Abstract:
Web service choreographies, orchestrations and dynamically invoking web services are
three kinds of sample compositions. These compositions create service inter-dependencies
that can be misused for monetary or other gains. When a misuse is
reported, investigators have to navigate through a collection of web-service or network
logs to recreate suspected misuses. In order to facilitate this task, I propose creating
forensic web services (FWS), specialized web services that, when used, would securely
maintain transactional records between other web services. An independent agency can
re-link these secure records residing in distributed FWS stations to reproduce the
transactional history, and thereby substantiate or refute claims of misuse by providing
supporting or refuting evidence.
As multi-participant transactions migrate to web services, there is a potential for some of
these parties to not fulfill their specified obligations or to work to achieve objectives
contrary to those specified objectives. Preserving evidence of service behavior of all
participating actors in complex web-based transactions can resolve such shortcomings. In
order to achieve this, I propose a three-layered framework to preserve evidence of service
behaviors in a non-refutable way. The lowest layer of my framework preserves
transactional evidence of pair-wise participation using cryptographically secured FWS.
The second layer uses this pair-wise evidence to derive evidence of complex interactions.
The highest layer generates evidence of complex transactional behavior.
Web service choreographies can be misused at multiple levels: namely exploiting their
technical capabilities that I refer to as Service Misuses and using them to design complex
illegal business schemes that I refer to as Business Misuses, such as Ponzi, pyramid, or
money laundering schemes. One of the main problems with the latter kind of misuses is
that they appear similar to a legal multi-stage business scheme to an external observer
with a microscopic view; but in truth are macroscopically illegal. I define some of these
schemes precisely and show how to produce evidence of them using cryptographically
secure local message repositories. Such evidence would be helpful to financial fraud
investigators, business arbiters, potential investors, and judicial actors.
Detecting service or business misuses, in particular, over a set of evidence of observed
web service interactions through a post-mortem investigation might disclose an extremely
dramatic level of damage as is in the case of Ponzi schemes. Live detection of business
misuses can assist a collection of services by alerting them to a spreading misuse that
may target them or help in preventing service misuses. I abstract post-mortem detection
queries for business and service misuses.