QoS for Web Service

The concept of QoS (Quality of Service) can be applied for any application such as tourism, retail, estate agency, etc. Regarding QoS in web service, Menasce (2002) had addressed the QoS issues for web service [32]. According to his research, QoS is a combination of several qualities or properties of a service, such as availability, security, response time, etc. The QoS measure is observed by web services users. These users are not human beings but programs that send requests for services to web service providers. QoS issues in Web services have to be evaluated from the perspective of the providers of web services and from the perspective of the users of these services.

The main definition about QoS for web service follows the announcement by W3C Working Group Note 25 November 2003 [40] and have had been applied by many researches in recent years [15][32][33][46]. For providing such a better QoS under dynamic and unpredictable characteristics of the web services, it is first necessary to identify all the possible QoS requirements for web services. For this purpose, there were 13 QoS attributes proposed by W3C [40]:

1. Performance: The performance of a web service represents how fast a service request can be completed. It can be measured in terms of throughput, response time, latency, execution time, and transaction time, and so on [36][37]. Throughput is the number of web service requests served in a given time interval. Response time is the time required to complete a web service request. Latency is the round-trip delay (RTD) between sending a request and receiving the response. Execution time is the time taken by a web service to process its sequence of activities. Finally, transaction time represents the time that passes while the web service is completing one complete transaction. This transaction time may

depend on the definition of web service transaction.

In general, high quality web services should provide higher throughput, faster response time, lower latency, lower execution time, and faster transaction time.

2. Reliability: Web services should be provided with high reliability. Reliability here represents the ability of a web service to perform its required functions under stated conditions for a specified time interval [23]. The reliability is the overall measure of a web service to maintain its service quality. The overall measure of a web service is related to the number of failures per day, week, month, or year. Reliability is also related to the assured and ordered delivery for messages being transmitted and received by service requestors and service providers [36].

3. Scalability: Web services should be provided with high scalability. Scalability represents the capability of increasing the computing capacity of service provider's computer system and system's ability to process more users' requests, operations or transactions in a given time interval [37]. It is also related to performance. Web services should be scalable in terms of the number operations or transactions supported.

4. Capacity: Web services should be provided with the required capacity. Capacity is the limit of the number of simultaneous requests which should be provided with guaranteed performance [37]. Web services should support the required number of simultaneous connections.

5. Robustness: Web services should be provided with high robustness. Robustness here represents the degree to which a web service can function correctly even in the presence of invalid, incomplete or conflicting inputs [37]. Web services should still work even if incomplete parameters are provided to the service request invocation.

6. Exception Handling: Web services should be provided with the functionality of

exception handling. Since it is not possible for the service designer to specify all the possible outcomes and alternatives (especially with various special cases and unanticipated possibilities), exceptions should be handled properly [37]. Exception handling is related to how the service handles these exceptions.

7. Accuracy: Web services should be provided with high accuracy. Accuracy here is defined as the error rate generated by the web service [37]. The number of errors that the service generates over a time interval should be minimized.

8. Integrity: Integrity for web services should be provided so that a system or component can prevent unauthorized access to, or modification of, computer programs or data. There can be two types of integrity: data integrity and transactional integrity. Data integrity defines whether the transferred data is modified in transit. Transactional integrity refers to a procedure or set of procedures, which is guaranteed to preserve database integrity in a transaction [36].

9. Accessibility: Web services should be provided with high accessibility. Accessibility here represents whether the web service is capable of serving the client's requests [36]. High accessibility can be achieved, e.g., by building highly scalable systems.

10. Availability: The web service should be ready (i.e., available) for immediate consumption.

This availability is the probability that the system is up and related to reliability [16].

Time-to-Repair (TTR) is associated with availability. TTR represents the time it takes to repair the web service [36]. The service should be available immediately when it is invoked.

11. Interoperability: Web services should be interoperable between the different developmental environments used to implement services so that developers using those services do not have to think about which programming language or operating system the

services are hosted on [36].

12. Security: Web services should be provided with the required security. With the increase in the use of web services which are delivered over the public Internet, there is a growing concern about security. The web service provider may apply different approaches and levels of providing security policy depending on the service requestor.

Security for web services means providing authentication, authorization, confidentiality, traceability/auditability, data encryption, and non-repudiation. Each of these aspects is described below [36][37].

 Authentication: Users (or other services) who can access service and data should be authenticated.

 Authorization: Users (or other services) should be authorized so that they only can access the protected services.

 Confidentiality: Data should be treated properly so that only authorized users (or other services) can access or modify the data.

 Accountability: The supplier can be hold accountable for their services.

 Traceability and Auditability: It should be possible to trace the history of a service when a request was serviced.

 Data encryption: Data should be encrypted.

 Non-Repudiation: A user cannot deny requesting a service or data after the fact. The service provider needs to ensure these security requirements.

13. Network-Related QoS Requirements: To achieve desired QoS for web services, the QoS mechanisms operating at the web service application level must operate together with the QoS mechanisms operating in the transport network (e.g., RSVP, DiffServ, MPLS,

etc.) which are rather independent of the application. In particular, application level QoS parameters should be mapped appropriately to corresponding network level QoS parameters. Basic network level QoS parameters include network delay, delay variation, and packet loss, and they are described as follows.

 The network delay is the average length of time a packet traverses in a network. The network delay can be handled by a good network design that minimizes the number of hops encountered and by the advent of faster switching devices like Layer 3 switches and tag switching system such as MPLS systems and ATM switches.

 The delay variation is the variation in the inter-packet arrival time (leading to gaps, known as jitter, between packets) as introduced by the variable transmission delay over the network. Removing jitter requires collecting packets in buffers and holding them long enough to allow the slowest packets to arrive in time to be played in correct sequence. Jitter buffers may cause additional delay, which is used to remove the packet delay variation as each packet transits the network.

 The Internet does not guarantee delivery of packets. Packets will be dropped under peak loads and during periods of congestion. Approaches used to compensate for packet loss include replay of the last packet, and transmission of redundant information. Out of order packets may need to be re-ordered at the receiver.

 In addition, network management mechanisms may also be involved in controlling and managing QoS for web services.

Even though W3C defines different attributes such as reliability, security, and efficiency as part of web service QoS model, but it leaves the users to judge the level of QoS.

This may result in the inconsistency of consumers’ views on the values of QoS attributes. That is, one consumer may perceive a particular QoS attribute differently from another consumer.

Therefore, more criteria should be developed based on QoS definition proposed by W3C if it would be taken for developing QoS-aware selection of web service.