ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Cooperative Aspect Oriented Programming for executable business processes
PESOS '09 Proceedings of the 2009 ICSE Workshop on Principles of Engineering Service Oriented Systems
Monitoring BPEL-Based Web Service Composition Using AOP
ICIS '09 Proceedings of the 2009 Eigth IEEE/ACIS International Conference on Computer and Information Science
A Web Service Architecture for Enforcing Access Control Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
An integrated approach for identity and access management in a SOA context
Proceedings of the 16th ACM symposium on Access control models and technologies
New XACML-AspectBPEL approach for composite web services security
International Journal of Web and Grid Services
| Hi-index | 0.00 |
In this paper, we propose a new framework for the dynamic enforcement of composite Web services security, which is based on a synergy between Aspect-Oriented Programming (AOP) and BPEL (Business Process Execution Language). This synergy is achieved through the elaboration of a new language called AspectBPEL, which is used to specify security policies as separate components, referred to as aspects, to be weaved systematically in a BPEL process. The injected aspects activate the security policies at runtime on specific join points. Our approach enjoys several additional features such as (1) separating the business and security concerns of composite Web services (2) allowing the update of security mechanisms of composite Web services at run time, (3) providing modularity for modelling cross-cutting concerns between Web services, (4) centralising some security measurements at the BPEL side and (5) providing a framework fully compatible with any BPEL engine regardless of the adopted development environment.