Modern service-based systems are characterized by applications composed of heterogeneous services provided by multiple, untrusted providers, and deployed along the (multi-) cloud-edge continuum. This scenario of increasing pervasiveness, complexity, and multi-party service recruitment urgently calls for solutions to increase applications privacy and security, on the one hand, and guarantee that applications behave as expected and support a given set of non-functional requirements, on the other hand. Certification schemes became the widespread means to answer this call, but they still build on old-fashioned assumptions that hardly hold in today’s services world. They assume that all actors involved in a certification process are trusted "by definition", meaning that certificates are supposed to be correct and be safely usable for decision-making, such as certification-based service selection and composition. In this paper, we depart from such unrealistic assumptions and define the first certification scheme that is completely transparent to the involved actors and significantly more resistant to misbehavior (e.g., collusion). We design a blockchain-based architecture to support our scheme, re-defining the actors and their roles. The quality and performance of our scheme are evaluated in a case study scenario.
A Transparent Certification Scheme Based on Blockchain for Service-Based Systems / N. Bena, M. Pedrinazzi, M. Anisetti, O. Hasan, L. Brunie (PROCEEDINGS IEEE INTERNATIONAL CONFERENCE ON WEB SERVICES). - In: 2024 IEEE International Conference on Web Services (ICWS)[s.l] : IEEE, 2024 Oct 15. - ISBN 979-8-3503-6855-0. - pp. 501-511 (( convegno International Conferences on Web Services tenutosi a Shenzhen nel 2024 [10.1109/icws62655.2024.00071].
A Transparent Certification Scheme Based on Blockchain for Service-Based Systems
N. Bena;M. Anisetti;
2024
Abstract
Modern service-based systems are characterized by applications composed of heterogeneous services provided by multiple, untrusted providers, and deployed along the (multi-) cloud-edge continuum. This scenario of increasing pervasiveness, complexity, and multi-party service recruitment urgently calls for solutions to increase applications privacy and security, on the one hand, and guarantee that applications behave as expected and support a given set of non-functional requirements, on the other hand. Certification schemes became the widespread means to answer this call, but they still build on old-fashioned assumptions that hardly hold in today’s services world. They assume that all actors involved in a certification process are trusted "by definition", meaning that certificates are supposed to be correct and be safely usable for decision-making, such as certification-based service selection and composition. In this paper, we depart from such unrealistic assumptions and define the first certification scheme that is completely transparent to the involved actors and significantly more resistant to misbehavior (e.g., collusion). We design a blockchain-based architecture to support our scheme, re-defining the actors and their roles. The quality and performance of our scheme are evaluated in a case study scenario.
| File | Dimensione | Formato | |
|---|---|---|---|
|
BPAHB.ICWS2024.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
408.55 kB
Formato
Adobe PDF
|
408.55 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
|
BPAHB.ICWS2024.pdf
accesso aperto
Tipologia:
Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione
340.46 kB
Formato
Adobe PDF
|
340.46 kB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
