed. The first one is a generic semantic formalization of a service contract, which includes the definition of a controllability vocabulary. The second one is a specific model for the definition of controllability policies, which uses the semantic model to give a clear meaning to the formalization of the business terms representing the expected use of resources. In the process component, a log recording the available knowledge about the behavior of the contractual parties is used to verify the compliance with the policy, to assess the quality of the provided service, and to audit the contractual parties. The proposed method is validated through the creation of machine-readable contracts in OWL which contain controllability policies written as XML rules.

Our proposed method, and more concretely the knowledge-based reasoning, opens new perspectives about the implementation of more sophisticated techniques of artificial intelligence applied to web services, improving existing research domains such as the semantic web services and intelligent web services. On the other hand, this thesis leaves some aspects untreated, notably, the negotiation of the contractual policy.

Keywords

contract, model, semantic, controllability policy, business rules, log, behavior, organizational assets, service