Security Engineering of SOA Applications Via Reliability Patterns

Providing reliable compositions of Web Services is a challenging issue since the workflow architect often has only a limited control over the reliability of the composed services. The architect can instead achieve reliability by properly planning the workflow architecture. To this end he must be able to evaluate and compare the reliability of multiple architectural solutions. In this paper we present a useful tool which allows to conduct reliability analysis on planned workflows, as well as to compare the reliability of alternative solutions in a what-if analysis. The tool is implemented as a plug-in for the widely adopted Active BPEL Designer and exploits the concept of reliability pattern to evaluate the reliability formula of the workflow. The effectiveness of the approach and the operation of the tool are demonstrated with respect to a case study of a business security infrastructure realized by orchestrating simple security services.