Automatic Composition of Services with Security Policies

Authors:
Yannick Chevalier;Mohammed Anis Mekki;Michaël Rusinowitch
Affiliations:
-;-;-
Venue:
SERVICES '08 Proceedings of the 2008 IEEE Congress on Services - Part I
Year:
2008

Citing 0
Cited 8

Extended BPEL with heterogeneous authentication mechanisms in service ecosystems

Proceedings of the International Conference on Management of Emergent Digital EcoSystems
Towards formal validation of trust and security in the internet of services

The future internet
Security-aware web service composition approaches: state-of-the-art

Proceedings of the 13th International Conference on Information Integration and Web-based Applications and Services
Web services verification and prudent implementation

DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Distributed orchestration of web services under security constraints

DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
The AVANTSSAR platform for the automated validation of trust and security of service-oriented architectures

TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Towards the orchestration of secured services under non-disclosure policies

MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
A tool for the synthesis of cryptographic orchestrators

Proceedings of the Workshop on Model-Driven Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Automatic composition of web services is a challenging task. Many works have considered simplified automata models that abstract away from the structure of messages exchanged by the services. For the domain of security services (such as digital signing or timestamping) we propose a novel approach to automated composition of services based on their security policies. The approach amounts to collecting the constraints on messages, parameters and control flow from the components services and the goal service requirements. A constraint solver checks the feasability of the composition — possibly adapting the message structure while preserving the semantics — and displays the service composition as a message sequence chart. The resulting composed service can be verified automatically for ensuring that it cannot be subject to active attacks from intruders. The services that are input to our system are provided in a declarative way using a high level specification language. The approach is fully automatic and we show on a case-study how it succeeds in deriving a composed service that is currently proposed as a product by OpenTrust.