Section: Research Program
We are considering processes as pieces of software whose execution traverse the boundaries of organisations. This is especially true with service oriented computing where processes compose services produced by many organisations. We tackle this problem from very different perspectives, trying to find the best compromise between the need for privacy of internal processes from organisations and the necessity to publicize large part of them, proposing to distribute the execution and the orchestration of processes among the organisations themselves, and attempting to ensure non-functional properties in this distributed setting .
Non-functional aspects of service composition relate to all the properties and service agreements that one wants to ensure and that are orthogonal to the actual business but that are important when a service is selected and integrated in a composition. This includes transactional context, security, privacy, and quality of service in general. Defining and orchestrating services on a large scale while providing the stakeholders with some strong guarantees on their execution is a first class problem for us. For a long time, we have proposed models and solutions to ensure that some properties (e.g. transactional properties) were guaranteed on process execution, either through design or through the definition of some protocols. Our work has also been extended to the problems of security, privacy and service level agreement among partners.
We extended some of our previous work around authorization policies for Enterprise Social Networks, and we propose two directions: a first one is dedicated to formal verification using PlusCal-2, while the other one is a formal approach for the Verification of AWS IAM Access Control Policies..
Recently, we started a work on service composition for software architects where services are coming from different providers with different plans (capacity, degree of resilience,...). The objective is to help the architects to select the most accurate services (wrt. to thier requirements, both functional and non functional) and plans for building their software. We also compute the properties that can be guarantee for the composition of these services.