Somayeh Karimi, Seyed Morteza Babamir Islamic Azad University, Meymeh Branch, Department of Computer, Meymeh, Iran University of Kashan, Department of Computer Engineering, Kashan, Iran S_karimi@iaumeymeh.ac.ir, babamir@kashanu.ac.ir Abstract— Service-Oriented Architecture (SOA) provides a flexible framework for web service composition. Using standard based protocols (such as SOAP and WSDL), composite services can be constructed by integrating atomic services developed independently. For each service in the composition, many service providers can offer the same function but may have different non-functional attributes (i.e. security, QoS parameters). These attributes have to be considered to make a decision selection more carefully and have suitable composition of web services composition. In this paper, we propose a broker-based framework for integration and adaptation of non-functional aware web services. We present the web service selection mechanism which selects the best (most suitable) web service based on the both requester and provider’s security issues and quality attributes. Key words — Web service composition, Business proce ss, Non-functional constraints, Security, QoS (Quality of Service), Broker. I. INTRODUCTION owadays the web is the main means by which companies and organizations are carrying on their business. This central role of the web has forced many companies to reorganize their businesses by using Web-based heterogeneous technologies in order to remain competitive in a business world. In such a scenario, the web service paradigm has emerged as the most promising approach for web-based application development [1]. A web service is a software system designed to support interoperable application- to-application interaction over Internet. Some benefits of adopting web services are that they are platform and vendor independent, since they are based on a set of standards, they provide a means for the convergence of disparate business functionalities, they make easier to deploy business applications for trading partners, thus resulting in a significant reduction in total cost of development. Web services rely on a set of XML standards such as Universal Description, Discovery and Integration (UDDI) [2], web Services Description Language (WSDL) [3], and Simple Object Access Protocol (SOAP) [4]. One of the major goals of web services is to make easier their composition to form more complex services. To this purpose, many emerging languages (e.g., BPEL4WS [5], WSBPEL [6] and BPML [7]) have been proposed for coordinating web services into a workflow. Discovering of web services for take parting to the composition are based on their functional properties. The increasing number of web service providers on the web supporting numerous web services having same or similar functionality caused using their non-functional properties to distinguish them and several tools and techniques was created to search suitable web services. In this paper, we focus on security and QoS issues of web services compositions which may be specified by requesters or provider's web services that must be taken into account when composing web services. For instance, a web service provider may not want to accept requests issued by a specific IP address, or a web service requester wants to be use only web services with minimum response time in the composition. In this paper , we propose a brokered architecture to compose web services according to the specified security constraints and represent a mechanism to select the best web services with regards to QoS (i.e. response time, service cost, availability and reliability) properties. The main motivation of the proposed framework is to delegate brokers to make intelligent web service compositions. The main functions of a broker include: • Service tracking: A broker has a service repository to record all feasible web services it is aware of. • Service selection: This is the key function of our service broker. A broker match web services according to security constraints and select the best web services to execute a business process. After each business plan transaction, a user should report the record QoS performance (from the services) to the broker so that the broker can update the statistical QoS data of each service. The rest of paper is organized as follows. Next section discusses related work. Section 3 discusses security and QoS issues related to web service composition. Section 4 describes broker based architecture for web service composition and presents the security matchmaking and QoS Adapting. Section 5 presents the implementation details. Section 6 draws conclusions. II. RELATED WORKS Recently, business process or workflow proposals relevant to web services are proliferating in the business and academic world. Most of the proposals are XML-based languages to specify web services interactions and compositions. All of the proposed XML languages are based on WSDL service descriptions with extension elements, such as BPEL4WS (Business Process Execution Language for Web Services) and Efficient Intelligent Secure for Web Service Composition N Page 17 /183