6th International Conference on Service Oriented Computing, December 1-5, 2008, University of Technology, Sydney, Ultimo City Campus (Tower Building)

This tutorial addresses the problem of the migration of legacy assets to Service-Oriented Architecture (SOA). It addresses how to develop a realistic strategy for performing such a migration, taking into account both the needs of the organization and the technical content of the organization's existing systems portfolio.

The tutorial outlines an approach for performing an overall analysis and making decisions on the types of legacy assets that are candidates for migration. It highlights the challenges of building an SOA and presents the issues of SOA-based system development from three perspectives: the application developer, the infrastructure developer, and the service provider. The needs and concerns of each of these participants are considered in order to develop successful systems based on SOAs.

Because there is a current trend of organizations that are leveraging the value of their legacy systems by exposing all or parts of it as services within an SOA, the concerns and needs of the service provider will be presented in greater detail. SMART, a method for making decisions on the migration of legacy assets as services within an SOA, that considers all three perspectives, will be presented. A case study using the method will provide a real world context for its applicability. Open issues and current research topics will be outlined.

The tutorial will also identify critical research issues in migrating legacy assets to SOA. A research taxonomy will be presented, and for a selected set of research issues, the current state of the practice, current research being conducted, and open issues will be highlighted.

Dennis Smith is a Senior Member of the Technical Staff and member of the Research, Technology and Systems Solutions (RTSS) Program. He leads the Integration of Software-Intensive Systems (ISIS) Initiative at the Software Engineering Institute (SEI). This initiative focuses on developing and applying methods, tools and other technologies that enhance the effectiveness of complex networked systems and systems of systems.

Previously, he was a member of the Product Line Systems Program and technical lead in the effort for migrating legacy systems to product lines. In this role his team developed. the method Options Analysis for Reengineering, OAR, to support reuse decision-making. He has published a variety of books, articles and technical reports, and has given talks and keynotes at conferences and workshops. Dennis has been general chair of two international conferences, IWPC99 and STEP99. Dennis holds an M.A. and PhD from Princeton University, and a B.A. from Columbia University.

SOA is rapidly emerging as the premier integration and architectural approach in contemporary complex, heterogeneous computing environments. SOA is not simply about deploying software: it also requires that organizations evaluate their business models, come up with service-oriented analysis and design techniques, deployment and support plans, and carefully evaluate partner/customer/supplier relationships. Since SOA is based on open standards and is frequently realized using Web services, developing meaningful Web service and business process specifications is an important requirement for SOA applications that leverage Web services. Designers and developers cannot be expected to oversee a complex service-oriented development project without relying on a sound analysis and design methodology.

This tutorial provides a comprehensive overview of the methods and techniques used in service-oriented analysis and design. In particular, the aim of this tutorial is twofold. Firstly, participants will gain knowledge about service development methodologies from the point of view of both service producers and requesters; secondly, participants will build up knowledge about fundamental design principles and acquire practical skills and some expertise for identifying, modeling and describing services and processes themselves. This tutorial is targeted at researchers and practitioners that are familiar with the basics of Service Oriented Architectures and that are interested in learning about the practical and theoretical challenges in service analysis and design.

Michael P. Papazoglou holds the chair of Computer Science and is director of the INFOLAB at the Univ. of Tilburg in the Netherlands. He is also an honorary professor at the University of Trento in Italy. Prior to this he was full Professor and head of School of Information Systems at the Queensland Univ. of Technology (QUT) in Brisbane Australia (1991-1996). He also held senior academic positions at the Australian National University, University of Koblenz, Germany, Fern Universitaet Hagen, Germany, and was principal research scientist at the National German Research Centre for Computer Science (GMD) in St. Augustin from (1983-1989).

Papazoglou serves on several international committees and on the editorial board of nine international scientific journals and is co-editor in charge of the MIT book series on Information Systems. He has chaired numerous well-known international scientific conferences in Computer Science. These include the Int.l Conf. on Data Engineering (ICDE), Int.l Conf. on Distributed Computing Systems (ICDCS), Int.l Conf. on Digital Libraries (ICDL), Int.l Conf. on Cooperative Information Systems (CoopIS), Int.l Conf. on Entity/Relationship Modelling and others. He is the founder of the Int.l Conf. on Cooperative Information Systems (CoopIS) and more recently of the Int.l Conf. on Service Oriented Computing (ICSOC).

Papazoglou has authored/edited fifteen books and approximately hundred and fifty scientific journal articles and refereed conference papers. His most two recent books are "e-Business: Organizational and Technical Foundations" published by J. Wiley 2006, and "Principles and Foundations of Web Services: An Holistic View" to be published by Addison-Wesley in mid 2006.

His research was/is funded by the European Commission, the Australian Research Council, the Japanese Society for the Promotion of Science, and Departments of Science and Technology in Europe and Australia. He is a golden core member and a distinguished visitor of the Institute of Electrical & Electronics Engineers (IEEE) Computer Science section.

Web services have become an increasingly important element of applications, especially in enterprises. This means that management of Web services (MOWS) to achieve service level objective, security, continuous availability, etc is becoming a critical requirement. This mirrors the emergence of technology specific management tools for databases, application servers and Web servers. This talk provides an overview of the requirements for managing Web services, emphasizing what is unique compared to other infrastructure. An overview of the architecture and design for MOWS solutions is the second topic. Finally, there is a brief survey of various standards and products supporting MOWS.

A second trend, which is less well known, is management using Web services (MUWS). Systems and application management technology has characteristics and underlying technology that is analogous to Web services/SOA technology. Examples include events/publish/subscribe, message/request routing and transformation, and orchestration. The presentation explains the motivation for MUWS, followed by an overview of standards, technology and various products.

Dr. Donald F. Ferguson is a Distinguished Engineer and Chief Architect for CA's Enterprise IT Management (EITM) product family. Prior to joining CA, Don was a Microsoft Technical Fellow working in the Office of the CTO. He worked on various projects exploring the future of enterprise software, with a special emphasis on Web services and Internet application platforms. Don spent twenty years with IBM, becoming an IBM Fellow in 2001. Don was the chief architect for the WebSphere product family from its inception until becoming the chief architect for IBM Software Group. As chief architect, Don focused on design issues and initiatives spanning the DB2, WebSphere, Tivoli, Lotus and Rational product families. This included working on many SOA and Web service initiatives, specifications and standards. Don's hobbies include Kenpo Karate and Krav Maga.

Security and privacy issues have been significant over the years, perhaps even more in the recent years, with the dramatic developments in technologies and their application in organizations, affecting every part of our society. These trends are set to continue in the future even more with the ubiquitous access and delivery of information and services to users and enterprises by distributed applications and mobile software agents over wired and wireless networks using a range of mobile devices. In this session, Vijay will outline the breadth and depth of issues involved when it comes to security research; reflect on some of the challenges involved in the design and deployment of secure systems in a pervasive mobile distributed environment. He will discuss some of the research projects that he has been involved with in these areas and his experience in researching in security both in academia and in industrial research labs over a number of years. In this context, he intends to highlight some of the challenges involved in transforming research ideas and prototypes to commercial systems.

Vijay Varadharajan is currently Professor and Microsoft Chair in Innovation in Computing at Macquarie University (2001-todate). He is also the Director of Information and Networked System Security (INSS) Research. Before this he was Chairman of School of Computing and IT at the University of Western Sydney (1996- 2000). Previously, Vijay has headed Security Research at HP Labs Bristol, UK (1988- 1995). During his tenure at HP Labs., under his leadership, some 6 different security technologies were transferred into successful HP products in Divisions. He also headed the Technical Security Strategy Initiative at HP under the Senior Vice President. Before this, he was a Research Manager at British Telecom Research Labs. U.K (1987-88). From 1985 till 1987, he was Research Fellow and Lecturer in Computer Science at Plymouth and Reading Universities. He did his Ph.D in Computer and Communication Security in the U.K (1981-1984) from Plymouth and Exeter Universities in U.K., which was sponsored by BT Research Labs. He did his Electronic Engineering Hons degree from Sussex University, UK (1978-1981).

Vijay has had several invited and visiting positions at different institutions over the years including Senior Research Scientist at Microsoft Research Cambridge UK (1999-2000, 2003, 2004, 2005), Senior Research Scientist at Fujitsu Research Labs, Japan (2001), a Senior Research Scientist at the Institute of Mathematical Sciences at National University of Singapore (2001), Invited Professor at French National Research Labs (INRIA) (2002), Invited Professor at the Indian Inst. of Technology (2003), Fellow at British Telecom Research Labs., UK (2005), Visiting Professor at the Chinese Academy of Sciences (2006-2008) and Visiting Scientist at e-Science Institute, Edinburgh, UK (2009). Vijay was on the Board of International Advisors of TCPA, USA, originally formed by HP, Microsoft, Intel, Sun and Compaq. Now TCPA is known as TCG and TCPA security specification is currently being in products endorsed by numerous companies (over 200). In 2002, Vijay was appointed to the Trustworthy Computing Academic Advisory Board (Microsoft, USA). He continues to be on this board since that time. He is a member of the Australian Government's Peak Security Advisory Body, ITSEAG, for the Ministry of Broadband, Communications and Digital Economy, Australia. Previously he has acted as an Expert in Security for the European Union and for the UK Dept. of Trade and Industry. He has also acted as consultant and architect for several projects in computing, financial and telecom organizations in the UK, US and in Australia. He has been the Technical Board Director of Computer Science at Australian Computer Society (1999-2006), and a member of the Board of Studies NSW Australian Government since 2005.

Vijay has published more than 280 papers in International Journals and Conferences, has co-authored and edited 8 books on Information Technology, Security, Networks and Distributed Systems and holds 2 patents. His research work over the years has contributed to the development of several successful secure commercial systems (e.g. in HP, BT) in the areas of Secure Distributed Applications, Secure Network Systems, Security Tools, Secure Mobile Systems as well as Cryptographic and Smart Card based Systems and secure financial, telecom and medical solutions (e.g. Italian Telecom, CitiBank and London Hospital). These have generated several hundreds of millions of dollars of revenue for the companies involved. His current areas of research interest include Web Services Security, Secure Distributed Applications, Trusted Computing, Security Policies and Management in Distributed Systems, Internet Security, Secure Mobile Agents, Security in Mobile Networks, Wireless Security, Secure E-Commerce, Security Policies, Models and Architectures and Protocols. He has supervised successfully 16 PhD and 8 Masters Research students in UK and Australia. Currently he is supervising 6 research students. He is an Editorial Board member of several journals including the prestigious ACM Transactions on Information System Security (USA), Journal of Information Security, Springer (Germany), Computer and Communication Security Reviews (UK) as well as the IEEE Transactions on Dependable and Secure Computing (TDSC) and IEEE Security and Privacy (from 2009). He is a Fellow of the British Computer Society (FBCS), a Fellow of the IEE, UK (FIEE), a Fellow of the Institute of Mathematics and Applications, UK (FIMA), a Fellow of the Australian Institute of Engineers (FIEAust) and a Fellow of the Australian Computer Society (FACS).

This tutorial will provide an introduction to RESTful Web Service techniques, both from theoretical and practical perspectives. Specifically the tutorial is broken down as follows:

1. Introduction: Setting the scene for Web-based services and de-scoping some of the hype around them.
2. Introducing a simple problem domain, being a computerized Starbucks coffee shop.
3. Lo-fi Web integration with URI tunnelling and POX messaging.
4. Using the Web for remote CRUD operations.
5. Hypermedia and RESTful services.
6. Security using OpenID and SAML
7. Atom and AtomPub for eventing.
8. Scalability issues and caching.
9. Wrap up.

Each topic will cover a theory-based breakdown of the technique and highlight possible implementation strategies in common enterprise languages and platforms (e.g. Java, .Net, Ruby).

Halvard Skogsrud is a Senior Consultant with ThoughtWorks where he delivers large scale distributed software systems for large multi-national clients. He is also a Visiting Fellow at the University of New South Wales (UNSW), Sydney where he regularly gives guest lectures on topics such as Web application and Web service security, as well as Web application development. Halvard holds a B.Eng. in Computer Engineering and a Ph.D. in Web Service Security from UNSW. Contact him on halvard@skogsrud.com.

Dr. Jim Webber is director of professional services for ThoughtWorks where he works on dependable distributed systems architecture for clients worldwide. Jim was formerly a senior researcher with the UK E-Science programme where he developed strategies for aligning Grid computing with Web Services practices and architectural patterns for dependable Service-Oriented computing and has extensive Web and Web Services architecture and development experience. As an architect with Hewlett-Packard, and later Arjuna Technologies, Jim was the lead developer on the industry's first Web Services Transaction solution. Jim is an active speaker and is invited to speak regularly at conferences across the globe. He is an active author and in addition to "Developing Enterprise Web Services - An Architect's Guide" he is working on a new book on Web-based integration. Jim holds a B.Sc. in Computing Science and Ph.D. in Parallel Computing both from the University of Newcastle upon Tyne. His blog is located at http://jim.webber.name.

Viewing an application as a coordinated execution of one or more services has become an important undertaking recently. A variety of approaches have been introduced which enable distributed services to be combined across different administrative domains. Each service in this context may be independently managed, and may be made available at different time instances. Workflow is a concept commonly used to coordinate the execution of such services -- and adapted from its use in automating business and information processes within an organisation. The notion of workflow has existed for many years, and workflow enactment generally refers to the automated execution of some activities in a pre-defined order.

The need to separate the ``what'' -- which specifies the ``knowledge to be used in solving problems'', from the ``how'' -- the ``problem solving strategies (process) by which that knowledge is used'', is an important step to enable the re-use of services within a workflow. This division between the control and logic is useful to enable components developed by a variety of vendors to interoperate more efficiently. Treating workflow as the ``how'' gives us a good handle on why the problem solving strategies may be usefully shared between different scientific communities. Additionally, workflow allows application developers to use problem solving features that would otherwise be too expensive to handcraft. For instance, the ability to directly manage the execution ordering of a set of services at runtime allows one to support advanced features like computational steering.

Recent advances in Grid computing, for instance, often aim to provide suitable infrastructure to enable such services to be deployed and used by a variety of workflow enactment engines.

The aim of this short course is to introduce the general notion of distributed workflows, and then demonstrate techniques that may be used to support such workflows. A tool that may be used to enact distributed workflows will also be introduced. A significant portion of this course will assume that a user has access to a graphical interface to compose the workflow. Techniques which are not based on such an interface, but rely on the use of planning techniques, will also be briefly introduced.

Professor Omer Rana is a member of the Distributed Collaborative Computing Group in the School of Computer Science. He has been actively involved in using and extending the Triana workflow system (www.trianacode.org) along with Ian Taylor, through grants funded by PPARC/STFC, BBSRC, DTI (in the UK), and the European. Commission. He has worked as a software developer with Marshall BioTechnology Limited (London) and as an adviser to the US-based "Grid Technology Partners". He has been deputy director of the Welsh eScience Centre. Professor Rana has participated as a theme leader within a number of European and UK-funded networks, such as EPSRC "AgentcitiesUK.net", EU FP5 and FP6 "AgentLink" II and III, and European "JavaGrande" under the EuroTools Consortium. He co-led the "Jini" working group at the Open Grid Forum, and has contributed to the Service Level Agreements efforts (and integration of these with workflow techniques) within the GRAAP working group.