Call-by-Contract for Service Discovery, Orchestration and Recovery

  • Massimo Bartoletti
  • Pierpaolo Degano
  • Gian Luigi Ferrari
  • Roberto Zunino
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6582)


We present a framework for designing and composing services in a “call-by-contract” fashion, i.e. according to their behavior. We discuss how to correctly plan service compositions in some relevant classes of services and behavioral properties. To this aim, we propose both a core functional calculus for services, and a graphical design language. The core calculus features primitives for selecting and invoking services that respect given behavioral requirements, typically safety properties on the service execution history. A type and effect system over-approximates the actual run-time behavior of services. A further static analysis step finds the viable plans that drive the selection of those services matching the behavioral requirements on demand.


Service Composition Service Discovery Plan Selection Request Type Computer Security Foundation Workshop 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abadi, M., Fournet, C.: Access control based on execution history. In: Proc. 10th Annual Network and Distributed System Security Symposium (2003)Google Scholar
  2. 2.
    Banerjee, A., Naumann, D.A.: History-based access control and secure information flow. In: Workshop on Construction and Analysis of Safe, Secure and Interoperable Smart Cards, CASSIS (2004)Google Scholar
  3. 3.
    Bartoletti, M.: Usage automata. In: Degano, P., Viganò, L. (eds.) ARSPA-WITS 2009. LNCS, vol. 5511, pp. 52–69. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Bartoletti, M., Costa, G., Degano, P., Martinelli, F., Zunino, R.: Securing Java with local policies. Journal of Object Technology 8(4) (2009)Google Scholar
  5. 5.
    Bartoletti, M., Degano, P., Ferrari, G.L.: Checking risky events is enough for local policies. In: Coppo, M., Lodi, E., Pinna, G.M. (eds.) ICTCS 2005. LNCS, vol. 3701, pp. 97–112. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Bartoletti, M., Degano, P., Ferrari, G.L.: Enforcing secure service composition. In: Proc. 18th Computer Security Foundations Workshop (CSFW) (2005)Google Scholar
  7. 7.
    Bartoletti, M., Degano, P., Ferrari, G.L.: History-based access control with local policies. In: Sassone, V. (ed.) FOSSACS 2005. LNCS, vol. 3441, pp. 316–332. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Bartoletti, M., Degano, P., Ferrari, G.L.: Plans for service composition. In: Workshop on Issues in the Theory of Security (WITS) (2006)Google Scholar
  9. 9.
    Bartoletti, M., Degano, P., Ferrari, G.L.: Types and effects for secure service orchestration. In: Proc. 19th Computer Security Foundations Workshop (CSFW) (2006)Google Scholar
  10. 10.
    Bartoletti, M., Degano, P., Ferrari, G.L.: Planning and verifying service composition. Journal of Computer Security 17(5) (2009)Google Scholar
  11. 11.
    Bartoletti, M., Degano, P., Ferrari, G.L., Zunino, R.: Secure service orchestration. In: Aldini, A., Gorrieri, R. (eds.) FOSAD 2007. LNCS, vol. 4677, pp. 24–74. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    Bartoletti, M., Degano, P., Ferrari, G.-L., Zunino, R.: Types and effects for resource usage analysis. In: Seidl, H. (ed.) FOSSACS 2007. LNCS, vol. 4423, pp. 32–47. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  13. 13.
    Bartoletti, M., Degano, P., Ferrari, G.L., Zunino, R.: Model checking usage policies. In: Kaklamanis, C., Nielson, F. (eds.) TGC 2008. LNCS, vol. 5474, pp. 19–35. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  14. 14.
    Bartoletti, M., Degano, P., Ferrari, G.L., Zunino, R.: Semantics-based design for secure web services. IEEE Trans. Software Eng. 34(1), 33–49 (2008)CrossRefGoogle Scholar
  15. 15.
    Bartoletti, M., Degano, P., Ferrari, G.L., Zunino, R.: Local policies for resource usage analysis. ACM Trans. Program. Lang. Syst. 31(6) (2009)Google Scholar
  16. 16.
    Bonelli, E., Compagnoni, A., Gunter, E.: Typechecking safe process synchronization. In: Proc. Foundations of Global Ubiquitous Computing. ENTCS, vol. 138(1) (2005)Google Scholar
  17. 17.
    Boreale, M., et al.: SCC: A service centered calculus. In: Bravetti, M., Núñez, M., Tennenholtz, M. (eds.) WS-FM 2006. LNCS, vol. 4184, pp. 38–57. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Brogi, A., Canal, C., Pimentel, E.: Behavioural types and component adaptation. In: Rattray, C., Maharaj, S., Shankland, C. (eds.) AMAST 2004. LNCS, vol. 3116, pp. 42–56. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  19. 19.
    Buscemi, M.G., Montanari, U.: CC-pi: A constraint-based language for specifying service level agreements. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 18–32. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  20. 20.
    Carbone, M., Honda, K., Yoshida, N.: Structured global programming for communicating behaviour. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 2–17. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  21. 21.
    Costa, G., Degano, P., Martinelli, F.: Secure service composition with symbolic effects. In: Proc. SEEFM. IEEE Computer Society, Los Alamitos (2009)Google Scholar
  22. 22.
    Edjlali, G., Acharya, A., Chaudhary, V.: History-based access control for mobile code. In: Ryan, M. (ed.) Secure Internet Programming. LNCS, vol. 1603. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  23. 23.
    Ferrari, G.L., Guanciale, R., Strollo, D.: JSCL: A middleware for service coordination. In: Najm, E., Pradat-Peyre, J.-F., Donzeau-Gouge, V.V. (eds.) FORTE 2006. LNCS, vol. 4229, pp. 46–60. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  24. 24.
    Fong, P.W.: Access control by tracking shallow execution history. In: IEEE Symposium on Security and Privacy (2004)Google Scholar
  25. 25.
    Gifford, D.K., Lucassen, J.M.: Integrating functional and imperative programming. In: ACM Conference on LISP and Functional Programming (1986)Google Scholar
  26. 26.
    Guidi, C., Lucchi, R., Gorrieri, R., Busi, N., Zavattaro, G.: SOCK: A calculus for service oriented computing. In: Dan, A., Lamersdorf, W. (eds.) ICSOC 2006. LNCS, vol. 4294, pp. 327–338. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  27. 27.
    Honda, K., Vansconcelos, V., Kubo, M.: Language primitives and type discipline for structured communication-based programming. In: Hankin, C. (ed.) ESOP 1998. LNCS, vol. 1381, p. 122. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  28. 28.
    Igarashi, A., Kobayashi, N.: Resource usage analysis. In: Proc. 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL) (2002)Google Scholar
  29. 29.
    Object Management Group. Business Process Management Initiative. Business Process Modeling Notation. OMG (2009),
  30. 30.
    Koch, N., Mayer, P., Foster, H., Montangero, C., Varro, D., Gonczy, L.: UML extensions for service-oriented systems. In: Wirsing, M., Hölzl, M. (eds.) Sensoria. LNCS, vol. 6582, pp. 35–60. Springer, Heidelberg (2011)Google Scholar
  31. 31.
    Lapadula, A., Pugliese, R., Tiezzi, F.: A calculus for orchestration of web services. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 33–47. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  32. 32.
    Lazovik, A., Aiello, M., Gennari, R.: Encoding requests to web service compositions as constraints. In: van Beek, P. (ed.) CP 2005. LNCS, vol. 3709, pp. 782–786. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  33. 33.
    Nielson, F., Nielson, H.R.: Type and effect systems. In: Olderog, E.-R., Steffen, B. (eds.) Correct System Design. LNCS, vol. 1710, p. 114. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  34. 34.
    Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. Springer, Heidelberg (1999)CrossRefzbMATHGoogle Scholar
  35. 35.
    Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security (TISSEC) 3(1) (2000)Google Scholar
  36. 36.
    Skalka, C., Smith, S.: History effects and verification. In: Chin, W.-N. (ed.) APLAS 2004. LNCS, vol. 3302, pp. 107–128. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  37. 37.
    Talpin, J.P., Jouvelot, P.: The type and effect discipline. Information and Computation 2(111) (1994)Google Scholar
  38. 38.
    OASIS TC. Business process execution language for web services version 2.0,
  39. 39.
    Toma, I., Foxvog, D.: Non-functional properties in Web Services. WSMO Deliverable (2006)Google Scholar
  40. 40.
    Vallecillo, A., Vansconcelos, V., Ravara, A.: Typing the behaviours of objects and components using session types. In: Proc. of FOCLASA (2002)Google Scholar
  41. 41.
    Wirsing, M., et al.: Semantic-based development of service-oriented systems. In: Najm, E., Pradat-Peyre, J.-F., Donzeau-Gouge, V.V. (eds.) FORTE 2006. LNCS, vol. 4229, pp. 24–45. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  42. 42.
    Woo, T.Y.C., Lam, S.S.: A semantic model for authentication protocols. In: IEEE Symposium on Security and Privacy (1993)Google Scholar
  43. 43.
    Web services choreography description language. W3C Candidate Recommendation (November 9, 2005),
  44. 44.
    Zunino, R.: LocUsT: a tool for checking usage policies. Technical Report TR-08-07, Dip. Informatica, Univ. Pisa (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Massimo Bartoletti
    • 1
  • Pierpaolo Degano
    • 2
  • Gian Luigi Ferrari
    • 2
  • Roberto Zunino
    • 3
  1. 1.Dipartimento di Matematica e InformaticaUniversità degli Studi di CagliariItaly
  2. 2.Dipartimento di InformaticaUniversità di PisaItaly
  3. 3.Dipartimento di Ingegneria e Scienza dell’InformazioneUniversità di TrentoItaly

Personalised recommendations