Securing Web Service Compositions: Formalizing Authorization Policies Using Event Calculus
نویسندگان
چکیده
Service composition is a fundamental technique for developing Web services based applications. As autonomous services are invoked through protocols, issues such as security must be taken into account. Thus, ensuring security in such a system is challenging and not supported by most of the security frameworks proposed in current literature. This paper presents a formal model for composing security policies dynamically to cope with changes in requirements or occurrences of events. We address one particular issue that of authorization within a Web services composition. In particular, we propose a dynamic authorization model which allows for complex authorization policies whilst ensuring trust and privacy between the components services.
منابع مشابه
Automated Web Services Composition with the Event Calculus
As the web services proliferate and complicate it is becoming an overwhelming job to manually prepare the web service compositions which describe the communication and integration between web services. This paper analyzes the usage of the Event Calculus, which is one of the logical actioneffect definition languages, for the automated preparation and execution of web service compositions. In thi...
متن کاملAutomated Web Service Composition
Director I certify that this thesis satisfies all the requirements as a thesis for the degree of Master of Science. This is to certify that we have read this thesis and that in our opinion it is fully adequate, in scope and quality, as a thesis for the degree of Master of Science. I hereby declare that all information in this document has been obtained and presented in accordance with academic ...
متن کاملSecurity Analysis for Web ServicesCompositions
As more organizations adopt Web services for increasingly sensitive, mission-critical data the potential impact of breaches of Web services increases both for individuals and organizations. Increasing impacts can result in a worsening of the risk environment for all parties. Web services security and auditing is therefore an important concern. The current trend toward representing Web services ...
متن کاملVerifying Composite Service Transactional Behavior Using Event Calculus
A key challenge of Web service (WS) composition is how to ensure reliable execution. The lack of techniques that support non-functional features such as execution reliability is widely recognized as a barrier preventing widespread adoption. Therefore, there is a growing interest for verification techniques which help to prevent WS composition execution failures. In this paper, we propose an eve...
متن کاملSafeWeb: A Middleware for Securing Ruby-Based Web Applications
Web applications in many domains such as healthcare and finance must process sensitive data, while complying with legal policies regarding the release of different classes of data to different parties. Currently, software bugs may lead to irreversible disclosure of confidential data in multi-tier web applications. An open challenge is how developers can guarantee these web applications only eve...
متن کامل