System-level Infrastructure Issues for Controlled Interactions among Autonomous Participants in Electronic Commerce Processes Manolis Marazakis, Dimitris Papadakis, Christos Nikolaou, Penelope Constanta Department of Computer Science, University of Crete and Institute of Computer Science, FORTH, PO Box 1385, GR 71110 Heraklion, Greece. e-mail: maraz,dimpapa,nikolau,penelope @ics.forth.gr Abstract Electronic commerce in open large-scale distributed en- vironments presents several system-level challenges in terms of execution model, infrastructure, and management. The autonomy of providers severely restricts the scope of control by authorities other than the owner of each service, and makes the design of the distributed software architecture a challenging undertaking. In this paper we present our ongo- ing work toward the development of a distributed software substrate to support controlled interactions among compo- nents that are owned and managed by autonomous author- ities. This infrastructure is based on a distributed compo- nent model, designed to support the paradigm of service- level management for specifying and managing commit- ments made by independent service providers to their clients on performance-related attributes of services. 1. Introduction It is expected that electronic commerce applications will be required to support mixing and matching of products and services, on a personal basis and in real-time [3]. An increasing level of customization and integration of prod- ucts and services will be required, so as to allow bundling disparate components into distinct new products that serve the specific needs of each consumer. However, as comput- ing and communication systems are becoming increasingly interdependent, end-to-end behavior depends on multiple subsystems that have been developed independently of each other and are often beyond the control of any single author- ity. For dynamic and adaptive processes such as commerce, it may be the case that independent subsystems need to cooperate in configurations not foreseen by the original de- velopers. Interactions among widely distributed software components that are owned and managed by independent and autonomous authorities necessitate a model of execu- tion that explicitly supports controlled interactions among widely distributed and autonomous business partners in the context of long-duration sessions, with data and control flow paths that may not be fully specified in advance. The execution model has to tolerate the variable (possi- bly long) delays and the higher chances of partial failures introduced by large-scale distribution. Current transaction processing techniques [6] cannot be directly applied, since there may be multiple related interactions between any two partners over a time interval of unpredictable duration, in- troducing a much greater variability in response time than commonly assumed in transaction processing applications. Current distributed object technologies support funda- mental requirements for component development, such as information hiding, data abstraction, polymorphism, dy- namic binding and inheritance, but do not support service- level (quality) guarantees. Guarantees are, in turn, an inte- gral part of contracts that define mutual commitments, terms and conditions between providers and clients. Since the au- tonomy of providers severely restricts the degree of control that can be exercised by authorities other than the owner of each service, contracts, defining the mutual commitments and terms of cooperation between business partners and required service-level attributes, becomes increasingly im- portant. Moreover, the issues of customization and on-line control, through invocations of control operations and feed- back loops, need to be taken into account in the design of fulfillment processes for long-running complex services. These are major challenges for current software engineer- ing practices and technologies. We adopt the approach of service-level management [9] as a framework for address- ing all infrastructure management issues in an integrated manner. Service-level management is a process concerned with specifying and achieving desired service qualities, so