ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Cooperative Aspect Oriented Programming for executable business processes
PESOS '09 Proceedings of the 2009 ICSE Workshop on Principles of Engineering Service Oriented Systems
Monitoring BPEL-Based Web Service Composition Using AOP
ICIS '09 Proceedings of the 2009 Eigth IEEE/ACIS International Conference on Computer and Information Science
A Web Service Architecture for Enforcing Access Control Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
An integrated approach for identity and access management in a SOA context
Proceedings of the 16th ACM symposium on Access control models and technologies
A novel aspect-oriented BPEL framework for the dynamic enforcement of web services security
International Journal of Web and Grid Services
Hi-index | 0.00 |
Web services technology is the latest evolution in distributed computing. With all of the advantages of web services, one of the main hurdles remains security in composite web services. In this paper, we tackle this problem through a new approach towards the integration of security into the BPEL Business Process Execution Language process of composite web services. Our approach allows specifying the XACML eXtensible Access Control Markup Language policies that determine join points in a BPEL process where security is needed. Subsequently, BPEL flows with the needed security are generated into AspectBPEL security aspects to be weaved in the aforementioned process. The main contributions of our approach are: a describing dynamic security policies using a standard language XACML, b generating automatically the AspectBPEL aspects of the XACML policies and c separating the business and security concerns of composite web services, hence developing and updating them separately at the BPEL side.