Learn More
This paper introduces a framework for modeling and specifying the global behavior of e-service compositions. Under this framework, peers (individual e-services) communicate through asynchronous messages and each peer maintains a queue for incoming messages. A global "watcher" keeps track of messages as they occur. We propose and study a central notion of a(More)
Recently SQL Injection Attack (SIA) has become a major threat to Web applications. Via carefully crafted user input, attackers can expose or manipulate the back-end database of a Web application. This paper proposes the construction and outlines the design of a static analysis framework (called SAFELI) for identifying SIA vulnerabilities at compile time.(More)
Specification, modeling and analysis of interactions among peers that communicate via messages are becoming increasingly important due to the emergence of service oriented computing. Collaboration diagrams provide a convenient visual model for specifying such interactions. An interaction among a set of peers can be characterized as a conversation, the(More)
A fundamental promise of service oriented architecture (SOA) lies in the ease of integrating sharable information, processes, and other resources through interactions among the shared components that are modeled as web services. It is expected that not only the participating services are complex and have observable states, but the number of interacting(More)
We present a design for verification approach to developing reliable web services. We focus on composite web services which consist of asynchronously communicating peers. Our goal is to automatically verify properties of interactions among such peers. We propose a design pattern that eases the development of such web services and enables a modular,(More)
There are two main challenges in the verification of composite web services: 1) Asynchronous messaging makes most interesting problems undecid-able, and 2) rich data representation (XML) and data manipulation (e.g. XPath query) forbids direct application of model checking tools. In this paper, we present a top-down specification and verification approach to(More)