Security Policy Monitoring Of Composite Services

One important challenge the Aniketos platform has to address is the effective monitoring of services at runtime to ensure that services behave as promised. A service developer plays the role that is responsible for constructing service compositions and the service provider is responsible for offering them to consumers of the Aniketos platform. Typically, service consumers will have different needs and requirements; they have varying business goals and different expectations from a service, for example in terms of functionality, quality of service and security needs. Given this, it is important to ensure that a service should deliver for which it has been selected and should match the consumer's expectations. If it fails, the system should take appropriate subsequent reactions, e.g., notifications to the service consumer or service designer.In this chapter, we present the policy-driven monitoring framework which is developed as part of the Aniketos project. The monitoring framework allows different user-specified policies to be monitored simultaneously. The monitoring is performed at the business level, as well as at the implementation level, which allows for checking the policies of composite services as well as atomic ones. The framework sends an alarm in case of policy violation to notify the interested parties and triggers re-composition or re-configuration of the service.