Distributed Orchestration Versus Choreography: The FOCAS Approach
ICSP '09 Proceedings of the International Conference on Software Process: Trustworthy Software Development Processes
Incorporating Security Requirements into Service Composition: From Modelling to Execution
ICSOC-ServiceWave '09 Proceedings of the 7th International Joint Conference on Service-Oriented Computing
Towards an approach to design and enforce security in web service composition
International Journal of Web Engineering and Technology
Configuring private data management as access restrictions: from design to enforcement
ICSOC'12 Proceedings of the 10th international conference on Service-Oriented Computing
| Hi-index | 0.00 |
In this paper, we present a process-oriented tool allowing the specification of security properties at the service composition level. The tool is based on the notions of abstract and concrete services as well as on the concept of separation of concerns. It provides a framework that allows different people to effectively discuss security issues. Abstract services can be viewed as activities rather than as technical services and are such better understood by non-technical people. Similarly, security is discussed in terms of needs and no complex security technologies are to be specified. The tool relies between these two meta-models specifying orchestration-related concepts and security concepts. Meta-links between the meta-models have been defined to specify the authorized security constraints on the orchestrated services. The tool has been validated on an application specified by Thales.