Web servers

Oracle8i, the database for Internet computing, changes the way information is managed and accessed. Not only does Oracle8i introduce new features and enhancement for traditional OLTP and data warehouse, it also provides breakthrough technologies concerning the Internet and Java. This thesis presents a concrete investigation of Oracle8i's new features and new technologies, especially in the area of Internet and Java support. The following research tasks are performed: A comprehensive survey on the new features and new technologies of Oracle8i; An identification of the key features of Java utilities in Oracle8i, including JDBC drivers, SQLJ, and Enterprise JavaBeans, with complete examples running in Windows NT 4.0 environment; Discussions of Oracle8i and Internet, including Oracle WebDB and iFS; A presentation on areas for further study.

With the growth of the Internet and increasing, network traffic, latency has become a major issue. On the entrepreneur side bandwidth is a bottleneck. Web Caching helps to resolve both these issues. In recent years, many proxy caching algorithms and benchmarks to test them have been implemented. In this thesis, some of the existing proxy caching algorithms and related benchmarks have been examined. It has been observed that most of the benchmarks do not provide the developer/entrepreneur a customized environment to debug or deploy a proxy caching algorithm. Hence, this thesis implements a platform independent, easily extensible Test Bed that can be tailored to satisfy the needs of both the developers and the entrepreneurs. The thesis also implements two standard caching algorithms. To illustrate the application of the Test Bed, these algorithms are run on the Test Bed and results obtained are analyzed. Some of the results are then compared to existing behavioral patterns.

During the last few years, Service-Oriented Architecture (SOA) has been considered to be the new phase in the evolution of distributed enterprise applications. Even though there is a common acceptance of this concept, a real problem hinders the widespread use of SOA : A methodology to design and build secure service-oriented applications is needed. In this dissertation, we design a novel process to secure service-oriented applications. Our contribution is original not only because it applies the MDA approach to the design of service-oriented applications but also because it allows their securing by dynamically applying security patterns throughout the whole process. Security patterns capture security knowledge and describe security mechanisms. In our process, we present a structured map of security patterns for SOA and web services and its corresponding catalog. At the different steps of a software lifecycle, the architect or designer needs to make some security decisions.

Web Service Business Process Execution Language (BPEL) has become a standard language in the world of Service Oriented Architecture (SOA) for specifying interactions between internet services. This standard frees developers from low-level concerns involving platform, implementation, and versioning. These freedoms risk development of less robust artifacts that may even become part of a mission-critical system. Model checking a BPEL artifact for correctness with respect to temporal logic properties is computationally complex, since it requires enumerating all communication and synchronization amongst various services with itself. This entails modeling BPEL features such as concurrency, hierarchy, interleaving, and non-deterministic choice. The thesis will provide rules and procedures for translating these features to a veriable model written in Promela. We will use these rules to build a program which automates the translation process, bringing us one step closer to push button verification. Finally, two BPEL artifacts will be translated, manually edited, verified, and analyzed.

Web services intend to provide an application integration technology that can be successfully used over the Internet in a secure, interoperable and trusted manner. Policies are high-level guidelines defining the way an institution conducts its activities. The WS-Policy standard describes how to apply policies of security definition, enforcement of access control, authentication and logging. WS-Trust defines a security token service and a trust engine which are used by web services to authenticate other web services. Using the functions defined in WS-Trust, applications can engage in secure communication after establishing trust. BPEL is a language for web service composition that intends to provide convenient and effective means for application integration over the Internet. We address security considerations in BPEL and how to enforce them, as well as its interactions with other web services standards such as WS-Security and WS-Policy.