Abstract
For complex services composed of many (component) services, logging is an integral middleware aspect, especially for providing transactions and monitoring. In the event of a failure, the log allows us to deduce the cause of failure (diagnosis) and recover by compensating the executed services (atomicity). However, for heterogeneous services with parts of the functionality provided by multiple organizations, logging details of all executed services is often impracticable due to privacy/security constraints. Also, logging is expensive in terms of both time and space. Thus, we are interested in determining the minimal number of services that need to be logged, and which is still sufficient to know with certainty the actual sequence of executed services from any given log. Further to privacy issues, the complexity of determining a minimal set of such services to log is actually NP-Complete. To solve both issues, we resort to considering each component service as a grey box. Logs are recorded and kept local to each component, and a black-box view of the implementation details of each component is provided. In particular, a service which is reused as a component several times (often observed in real-life services) need not be re-computed each time. We show that this dramatically decreases the complexity up to 2 exponentials. For large monolithic component services that cannot be decomposed simply, we also provide heuristics to compute a small (but not necessarily minimal) number of services to log, and experimentally analyze their accuracy and performance.
Similar content being viewed by others
Notes
Universal Description Discovery & Integration (UDDI). http://uddi.xml.org/
OWL-S: Semantic Markup for Web Services. http://uddi.xml.org/
References
Activebpel BPEL Implementation. http://www.activebpel.org
Alonso G, Casati F, Kuno H, Machiraju V (2004) Web services, concepts, architecture and applications. ISBN: 3540440089. Springer-Verlag
Bavishi S, Chong EKP (1994) Automated fault diagnosis using a discrete event systems framework. In: Proceedings of the 9th IEEE international symposium on intelligent control (IC). IEEE Computer Society Press, pp 213–218
Biswas D (2009) Visibility in hierarchical systems. IRISA/INRIA PhD Thesis. http://perso.crans.org/%7Egenest/ThesisDebmalya.pdf
Biswas D, Genest B (2008) Minimal observability for transactional hierarchical services. In: Proceedings of the 20th international conference on software engineering and knowledge engineering (SEKE), pp 531–536
Biswas D, Gazagnaire T, Genest B (2008) Small logs for transactional services, distinction is much more accurate than (positive) discrimination. In: Proceedings of the 11th IEEE high assurance systems engineering symposium (HASE). IEEE Computer Society Press, pp 97–106
Business Process Execution Language for Web Services (BPEL) Specification. http://www-106.ibm.com/developerworks/library/ws-bpel/
Biswas D (2004) Compensation in the world of web services composition. In: Proceedings of the 1st international workshop on semantic web services and web process composition (SWSWPC). LNCS 3387, pp 69–80
Biswas D, Vidyasankar K (2004) A nested transaction model for ldap transactions. In: Proceedings of the 1st international conference on distributed computing and internet technology (ICDCIT). Lecture notes in computer science, vol 3347, Springer-Verlag, pp 117–126
Biswas D, Vidyasankar K (2009) Optimal compensation for hierarchical web services compositions under restricted visibility. In: Proceedings of the 4th IEEE Asia-pacific services computing conference (APSCC). IEEE Computer Society Press, pp 293–300
Bruni R, Melgratti H, Montanari U (2005) Theoretical foundations for compensations in flow composition languages. In: Proceedings of the 32nd ACM symposium on principles of programming languages (POPL). ACM, pp 209–220
Cassez F, Tripakis S (2008) Fault diagnosis with static and dynamic observers. Fundamenta informaticae 88:497540
Cieslak R, Desclaux C, Fawaz AS, Varaiya P (1988) Supervisory control of discrete event processes with partial observation. IEEE Trans Autom Control 33(3):249–260
Hagen C, Alonso G (2000) Exception handling in workflow management systems. IEEE Trans Softw Eng 26(10):943–958
Garcia-Molina H, Salem K (1987) Sagas. ACM SIGMOD Record 16(3):249–259
Garey MR, Johnson DS (1979) Computers and intractability: a guide to the theory of NP-completeness. ISBN: 9780716710455. W. H. Freeman and Company
Georgakopoulos D, Rusinkiewicz M, Sheth AP (1994) Using tickets to enforce the serializability of multidatabase transactions. IEEE Trans Knowl Data Eng 6(1):166–180
Hadzilacos V, Bernstein PA, Goodman N (1987) Concurrency Control and Recovery in Database Systems. ISBN: 0201107155. Addison-Wesley
Jiang S, Kumar R, Garcia HE (2003) Optimal sensor selection for discrete-event systems with partial observation. IEEE Trans Autom Control 48(3):369–381
Kumar R, Garg VK (1994) Modeling and control of logical discrete event systems. ISBN: 9780792395386. Springer
Lin F (1994) diagnosability of discrete event systems and its applications. In: Discrete event dynamic systems, vol 4, no 2. Springer, Netherlands, pp 197–212
Lin F, Wonham WM (1988) On observability of discrete-event systems. Information sciences, vol 44, no 3. Elsevier Science, pp 173–198
Lomet DB (1992) MLR: a recovery method for multi-level systems. In: Proceedings of the ACM sigmod international conference on management of data, SIGMOD Record, vol 21, no 2. ACM, pp 185–194
Maheshwari S (1976) Traversal marker placement problems are NP-complete. Research Report, Colorado Boulder University, USA
Moss JEB (1987) Log-based recovery for nested transactions. In: Proceedings of the 13th international conference on very large data bases (VLDB), pp 427–432
Ozveren CM, Wilsky AS (1990) Observability of discrete event dynamical systems. IEEE Trans Autom Control 35(7):797–806
Rohloff K, Khuller S, Kortsarz G (2006) Approximating the minimal sensor selection for supervisory control. Discrete event dynamic systems, vol 16, no 1. Springer, Netherlands, pp 143–170
Rohloff K, van Schuppen J (2005) Approximating minimal communicated event sets for decentralized supervisory control. In: Proceedings of the 16th IFAC world congress. Elsevier Science
Rudie K, Wonham MW (1992) Think globally, act locally: decentralized supervisory control. IEEE Trans Autom Control 37(11):1692–1708
Sadiq W, Orlowska ME (2000) Analyzing process models using graph reduction techniques. Information Systems, vol 25, no 2. Elsevier Science, pp 117–134
Sampath M, Sengupta R, Lafortune S, Sinaamohideen K, Teneketzis D (1995) Diagnosability of discrete event systems. 40(9):1555–1575
Synthetic Directed Acyclic Graph Generation Tool. http://www.loria.fr/%7Esuter/dags.html
Wang W, Lafortune S, Feng L, Girard AR (2010) Minimization of dynamic sensor activation in discrete event systems for the purpose of control. IEEE Trans Autom Control 55(11):2447–2461
Wang W, Lafortune S, Anouck R, Girard FL (2010) Optimal sensor activation for diagnosing discrete event systems. Automatica 46(7):1165–1175
Weikum G, Deacon A, Schaad W, Schek H-J (1993) Open nested transactions in federated database systems. IEEE Data Eng Bull 16(2):4–7
Web Services Transactions Specifications. http://msdn2.microsoft.com/en-us/library/ms951262/aspx
Wombacher A, Fankhauser P, Neuhold E (2004) Transforming BPEL into annotated deterministic finite state automata for service discovery. In: Proceedings of the 2nd international conference on web services (ICWS). IEEE Computer Society Press, pp 316–323
Yoo T-S, Lafortune S (2002) NP-completeness of sensor selection problems arising in partially observed discrete-event systems. IEEE Trans Autom Control 47(9):1495–1499
Young SD, Garg VK (1993) Optimal sensor and actuator choices for discrete event systems. In: Proceedings of the 31st allerton conference on communication, control, and computing
Acknowledgments
This work is supported by Create ACTIVEDOC and ANR DOCFLOW projects. Most of this work has been done while the first author was at IRISA/INRIA Rennes.
Author information
Authors and Affiliations
Corresponding author
Appendix
Appendix
Computing the Largest Component
In this section, we address the problem that the hierarchical structure specifying the components at each level is not available. It can be the case if the service was build in a monolithic fashion, or more pragmatically if it is not accessible anymore. That is, given a (flat representation of a) composite service, we would like to recover the hierarchical structure from it. Also, the effectiveness of our divide and conquer algorithms (Section 4.2) are clearly proportional to the size the components, that is, the larger the components the better as large components can possibly be refined further (which would imply that we should be interested in the smallest component C, however then the M C would be large). Towards this end, we show how to recover the largest component from a given composite service M in Appendix A. First, we present a linear time (in the number of transitions) algorithm to compute a smallest component C of an FSM M, knowing its initial, final state and an outgoing transition of the initial state.
The above algorithm can be iteratively invoked to compute the set S C of all components of an FSM M. We now give an algorithm to compute a largest component of M.
Using the above algorithm, a largest component of given service M can computed in quadratic time. The algorithm can thus be called inductively until there are no more components in the determined component FSM N of a level, and then the hierarchical structure of M has been obtained.
Rights and permissions
About this article
Cite this article
Biswas, D., Genest, B. Privacy preserving minimal observability for composite transactional services. Discrete Event Dyn Syst 24, 611–646 (2014). https://doi.org/10.1007/s10626-013-0177-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10626-013-0177-z