A theoretical basis for stepwise refinement and the programming calculus
Science of Computer Programming
A syntactic approach to type soundness
Information and Computation
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Software reliability via run-time result-checking
Journal of the ACM (JACM)
Featherweight Java: a minimal core calculus for Java and GJ
Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Model checking
Guardians and Actions: Linguistic Support for Robust, Distributed Programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
On the criteria to be used in decomposing systems into modules
Communications of the ACM
Refinement Calculus, Part I: Sequential Nondeterministic Programs
Stepwise Refinement of Distributed Systems, Models, Formalisms, Correctness, REX Workshop
Runtime verification of .NET contracts
Journal of Systems and Software - Special issue on: Component-based software engineering
The Greybox Approach: When Blackbox Specifications Hide Too Much
The Greybox Approach: When Blackbox Specifications Hide Too Much
Introduction: Service-oriented computing
Communications of the ACM - Service-oriented computing
Smart monitors for composed services
Proceedings of the 2nd international conference on Service oriented computing
Validating a web service security abstraction by typing
Formal Aspects of Computing
Validating a web service security abstraction by typing
Formal Aspects of Computing
Trust but verify: authorization for web services
SWS '04 Proceedings of the 2004 workshop on Secure web service
Preliminary design of JML: a behavioral interface specification language for java
ACM SIGSOFT Software Engineering Notes
Types and Effects for Secure Service Orchestration
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Run-Time Monitoring of Instances and Classes of Web Service Compositions
ICWS '06 Proceedings of the IEEE International Conference on Web Services
Expressing and Reasoning about Service Contracts in Service-Oriented Computing
ICWS '06 Proceedings of the IEEE International Conference on Web Services
Modeling Non-Functional Aspects in Service Oriented Architecture
SCC '06 Proceedings of the IEEE International Conference on Services Computing
Specifying Dynamic Security Properties of Web Service Based Systems
SKG '06 Proceedings of the Second International Conference on Semantics, Knowledge, and Grid
MiniMAO1: an imperative core language for studying aspect-oriented reasonings
Science of Computer Programming - Special issue: Foundations of aspect-oriented programming
Privacy and Utility in Business Processes
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Modular verification of higher-order methods with mandatory calls specified by model programs
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
A theory of contracts for web services
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
How to Trust a Web Service Monitor Deployed in an Untrusted Environment?
NWESP '07 Proceedings of the Third International Conference on Next Generation Web Services Practices
Semantics-Based Design for Secure Web Services
IEEE Transactions on Software Engineering
XPi: A typed process calculus for XML messaging
Science of Computer Programming
Ptolemy: A Language with Quantified, Typed Events
ECOOP '08 Proceedings of the 22nd European conference on Object-Oriented Programming
Tisa: Toward Trustworthy Services in a Service-Oriented Architecture
IEEE Transactions on Services Computing
Towards a unifying theory for choreography conformance and contract compliance
SC'07 Proceedings of the 6th international conference on Software composition
Proceedings of the tenth international conference on Aspect-oriented software development
On exceptions, events and observer chains
Proceedings of the 12th annual international conference on Aspect-oriented software development
| Hi-index | 0.00 |
Web services are distributed software components, that are decoupled from each other using interfaces with specified functional behaviors. However, such behavioral specifications are insufficient to demonstrate compliance with certain temporal non-functional policies. An example is demonstrating that a patient's health-related query sent to a health care service is answered only by a doctor (and not by a secretary). Demonstrating compliance with such policies is important for satisfying governmental privacy regulations. It is often necessary to expose the internals of the web service implementation for demonstrating such compliance, which may compromise modularity. In this work, we provide a language design that enables such demonstrations, while hiding majority of the service's source code. The key idea is to use greybox specifications to allow service providers to selectively hide and expose parts of their implementation. The overall problem of showing compliance is then reduced to two subproblems: whether the desired properties are satisfied by the service's greybox specification, and whether this greybox specification is satisfied by the service's implementation. We specify policies using LTL and solve the first problem by model checking. We solve the second problem by refinement techniques.