This Article 
 Bibliographic References 
 Add to: 
Trustworthy Coordination of Web Services Atomic Transactions
Aug. 2012 (vol. 23 no. 8)
pp. 1551-1565
Honglei Zhang, Cleveland State University, Cleveland
Hua Chai, Cleveland State University, Cleveland
Wenbing Zhao, Cleveland State University, Cleveland
P. Michael Melliar-Smith, University of California, Santa Barbara, Santa Barbara
Louise E. Moser, University of California, Santa Barbara, Santa Barbara
The Web Services Atomic Transactions (WS-AT) specification makes it possible for businesses to engage in standard distributed transaction processing over the Internet using Web Services technology. For such business applications, trustworthy coordination of WS-AT is crucial. In this paper, we explain how to render WS-AT coordination trustworthy by applying Byzantine Fault Tolerance (BFT) techniques. More specifically, we show how to protect the core services described in the WS-AT specification, namely, the Activation service, the Registration service, the Completion service and the Coordinator service, against Byzantine faults. The main contribution of this work is that it exploits the semantics of the WS-AT services to minimize the use of Byzantine Agreement (BA), instead of applying BFT techniques naively, which would be prohibitively expensive. We have incorporated our BFT protocols and mechanisms into an open-source framework that implements the WS-AT specification. The resulting BFT framework for WS-AT is useful for business applications that are based on WS-AT and that require a high degree of dependability, security, and trust.

[1] M. Abd-El-Malek, G.R. Ganger, G.R. Goodson, M.K. Reiter, and J.J. Wylie, "Fault-Scalable Byzantine Fault-Tolerant Services," Proc. 20th ACM Symp. Operating Systems Principles, pp. 59-74, Oct. 2005.
[2] Y. Amir, B.A. Coan, J. Kirsch, and J. Lane, "Byzantine Replication under Attack," Proc. IEEE Int'l Conf. Dependable Systems and Networks, pp. 105-114, June 2008.
[3] Apache Axis Project, http://ws.apache.orgaxis/, 2012.
[4] Apache Kandula Project, http://ws.apache.orgkandula/, 2011.
[5] Apache WSS4J Project, http://ws.apache.orgwss4j/, 2012.
[6] T. Bray, J. Paoli, C.M. Sperberg-McQueen, E. Maler, F. Yergeau, and J. Cowan World Wide Web Consortium, "Extensible Markup Language (XML) 1.1," second ed., Aug. 2006.
[7] J. Cowling, D. Myers, B. Liskov, R. Rodrigues, and L. Shri, "HQ Replication: A Hybrid Quorum Protocol for Byzantine Fault Tolerance," Proc. Seventh Symp. Operating Systems Design and Implementations, pp. 177-190, Nov. 2006.
[8] M. Castro and B. Liskov, "Practical Byzantine Fault Tolerance," Proc. Third Symp. Operating Systems and Implementation, pp. 173-186, Feb. 1999.
[9] M. Castro and B. Liskov, "Practical Byzantine Fault Tolerance and Proactive Recovery," ACM Trans. Computer Systems, vol. 20, no. 4, pp. 398-461, Nov. 2002.
[10] A. Clement, M. Kapritsos, S. Lee, Y. Wang, L. Alvisi, M. Dahlin, and T. Riche, "UpRight Cluster Services," Proc. 22nd ACM Symp. Operating Systems Principles, pp. 277-290, Oct. 2009.
[11] E. Christensen, F. Curbera, G. Meredith, and S. Weerawarana World Wide Web Consortium, "Web Services Description Language (WSDL) 1.1," Mar. 2001.
[12] M. Correia, N.F. Neves, L.C. Lung, and P. Veríssimo, "Worm-IT—A Wormhole-Based Intrusion-Tolerant Group Communication System," J. Systems and Software, vol. 80, no. 2, pp. 178-197, Feb. 2007.
[13] J. Gray and A. Reuter, Transaction Processing: Concepts and Techniques. Morgan Kaufmann Publishers, 1983.
[14] M. Gudgin et al., World Wide Web Consortium, "Simple Object Access Protocol (SOAP)," Version 1.2, Apr. 2007.
[15] K.P. Kihlstrom, L.E. Moser, and P.M. Melliar-Smith, "The SecureRing Group Communication System," ACM Trans. Information and System Security, vol. 4, no. 4, pp. 371-406, Nov. 2001.
[16] R. Kotla, L. Alvisi, M. Dahlin, A. Clement, and E. Wong, "Zyzzyva: Speculative Byzantine Fault Tolerance," Proc. 21st ACM Symp. Operating Systems Principles, pp. 45-58, Oct. 2007.
[17] L. Lamport, R. Shostak, and M. Pease, "The Byzantine Generals Problem," ACM Trans. Programming Languages and Systems, vol. 4, no. 3, pp. 382-401, July 1982.
[18] M. Little and A. Wilkinson, "Web Services Atomic Transactions," Version 1.1, OASIS Standard, Apr. 2007.
[19] D. Malkhi and M. Reiter, "Byzantine Quorum Systems," Proc. 29th Ann. ACM Symp. Theory of Computing, pp. 569-578, Oct. 1997.
[20] J.P. Martin, L. Alvisi, and M. Dahlin, "Small Byzantine Quorum Systems," Proc. Int'l Conf. Dependable Systems and Networks, pp. 374-383, June 2002.
[21] M. Merideth, A. Iyengar, T. Mikalsen, S. Tai, I. Rouvellou, and P. Narasimhan, "Thema: Byzantine-Fault-Tolerant Middleware for Web Services Applications," Proc. IEEE 24th Symp. Reliable Distributed Systems, pp. 131-142, Oct. 2005.
[22] C. Mohan, R. Strong, and S. Finkelstein, "Method for Distributed Transaction Commit and Recovery Using Byzantine Agreement within Clusters of Processors," Proc. ACM Symp. Principles of Distributed Computing, pp. 89-103, Aug. 1983.
[23] L.E. Moser and P.M. Melliar-Smith, "Byzantine-Resistant Total Ordering Algorithms," J. Information and Computation, vol. 150, pp. 75-111, 1999.
[24] L.E. Moser, P.M. Melliar-Smith, and N. Narasimhan, "The SecureGroup Group Communication System," Proc. DARPA Information Survivability Conf. and Exposition, pp. 256-279, Jan. 2000.
[25] S. Northcutt and J. Novak, Network Intrusion Detection, third ed. New Riders Publishing, 2002.
[26] S.L. Pallemulle, H.D. Thorvaldsson, and K.J. Goldman, "Byzantine Fault-Tolerant Web Services for N-Tier and Service Oriented Architectures," Proc. 28th Int'l Conf. Distributed Computing Systems, pp. 260-268, June 2008.
[27] N. Preguica, R. Rodrigues, C. Honorato, and J. Lourenco, "Byzantium: Byzantine-Fault-Tolerant Database Replication Providing Snapshot Isolation," Proc. Fourth Workshop Hot Topics in System Dependability, vol. 9, Dec. 2008.
[28] M. Reiter, "The Rampart Toolkit for Building High-Integrity Services," Theory and Practice in Distributed Systems, pp. 98-110, 1995.
[29] K. Rothermel and S. Pappe, "Open Commit Protocols Tolerating Commission Failures," ACM Trans. Database Systems, vol. 18, no. 2, pp. 289-332, June 1993.
[30] M. Steiner, G. Tsudik, and M. Waidner, "Diffie-Hellman Key Distribution Extended to Group Communication," Proc. Third ACM Conf. Computer and Comm. Security, pp. 31-37, Mar. 1996.
[31] M. Steiner, G. Tsudik, and M. Waidner, "CLIQUES: A New Approach to Group Key Agreement," Proc. 18th Int'l Conf. Distributed Computing Systems, pp. 380-387, May 1998.
[32] B. Vandiver, H. Balakrishnan, B. Liskov, and S. Madden, "Tolerating Byzantine Faults in Transaction Processing Systems Using Commit Barrier Scheduling," Proc. 21st ACM Symp. Operating Systems Principles, pp. 59-72, Oct. 2007.
[33] G.S. Veronese, M. Correia, A.B. Bessani, and L.C. Lung, "Spin One's Wheels: Byzantine Fault Tolerance with a Spinning Primary," Proc. IEEE 28th Int'l Symp. Reliable Distributed Systems, pp. 135-144, Sept. 2009.
[34] The Open Group, "Distributed Transaction Processing: The XA Specification," Feb. 1992.
[35] A. Young and M. Yung, Malicious Cryptography: Exposing Cryptovirology. John Wiley & Sons, 2004.
[36] W. Zhao, "Byzantine Fault Tolerant Coordination for Web Services Atomic Transactions," Proc. Fifth Int'l Conf. Service-Oriented Computing, pp. 307-318, Sept. 2007.
[37] W. Zhao, "A Byzantine Fault Tolerant Distributed Commit Protocol," Proc. IEEE Third Int'l Symp. Dependable, Autonomic and Secure Computing, pp. 37-44, Sept. 2007.

Index Terms:
Atomic transactions, distributed transactions, service-oriented computing, Web Services, dependability, security, trust, encryption, authentication, Byzantine fault tolerance.
Honglei Zhang, Hua Chai, Wenbing Zhao, P. Michael Melliar-Smith, Louise E. Moser, "Trustworthy Coordination of Web Services Atomic Transactions," IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 8, pp. 1551-1565, Aug. 2012, doi:10.1109/TPDS.2011.292
Usage of this product signifies your acceptance of the Terms of Use.