Docstoc

A validation framework for web services

Document Sample
A validation framework for web services Powered By Docstoc
					  A model-based validation
framework for web services
      V. Pretre, F. Bouquet, C. Lang
Laboratoire d’informatique de l’université de
               Franche-Comté
             Besançon, France




       STV’07 - Paris, december 5, 2007
                                                1
                            Table of contents

Web services quality
   WS overview / Relations between WS / Quality of WS
A theoritical solution
   Modeling / Testing / Certifying quality
The validation framework
   Relations discovery / Pool generation / Tests execution …
Conclusion & future work



                                                               2
                        Table of contents

Web services quality
  A web services overview
  Relations between web services
  Quality of web services
A theoritical solution
The validation framework
Conclusion & future work



                                            3
                       Web services quality
                         An overview of web services
                                              declaration

Principles:
   client-server application
                                Web service                     UDDI
   XML messages
In practice:
   SOAP encapsulation                          Internet
   http[s]
Linked technologies:              XML messages         search
   WSDL
   UDDI
   …
                                              customer

                                                                       4
                          Web services quality
                         Relations between operations
                                        Compositions
                       customer

                                   A web service operation acts
                                   as a client of another one

                                   Several kind of compositions:
travel agency
                                      local/distributed
                                      synchronous/asynchronous
                                      static/dynamic


 airline        bank      hotel
company

                                                             5
                        Web services quality
                               Relations between operations

Temporal dependencies                            database

                                    insertion               reading
An operation can be called
only if another one has been
called previously
Due to shared datas:
   server side (database …)
   client side
Two types:
                                   results                    reuse
   each time
   at least once
                                                Customer



                                                                      6
                    Web services quality
                             Quality of web services
Many definitions:
  quality of service (accessibility, response time …)
  confidentiality of datas
  quality of results


Sources of the problem:
  quality of development
  hosting
  network
  relations between operations


                                                        7
                         Table of contents

Web services quality
A theoritical solution
   Modeling web services behaviour
   Test generation and execution
   Certification of quality
The validation framework
Conclusion & future work



                                             8
                        A theoritical solution
           Modeling WS - data used & interface

Done in the class diagram

Two types of classes:
   datas used by web services
   web services interface
                                         operations

Methods used in tests have
to be accessible for tester




                                                      9
                                      A theoritical solution
                  Modeling WS - behaviour of operations
Pre-condition:

 self.mission.status = waitingValidation             Written in OCL
 and
 self.mission.employee != self.user
                                                     Defensive modeling:
                                                        no pre-conditions
Post-condition:
if answer then                                then      errors raised in post-
 if self.mission.status = validated        then         conditions
else
    self.mission.status = refused                       allows security testing
endif                                                All behaviours must be
                                                     modeled
        result = ok
     else result = autoValidation
     endif
  else result = unvalidableMission
endif


                                                                                  10
                      A theoritical solution
               Modeling WS - temporal evolution

                                                   wsDeployed


State-chart diagram         granted


                                                   userLoggedIn
Visual representation of
temporal evolution

Complets OCL                      validateOk                        errorType7

                                      errorType1                  errorType6

                                        errorType2            errorType5

                                          errorType3       errorType4



                                                                                 11
                       A theoritical solution
                              Modeling WS - initial state
                                        Group::blue               ValidationRight::blue



Instance diagram
                                   Employee::blueMember1        Employee::blueLeader
At least one instance for each            level=4                     level=3
class
Data chosen to:
                                                                Mission::mission1
   help test generation                                     status = waitingValidation
   cover all possible cases
                                                                    Mission::mission2
   be representative                                                 status = empty
Real data needed
                                                                    Mission::mission3
                                   Employee::fakeEmployee            status = empty
                                          level=0



                                                                                   12
                    A theoritical solution
                  Test generation and execution
Tests generated from the model
Tests executed in normal conditions of use

Who executes tests ?
  customers: many test execution, quality ensured
  vendor: only one test execution, customers may not trust in
  test results
  third party: tests results easily shared with customers, but
  their trust must be obtained



                                                                 13
                           A theoritical solution
                                        Certification of quality
Two solutions known:
   only web services that have passed tests are published
The audition framework for testing web services interoperability (Bertolino, Polini
  )
   a mark is given according to tests results
Quality attribute for a component quality model (Alvaro, Santana de Almeida,
  Romero)


We chose the second solution:
   one mark by operation
   represents the percentage of passed tests


                                                                               14
                        Table of contents
Web services quality
A theoritical solution
The validation framework
  Overview
  Discovering dependencies from model
  Computing pools of dependencies
  Tests execution
  Certification to customers
Conclusion & future work


                                            15
                         The validation framework
                                                                           Overview

               5 - creation of test agents                 4 - test generation
                                               Agent
                                               creator



                                    7 - mark computation                    3 - treatments of model


                 6 - execution


                                                             8 - WS search
                       2 - declaration


1 - modeling
                                                     9 - results & marks
                                                                                        16
                          The validation framework
                                               Discovering dependencies
                     register()                        Needed for pools computing
serviceStarted                        userRegistered


     login()                        login()
                     userLoggedIn
                                                       Composition:
                                                          found in OCL code
            save()        open()      create()
                                                          only synchronous
                      opened

                                                       Temporal dependencies:
                                                          can not be automatically
   Client                                     Self
                                                          discovered
       1: register
                                                          no common patterns in the
                                                          state-chart
       2: login
                                                          creation of sequence
                                                          diagram to describe them


                                                                                  17
            The validation framework
                                   Pools of dependencies
One pool by operation               open   tag        categorize   publish
   all operations on which it
   depends
Used to:                            save              prePublish
   compute marks
   planify test execution
Produced in three steps                    create
   creation of the dependency
   graph
                                            login
   computation of transitive
   enclosure
   each neighbour of an
   operation belongs to its pool           register                ping



                                                                       18
                      The validation framework
                                                  Tests execution
open       tag        categorize   publish
       5
                                             Tests splitted into waves:
                                             1. operations without
save        4         prePublish
                                                  dependencies
                                             2.   operations depending on
                                                  previously tested operations
3          create
                                             3.   ….
                                             Possible because
2           login                            dependency graph is a DAG
                                             Executed by agents
                                             dispatched on the Internet
1          register                ping



                                                                           19
           The validation framework
                                         Mark computing
                               90   50   90         80    95   80      100       80


A temporary mark obtained       open          tag        categorize    publish
from tests
Final mark based on pools of
                                save                     prePublish
dependencies (lowest mark                50     50

of the pool)                                                    80    80

   shows problems not raised                  create     100   95
   by tests
   quick update of mark with
   new versions                                login     100   95




                                              register   95    95       ping

                                                                      100     100
                                                                            20
                     Table of contents

Web services quality
A theoritical solution
The validation framework
Conclusion & future work
  Conclusion
  Known issues




                                         21
                                              Conclusion
The theoritical approach:
  based on an UML modeling solution (wide spread language)
  unique model for behaviour, compositions & temporal
  dependencies
The framework :
  Concrete application of the theoritical approach
  easy to use for vendors and customers:
    • based on a norm (UDDI)
    • marks easy to understand
    • no modification for the web services or deploiment framework
  any kind of web service can be found on the UDDI server


                                                                     22
      Known issues & future work
The framework is not completly implemented:
   missing links between UDDI server and test generator
   tool for model merging in case of distributed composition


The mark may not be fully representative
   3 tests and one fail => 66%
   100 tests and 34 fails => 66%


All web services can not be tested and certified


                                                               23

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:7
posted:6/25/2011
language:Danish
pages:23