The formal semantics of programming languages: an introduction
The formal semantics of programming languages: an introduction
A symbolic semantics for the &pgr;-calculus
Information and Computation
ACM Transactions on Information and System Security (TISSEC)
Model checking security properties of control flow graphs
Journal of Computer Security
TAPSOFT '87/CAAP '87 Proceedings of the International Joint Conference on Theory and Practice of Software Development, Volume 1: Advanced Seminar on Foundations of Innovative Software Development I and Colloquium on Trees in Algebra and Programming
Synthesis of Local Controller Programs for Enforcing Global Security Properties
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Contract-Driven Implementation of Choreographies
Trustworthy Global Computing
Trustworthy Global Computing
A theory of contracts for Web services
ACM Transactions on Programming Languages and Systems (TOPLAS)
Local policies for resource usage analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
Planning and verifying service composition
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Types and Effects for resource usage analysis
FOSSACS'07 Proceedings of the 10th international conference on Foundations of software science and computational structures
Synthesis of web services orchestrators in a timed setting
WS-FM'07 Proceedings of the 4th international conference on Web services and formal methods
Foundations of security analysis and design IV
Choreography and orchestration: a synergic approach for system design
ICSOC'05 Proceedings of the Third international conference on Service-Oriented Computing
History-based access control with local policies
FOSSACS'05 Proceedings of the 8th international conference on Foundations of Software Science and Computation Structures
Hi-index | 0.03 |
Service Oriented Computing (SOC) is a programming paradigm aiming at characterising Service Networks. Services are entities waiting for clients requests and they often result from the composition of many services. We address here the problem of statically guaranteeing security of open services, i.e. services with unknown components. Security constraints are expressed by local policies that service components must obey. We present here a type and effect system that safely over-approximates, in the form of history expressions, the possible run-time behaviour of open services, collecting partial information on the behaviours of their components. From a history expression, we then extract a plan that drives executions that never rise security violations. Finally, we show how partial plans satisfying security requirements can be put together to obtain a safe orchestration plan.