Verification of relational tranducers for electronic commerce
PODS '00 Proceedings of the nineteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Relational transducers for electronic commerce
Journal of Computer and System Sciences - Special issue on the seventeenth ACM SIGACT-SIGMOD-SIGART symposium on principles of database systems
DATALOG with Constraints: A Foundation for Trust Management Languages
PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
Computing the Well-Founded Semantics for Constraint Extensions of Datalog
CDB '97 Second International Workshop on Constraint Database Systems, Constraint Databases and Their Applications
CADE-18 Proceedings of the 18th International Conference on Automated Deduction
Combining superposition, sorts and splitting
Handbook of automated reasoning
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Realizing Network Control Policies Using Distributed Action Plans
Journal of Network and Systems Management
Model-Theoretic Methods in Combined Constraint Satisfiability
Journal of Automated Reasoning
A model-checking approach to analysing organisational controls in a loan origination process
Proceedings of the eleventh ACM symposium on Access control models and technologies
Combining Nonstably Infinite Theories
Journal of Automated Reasoning
DKAL: Distributed-Knowledge Authorization Language
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Deciding Effectively Propositional Logic Using DPLL and Substitution Sets
IJCAR '08 Proceedings of the 4th international joint conference on Automated Reasoning
Modeling and Model Checking Web Services
Electronic Notes in Theoretical Computer Science (ENTCS)
Deciding Effectively Propositional Logic Using DPLL and Substitution Sets
Journal of Automated Reasoning
The role of abduction in declarative authorization policies
PADL'08 Proceedings of the 10th international conference on Practical aspects of declarative languages
SecPAL: Design and semantics of a decentralized authorization language
Journal of Computer Security - Digital Identity Management (DIM 2007)
Model checking of security-sensitive business processes
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
IJCAR'10 Proceedings of the 5th international conference on Automated Reasoning
Journal of Computer Security - STM'10
Hi-index | 0.00 |
Web services providing E-commerce capabilities to support business transactions over the Internet are more and more widespread. The development of such services involves several security issues ranging from authentication to the management of the access to shared resources according to a given business model. The capability of validating designs against fast evolving requirements is of paramount importance for the adaptation of business models to changing regulations and rapidly evolving market needs. So, techniques for the specification and automated analysis of web services to be used in security-sensitive applications are crucial in the development of these systems. In this paper, we propose an extension of the relational transducers introduced by Abiteboul, Vianu, Fordham, and Yesha for the specification of the transaction protocols of web services and their security properties. We investigate the decidability of relevant verification problems such as goal reachability (for the validation of use-case scenarios) and log validation (for detecting frauds) and provide sufficient conditions for their decidability. The extension we propose is two-fold. First, we add constraints to specify the algebraic structure of the resources manipulated by the transducers. Second, recursion is allowed (only) in policy rules to express important policy idioms such as delegation. Technically, decidability is obtained by a reduction to a decidable class of first-order formulae and fix-point computation to handle recursion.