Security Conscious Web Service Composition
ICWS '06 Proceedings of the IEEE International Conference on Web Services
Business Process Execution Language for Web Services BPEL and BPEL4WS 2nd Edition
Business Process Execution Language for Web Services BPEL and BPEL4WS 2nd Edition
One time passwords in everything (OPIE): experiences with building and using stronger authentication
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Digital ecosystems: evolving service-orientated architectures
Proceedings of the 1st international conference on Bio inspired models of network, information and computing systems
Automatic Composition of Services with Security Policies
SERVICES '08 Proceedings of the 2008 IEEE Congress on Services - Part I
Hi-index | 0.00 |
Service ecosystems provide distributed evolutionary capabilities allowing services to recombine and evolve in sustainable environments. Web services play a crucial role in service ecosystems since they support interoperable machine-to-machine interactions and help in developing new services from existing services by using a variety of composition languages. Business Process Execution Language (BPEL) has recently emerged as the de-facto standard for Web service composition. From the security perspective, Web service providers may require different authentication mechanisms to securely invoke their services. The integration of different authentication mechanisms complicates the global authentication scheme of BPEL-based processes and raises a challenge in adopting BPEL in service ecosystems. In this work, we propose the Security Service concept to define activity single sign-on (ASSO) for federated identify-based authentication. The Security Service allows the integration of heterogeneous authentication mechanisms in the context of multiple service providers. We also extend the activity to ensure non-intrusive extension of BPEL language and implement the Security Service in a peer-to-peer network.