Securing web service compositions: formalizing authorization policies using event calculus

Authors:
Mohsen Rouached;Claude Godart
Affiliations:
LORIA-INRIA-UMR 7503, Vandœuvre-les-Nancy Cedex, France;LORIA-INRIA-UMR 7503, Vandœuvre-les-Nancy Cedex, France
Venue:
ICSOC'06 Proceedings of the 4th international conference on Service-Oriented Computing
Year:
2006

Citing 5
Cited 0

A logic-based calculus of events

New Generation Computing
An access control framework for business processes for web services

Proceedings of the 2003 ACM workshop on XML security
Towards Standardized Web Services Privacy Technologies

ICWS '04 Proceedings of the IEEE International Conference on Web Services
Best-Practice Patterns and Tool Support for Configuring Secure Web Services Messaging

ICWS '04 Proceedings of the IEEE International Conference on Web Services
Taking Steps to Secure Web Services

Computer

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents a formal model for composing security policies dynamically to cope with changes in requirements or occurrences of events. We address one particular issue – that of authorization within a Web services composition. In particular, we propose a dynamic authorization model which allows for complex authorization policies whilst ensuring trust and privacy between the components services.