In this chapter the authors present a policy-based security engineering process for service oriented applications, developed in the SERENITY and MISTICO projects. Security and dependability (S&D) are considered as first-class citizens in the proposed engineering process, which is based on the precise description of reusable security and dependability solutions. The authors’ process is based on ...

WS-Policy4MASC is an XML language for specification of policies for run-time Web service management. Among its original contributions is specification of diverse business values (e.g., profit, customer satisfaction) and control strategies maximizing different business values. While it was originally developed for the MASC (Manageable and Adaptable Service Compositions) middleware, it can also b...

WS-Policy is a framework that can be used to describe assertions for web services message exchange. In the context of Service Oriented Architectures and Clouds, where web services are belonging to, machine-to-machine communication is one of its core ideas. When those machines try to apply WS-Policy, mainly two events can occur: First, the machine-exchanged policies have common assertions – ther...

There is an ongoing debate among practitioners and scholars about the security consequences of transnational migration. Yet, existing work has not yet fully taken into account the policy instruments states have at their disposal to mitigate these, and we lack reliable evidence for the e↵ectiveness of such measures. The following research addresses both shortcomings as we analyze whether and to ...

Authorization and access control in Web services is complicated by the unique requirements of the dynamic Web services paradigm. Amongst them is the requirement for a context-aware access control specification and a processing model to apply fine-grained access control on various components of a Web service. In this paper, we address these two requirements and present a policy-based authorizati...

When a need for dynamic adaptation of an information technology (IT) system arises, often several alternative approaches can be taken. Maximization of technical quality of service (QoS) metrics (e.g., throughput, availability) need not maximize business value metrics (e.g., profit, customer satisfaction). The goal of autonomic business-driven IT system management (BDIM) is to ensure that operat...

Recently, there has been an increased amount of attention dedicated to WS-Policy it has become a W3C submission and a working group was formed to standardize the specification. In our previous work, we provided a mapping of WS-Policy to OWL-DL. In this paper, we continue that work by analyzing the operation of policy intersection (determining whether two web service policies are compatible). We...

The Wiki-WS platform was implemented within the C2NIWA project for production purposes. Wiki-WS stands for developing, managing and maintaining web services. The production deployment needed implementation of several functional improvements and establishing a strong security&safety policy. The WikiWiki-WS platform has to be used as an educational environment for developing web services and a pr...

MASC (Manageable and Adaptive Service Compositions)1 is a policy-based middleware for monitoring of Web service compositions and their dynamic adaptation to various runtime changes. The monitorable requirements and the adaptation actions are specified in the WS-Policy4MASC language which extends WS-Policy by defining new types of policy assertions. In this paper, we present an overview of MASC ...

Nowadays, applications are increasingly deployed as Web services in the globally distributed cloud computing environment. Multiple services are normally composed to fulfill complex functionalities. Business Process Execution Language for Web Services (WS-BPEL) is an XML-based service composition language that is used to define a complex business process by orchestrating multiple services. Compa...