Towards an approach to design and enforce security in web service composition

Authors:
Fernando Lins;Julio Damasceno;Bruno Silva;Robson Medeiros;Andre Souza;Fabricio Teles;David Aragao;Erica Sousa;Nelson Rosa;Bryan Stephenson;Hamid Motahari-Nezhad;Jun Li
Affiliations:
Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitá/ria, Recife, PE, 50740560 Brazil/ Department of Statistics and Informatics, Federal Ru ...;Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitá/ria, Recife, PE, 50740560 Brazil/ Department of Statistics and Informatics, Federal Ru ...;Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitá/ria, Recife, PE, 50740-560 Brazil.;Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitá/ria, Recife, PE, 50740560 Brazil/ Department of Statistics and Informatics, Federal Ru ...;Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitá/ria, Recife, PE, 50740560 Brazil.;Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitá/ria, Recife, PE, 50740560 Brazil.;Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitá/ria, Recife, PE, 50740560 Brazil.;Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitá/ria, Recife, PE, 50740560 Brazil.;Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitá/ria, Recife, PE, 50740560 Brazil.;HP Labs Palo Alto, 1501 Page Mill Rd, Palo Alto, CA 94304, USA.;HP Labs Palo Alto, 1501 Page Mill Rd, Palo Alto, CA 94304, USA.;HP Labs Palo Alto, 1501 Page Mill Rd, Palo Alto, CA 94304, USA
Venue:
International Journal of Web Engineering and Technology
Year:
2012

Citing 15
Cited 0

Using Aspects for Security Engineering of Web Service Compositions

ICWS '05 Proceedings of the IEEE International Conference on Web Services
Model driven security: From UML models to access control infrastructures

ACM Transactions on Software Engineering and Methodology (TOSEM)
Security Conscious Web Service Composition

ICWS '06 Proceedings of the IEEE International Conference on Web Services
Dynamic Weaving of Security Aspects in Service Composition

SOSE '06 Proceedings of the Second IEEE International Symposium on Service-Oriented System Engineering
A BPMN Extension for the Modeling of Security Requirements in Business Processes

IEICE - Transactions on Information and Systems
Defining Secure Business Processes with Respect to Multiple Objectives

ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Objective Types for the Valuation of Secure Business Processes

ICIS '08 Proceedings of the Seventh IEEE/ACIS International Conference on Computer and Information Science (icis 2008)
Ontology-Based Security Policies for Supporting the Management of Web Service Business Processes

ICSC '08 Proceedings of the 2008 IEEE International Conference on Semantic Computing
Security Specification at Process Level

SCC '08 Proceedings of the 2008 IEEE International Conference on Services Computing - Volume 1
Access Control for Human Tasks in Service Oriented Architecture

ICEBE '08 Proceedings of the 2008 IEEE International Conference on e-Business Engineering
Quality-Driven Business Policy Specification and Refinement for Service-Oriented Systems

ICSOC '08 Proceedings of the 6th International Conference on Service-Oriented Computing
Model-driven business process security requirement specification

Journal of Systems Architecture: the EUROMICRO Journal
Security Conscious Web Service Composition with Semantic Web Support

ICDEW '07 Proceedings of the 2007 IEEE 23rd International Conference on Data Engineering Workshop
From business process models to process-oriented software systems

ACM Transactions on Software Engineering and Methodology (TOSEM)
The Service Security Lab: A Model-Driven Platform to Compose and Explore Service Security in the Cloud

SERVICES '10 Proceedings of the 2010 6th World Congress on Services

Quantified Score

Hi-index	0.00

Visualization

Abstract

Modelling and enforcing security requirements is an important but challenging task in web service composition. However, the explicit treatment of security requirements is challenging for many reasons: diversity of security background of involved stakeholders, absence or complexity of notations to express security requirements, complexity of mapping security requirements into security mechanisms and enforcing them at runtime. Existing work often delays considering the security requirements until the implementation and execution. We present an approach to design and enforce security in web service composition. By adopting the proposed approach, security requirements are incorporated during the business process definition and service composition code generation, and enforced at runtime. The proposed approach is supported by a set of tools that allows annotating business processes with security requirements, refining the security annotated business process and enforcing security annotations at execution time. We showcase an illustrative application to demonstrate the proposed approach and developed tools.