From ASTD access control policies to WS-BPEL processes deployed in a SOA environment

Authors:
Michel Embe Jiague;Marc Frappier;Frédéric Gervais;Régine Laleau;Richard St-Denis
Affiliations:
GRIL, Département d'Informatique, Université de Sherbrooke, Sherbrooke, Québec, Canada and Université Paris-Est, LACL, IUT Sénart Fontainebleau, Département Informati ...;Université Paris-Est, LACL, IUT Sénart Fontainebleau, Département Informatique, Fontainebleau, France;GRIL, Département d'Informatique, Université de Sherbrooke, Sherbrooke, Québec, Canada;Université Paris-Est, LACL, IUT Sénart Fontainebleau, Département Informatique, Fontainebleau, France;GRIL, Département d'Informatique, Université de Sherbrooke, Sherbrooke, Québec, Canada
Venue:
WISS'10 Proceedings of the 2010 international conference on Web information systems engineering
Year:
2010

Citing 13
Cited 0

Statecharts: A visual formalism for complex systems

Science of Computer Programming
Communicating sequential processes

Communications of the ACM
A model of OASIS role-based access control and its support for active security

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible support for multiple access control policies

ACM Transactions on Database Systems (TODS)
Beyond separation of duty: an algebra for specifying high-level security policies

Proceedings of the 13th ACM conference on Computer and communications security
Sessions and Pipelines for Structured Service Programming

FMOODS '08 Proceedings of the 10th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
Enforcing Role-Based Access Control Policies in Web Services with UML and OCL

ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Security Types for Sessions and Pipelines

Web Services and Formal Methods
A process-algebraic approach to workflow specification and refinement

SC'07 Proceedings of the 6th international conference on Software composition
Dynamic enforcement of abstract separation of duty constraints

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Rodin: an open toolset for modelling and reasoning in Event-B

International Journal on Software Tools for Technology Transfer (STTT) - Special Section on VSTTE 2008
Systematic translation rules from ASTD to event-B

IFM'10 Proceedings of the 8th international conference on Integrated formal methods
Secrecy UML method for model transformations

ABZ'10 Proceedings of the Second international conference on Abstract State Machines, Alloy, B and Z

Quantified Score

Hi-index	0.01

Visualization

Abstract

Controlling access to Web services of public agencies as well as private corporations primarily depends on specification and deployment of functional security rules in order to satisfy strict regulations imposed by governments, particularly in financial and health sectors. This paper focuses on one aspect of the SELKIS and EB3SEC projects related to security of Web-based information systems, namely the automatic transformation of security rules, instantiated from security rule patterns written in a graphical notation with a denotational semantics close to statecharts, into WS-BPEL (or BPEL for short) processes. The latter are executed by a BPEL engine integrated into a policy decision point, a component of a policy enforcement manager similar to the one proposed in the XACML standard.