Orchestrating composite Web services under data flow constraints

A composite service is typically specified using a language such as BPEL4WS and orchestrated by a single coordinator node in a centralized manner. The coordinator receives the client request, makes the required data transformations and invokes the component Web services as per the specification. However, in certain scenarios businesses might want to impose restrictions on access to the data they provide or the source from which they can accept data. Centralized orchestration can lead to violation of these data flow constraints as the central coordinator has access to the input and output data of all the component Web services. In many cases existing methods of data encryption and authentication are not sufficient to handle such constraints. These data flow constraints, thus, present obstacles for composite Web service orchestration. In this paper we propose a solution for orchestrating composite Web services under data flow constraints. The solution is based on decentralized orchestration, in which a composite Web service is broken into a set of partitions, one partition per component Web service. To overcome data flow constraints, each partition is executed within the same domain as the corresponding component Web service and hence, has the same access rights. However, there are, in general, many ways to decentralize a composite Web service. We apply a rule based filtering mechanism to choose a set of partitions that does not violate the specified dataflow constraints.