The figure above illustrates the main features of our middleware.
- the participant A advertises its contract to the middleware, making it available to other participants.
- the middleware determines that the contracts of A and B are compliant, and then it establishes a session through which the two participants can interact. This interaction consists in sending and receiving messages, simi- larly to a standard MOM
- participant A delivers to the middleware a message for B, which can then collect it from the middleware. Unlike standard MOMs, the interaction happening in each session is monitored by the middleware, which checks whether contracts are respected or not. In particular, the execution monitor verifies that actions can only occur when prescribed by their contracts, and it detects when some expected action is missing.
- the execution monitor has detected an attempt of participant B to do some illegal action. Upon detection of a contract violation, the middleware punishes the culprit, by suitably decreasing its reputation. This is a measure of the trustworthiness of a participant in its past interactions: the lower is the reputation, the lower is the probability of being able to establish new sessions with it. The reputation system aims to mitigate self-promoting attacks.
- shows another mechanism for establishing sessions: here, the participant C advertises a contract, and D just accepts it. Technically, this requires the middleware to construct the dual of the contract of C, to associate it with D, and to establish a session between C and D. The interaction happening in this session then proceeds as described previously.