Elarbi Badidi
, Larbi Esmahi
, M. Adel Serhani
and Ikbal Taleb
College of Information Technology, United Arab Emirates University, PO.Box. 17551, Al-Ain, United Arab Emirates
School for Computing & Information Systems, Athabasca University
1 University Drive, Athabasca, Alberta, T9S 3A3, Canada
Keywords: Service oriented computing, Mobile workers, Tailored services provisioning, Quality of service.
Abstract: This paper proposes a broker-based Web services provisioning system for mobile users with QoS
requirements. It describes a set of cooperative brokers distributed over different sites that work together to
provide personalized services for mobile users while they move from one location to another in their
corporate and partners’ networks. Access to QoS-enabled Web services is obtained in accordance with the
users’ home policies. This is made possible by negotiating the user profile and the terms of the service level
With the advent of service oriented computing and
the prevalent deployment of business applications on
the web to reach a large base of customers, many
organizations have moved their business online.
Web Services are the current most promising
technology based on the idea of service oriented
computing. They provide the basis for the
development and execution of business processes
that are distributed over the network and available
via standard interfaces and protocols.
Another development in the area of service
oriented computing is the unprecedented rise in the
number of mobile workers using a variety of
handheld devices such as PDAs and SmartPhones to
consume online services. Modern mobile devices are
often fully equipped with broad capabilities. Most of
them support several wireless communication
options including Wi-Fi, Bluethooth, GPRS, and
EDGE. They also come with advanced multimedia
capabilities including streaming. These devices
present now browsing capabilities that go beyond
the simple WAP protocol. Mobile computing
extends the e-business infrastructure to new classes
of devices, delivering on-demand information
wherever it is needed, using any device. With the
proliferation of mobile devices, wireless business
applications, i.e. messaging and voice services, are
more and more developed and deployed using Web
services. These services offer the possibility to
overcome the limitations of individual mobile
devices by making functionality offered by others
available to them on an as-needed basis. Thus, using
the service-oriented computing paradigm in mobile
environments will considerably enlarge the variety
of accessible applications and will enable new
business opportunities in the mobile space by
delivering integrated functionalities across wireless
Mobile workers are increasingly requiring
services tailored to their needs as they move from
one location to another in their corporate and
partners’ networks. They are also requiring retaining
access to their corporate services as they move to
new locations. In this paper, we describe our broker-
based framework, which aims to offer a working
environment that allows mobile users to use home
services as they move to new locations in their
corporate or partners' networks.
Our work is motivated by the desire to provide
mobile workers with local services tailored to their
Badidi E., Esmahi L., Adel Serhani M. and Taleb I. (2009).
In Proceedings of the International Conference on Wireless Information Networks and Systems, pages 147-152
DOI: 10.5220/0002232101470152
needs and to their home-profiles as they move from
one location to another in their corporate or partners’
networks. To achieve this, two main aspects need to
be considered. First, we need to identify the mobile
worker’s device in use at any particular time and its
capabilities as well as his/her preferences and
functional and non-functional service requirements,
such as the minimum level of QoS they are willing
to accept. Second, a close cooperation between the
home location and the visited one needs to be
established to negotiate and agree on issues related
to the user’s profile.
Several research works have studied the issue of
service delivery to mobile users. The authors in
(Ganna, 2003) proposed a policy-based service
provisioning and users management using mobile
agents. Their architecture is based on the notion of a
domain that represents an administrative authority
with its own behavior, policies, and users. Harroud
et al. describe an agent-based service provisioning
system for mobile users (Harroud, 2003). The
system comprises a set of cooperative agents
distributed over different sites that work together to
provide personalized services for mobile users over
the Internet. An Adaptive Service Presentation agent
is used to adapt the service presentation to the
capabilities of the users' mobile device. The work of
Riva describes a two-tier model for providing
services to mobile users (Riva, 2007). The model
presupposes that the system is aware about the
users’ profiles and context as well as available
services and has capabilities to match these with
each other. The authors in (Nor Azhan, 2007)
proposed a service-based content adaptation
platform, which adapts content for display on mobile
device without user intervention.
These works share some common goals with our
proposed work. However, they were done in other
contexts other done the service-oriented
environment, which currently represents the most-
predominant environment for service delivery. Our
work takes advantage of the various standards that
have been developed in the last few years for both
Web services and mobile computing especially the
standards for describing the mobile device
Several service providers currently offer services
that allow information to be pushed to a mobile
device, or offered via a limited Web-browser
interface. With a service-oriented architecture, it is
becoming possible to offer services that fully use the
power of the mobile device.
Nevertheless, mobile services access is still
suffering today from interoperability and usability
problems. This is to some extent attributable to the
small physical size of the screens of mobile devices.
It is also partly due to the incompatibility of many
mobile devices with not only computer operating
systems, but also the format of much of the
information that is delivered to mobile devices.
The W3C Mobile Web Initiative (MWI) is a new
initiative established by the W3C to develop best
practices and technologies for creating mobile-
friendly content and applications. The goal of the
initiative is to enable the access to the Web from
mobile devices and to make it more reliable and
accessible. This typically requires the adaptation of
Web content based on the device capabilities. The
W3C has published guidelines (Best Practices, W3C
mobileOK checker service) for mobile content
(W3C, ). The MWI Device Description Working
Group is actively tackling the problem of device
diversity by setting up a repository of device
descriptions (W3C Mobile Web Initiative). Authors
of Web content may use the repository to adapt their
content to best suit the requesting device.
The OMA (Open Mobile Alliance) specification
defines the User Agent Profile (UAProf) to describe
capability and preference information of wireless
mobile devices (Open Mobile Alliance, 2001). This
information is to be used mainly by content
providers to generate content in a suitable format for
the specific device. It is based on the generic
framework W3C CC/PP (Composite Capabilities/
Preference Profiles) (W3C, 2007). CC/PP denes a
schema for the description of a device’s profile,
which is composed of components that describe
characteristics of hardware, software, network, and
so on. A CC/PP profile can be used to adapt Web
contents to a specic device. A UAProf file
describes the capabilities of a mobile handset,
including Vendor, Model, Screen size, Multimedia
Capabilities, Character Set support, and more.
4.1 Service Provisioning Requirements
To provide mobile workers with tailored services as
WINSYS 2009 - International Conference on Wireless Information Networks and Systems
Figure 1: Framework components.
they move from one location to another in their
corporate networks or their partners’ networks,
several issues need to be addressed.
Authentication and authorization control to
identify the user and his/her authorized services
on the home site.
Identification of the mobile user devices, so that
the service presentation will be tailored to the
capabilities of these devices.
Exchange of the user profile between the home
site and the visited site to allow for identifying
the user preferences, and providing access to
local services using these preferences.
QoS monitoring and management so that the user
will be provided with his/her required and
authorized QoS.
4.2 Framework Components
To address these issues, our proposed framework is
based on a brokerage service to mediate on one hand
between the mobile user home site and the visited
site, and on the other hand between the mobile user
and local Web services on the visited site. The above
issues are handled by the broker components.
Another key component of the framework is the
Policy Manager, which is responsible for
maintaining authentication and authorization
policies, as well as polices for monitoring services
and their quality of service.
Figure 1 depicts the main components of the
framework at a given site. These components
cooperate to deliver personalized services to mobile
users with various devices across interacting sites.
They are under the control of the Coordinator
component and allow carrying out several
management operations: Admission control, QoS
negotiation, QoS-based service selection, QoS
monitoring, User profile management, and policies
management. The backend databases maintain
information about policies, user profiles and
preferences, and dynamic QoS information.
4.2.1 QoS Specification
Specification of QoS that providers can deliver may
be performed by incorporating QoS parameters, such
as response time, throughput and cost, into the
WSDL service description. This is the QoS model
supported by the UDDIe (Shaikh Ali, 2003). Other
works (Zuquim, 2006) (Ganna, 2003) have proposed
extensions to the Web services Policy Framework
(WS-Policy) to represent QoS policies of Web
services. WS_Policy does not specify how policies
are discovered or attached to a Web service. The
WS_PolicyAttachment specification (W3C, 2006)
defines such mechanisms.
In our framework, QoS policies are also stored in
the policies repository as well as the other policies
concerning authentication, authorization, user profile
and preferences management, and mobile devices
profile management.Admission Control
The Admission Manager classifies incoming
requests and verifies the provisioned classes of QoS.
It is responsible of determining whether the received
requests are allowed to use the requested services.
This means that Web services access is denied to
requests from users who did not negotiate the level of
QoS with the selected Web services providers.
4.2.2 QoS-based Service Selection
The Request Dispatcher is in charge of implementing
different policies for the selection of an appropriate
web service that will deliver the user required service
with the required QoS. It performs the match-making
of required QoS with stored QoS. Various policies
have been specified in the literature regarding service
selection policies.
4.2.3 QoS Negotiation
The QoS negotiation process is carried out by the
QoS Negotiator in order to reach a service level
agreement (SLA) concerning the QoS to be delivered
to the user. The SLA specifies the service to be
provided by the provider to the client, the guaranteed
QoS, the cost of the service, and the actions to be
taken when there is a violation of the agreed QoS.
The negotiation protocol is detailed in next section.
4.2.4 QoS Monitoring
QoS monitoring is carried out by the QoS Monitoring
Manager and by the Web Service Controller (Figure
1). The QoS Monitoring Manager continually
observes the level of QoS level rendered to clients.
QoS parameters, such as response time and
availability that need to be observed are specified in
the contract. Observation is achieved through
periodic measurement of these QoS parameters at
some observation points at the server side and at the
client side. QoS violation is detected when the
measured value of a QoS parameter does not meet
the requirements of the agreed one.
4.2.5 Profile Management
The Profile Manager is responsible for managing
users’ profiles, which include their preferences, in
terms of personalized services, current location, and
required QoS. It is also responsible for negotiating
the user profile and authorized services at the visited
site, as well as the devices profiles, that are described
using UAProf and CC/PP. Profile negotiation is
detailed in next section.
4.2.6 Policies Management
Utilization of policies in Web services environments
has been recognized since the specification of the
first standards for Web services. In the WS-Policy
specification (Bajaj, 2007), individual requirements
or capabilities of a policy subject are declared using
XML policy assertion elements. Policy assertions are
the building blocks of policies. Each assertion
describes an atomic aspect of a service's
requirements (e.g. authentication scheme,
authorization scheme, QoS/SLA characteristics, etc.).
A policy expression can be comprised of one or more
policy assertions assembled in Policy alternatives
using logical policy operators. This expression can
also be associated with a Web service resource, such
as a service or endpoint, using WSDL or other
mechanisms defined in WS-PolicyAttachment (W3C,
The Policy Manager is responsible for
maintaining authorization policies, and polices for
monitoring services and quality of service. It receives
access control requests, processes them against a set
of policies that define how the services are to be used
by its mobile users, and returns access control
responses. Figure 2 depicts the architecture of the
Policy Manager. The Policy Decision Point (PDP) is
the component that grants or denies access to
services. It encompasses a rule engine that
determines the policies to apply when a user requests
access to a service. When a user attempts to access a
service with QoS requirements, the Policy
Enforcement Point (PEP) component sends a
message to the PDP asking whether to approve the
user request. It then replies with permission or denial
of access to that service based on the rules that have
been defined and the request parameters.
Figure 2: Policy Manager components.
WINSYS 2009 - International Conference on Wireless Information Networks and Systems
Figure 3: Inter-site profile negotiation.
5.1 Profile Negotiation
Figure 3 depicts the interactions between the brokers
at the visited site and the home site, to create a user’s
profile at the visited site.
The mobile user submits a request, including the
CC/PP profile of the mobile device in use, at the
visited site.
After processing the user’s authentication on an
authorized device, the Coordinator at the visited
site requests the user’s profile from its User
Profile Manager. If the user profile is available
locally, then the Coordinator starts negotiating
the terms of service with the mobile user as
described in the next section. Otherwise, the
following steps are accomplished.
A request is sent to the Coordinator at the home
site of the mobile user in order to get his profile.
This is achieved through the following steps.
The Coordinator at the home site of the mobile
user forwards the user profile request to its User
Profile Manager.
The home User Profile Manager reads the mobile
user profile from the profiles database.
The home User Profile Manager requests from
the home Policy Manager the policies regarding
the user, such as authorization policies to services
available at other sites to which the user may
have access and the type of access.
The home Policy Manager reads the policies
regarding the mobile user from the policies
The home User Profile Manager returns the
requested profile of the mobile user to its
The home Coordinator returns the user profile to
its peer at the visited site. After getting the final
profile of the user, the Coordinator at the visited
site starts negotiating the terms of the service
level agreement as described in the next section.
5.2 Policy-driven SLA Negotiation
Once the user profile has been determined, the
mobile user and the QoS broker at the visited site
start negotiating the terms of the SLA according to
the following protocol (Figure 4):
1. The mobile user formulates a SLA request
detailing service provisioning request and sends it
to the Coordinator component at the visited site.
2. The Coordinator may decide whether the SLA
proposal can be processed. This decision is based
on the mobile user profile, determined in the
previous process. If for instance the requested
service is not among the services that are
authorized for the user, then a rejection is sent to
the user.
3. The Coordinator requests then the selection of a
target Web service from the Request Dispatcher.
Figure 4: SLA negotiation protocol.
4. The Coordinator sends the SLA proposal and the
reference of the selected Web service to the
Policy Manager to decide whether the mobile
user request can be processed or not. This
decision is based on the requested level of service
and the Web service policies.
5. The Coordinator and the mobile user start then
negotiating the specific terms of the service
provisioning based on SLA requirements and
Web service policies. The Coordinator requests
from the QoS Negotiator to determine the final
profile by negotiating the level of QoS to be
6. Proposals are returned to the mobile user, who
can accept or reject offers – rejections typically
trigger renegotiation.
In this paper, we have presented a cooperative
broker-based Web services provisioning system for
mobile users with QoS requirements. Policies are a
crucial part of the framework. They are used at
different levels: authorization, QoS specification,
QoS service monitoring, and description of service
policies. QoS brokers at the visited site and the home
site are involved in determining the mobile user
profile and in negotiating a final Service Level
Agreement. This final SLA details the terms of
service at the visited site according to several
policies: WS policies, selection policies, and QoS
A prototype of our proposed framework is under
development. The implementation platform includes:
NetBeans 6.5, the UDDIe registry, MySQL, and
Apache Neethi, which provides a general framework
for developers to use WS-Policy. As a future work,
we intend to extend our proposed architecture with
security policies using standards such as
WS_Security and WS_Policy.
Bajaj, S., et al., 2007. Web services policy 1.5 –
framework. W3C Candidate Recommendation 28
February 2007. http://www.w3.org/TR/2007/CR-ws-
Ganna, M., Horlait, E., 2003. Policy-based service
provisioning and users' management using mobile
agents. Lecture Notes in Computer Science Vol. 2881
Springer 2003, ISBN 3-540-20298-6, pp. 53-66.
Harroud, H., Karmouch, A.M., 2003. A. Policy-driven
personalized multimedia services for mobile users.
IEEE Transactions on Mobile Computing, Vol. 2, Issue
1, Jan.-March 2003, pp: 16 – 24.
Nor Azhan, N., Wong, H.S., Khairil, I.B.G., Tamrin, M.,
2007. Using service-based content adaptation platform
to enhance mobile user experience. In Mobility'07, the
4th international conference on mobile technology,
applications, and systems.
Open Mobile Alliance, 2001. WAG UAProf, version 20-
Riva, O., Toivonen, S., 2007. The DYNAMOS approach to
support context-aware service provisioning in mobile
environments. Journal of Systems and Software, Vol.
80, Issue 12, 2007, pp. 1956-1972
Shaikh Ali, A., Rana, O.F., Al-Ali, R., Walker, D.W.,
2003. UDDIe: an extended Registry for Web services.
In SAINT 2003, the IEEE Symposium on Applications
and the Internet Workshops, pp. 85 - 89.
W3C,. W3C mobileOK Checker [Beta]. http://validator.
W3C, 2006. Web services policy attachment. http://www.
W3C, 2007. Composite Capability/Preference Profiles
(CC/PP): Structure and vocabularies 2.0. W3C
Working Draft 30 April 2007. http://www.w3.org/TR/
W3C Mobile Web Initiative. MWI device description
working group. http://www.w3.org/2005/MWI/DDWG
Zuquim, D., Guimares, G., Felgar de Toledo, M.B., 2006.
A Web service architecture providing QoS
management. In LA-WEB'06, the 4th Latin American
Web Congress, pp. 189-198.
WINSYS 2009 - International Conference on Wireless Information Networks and Systems