An aspect-based process container for BPEL
AOMD '05 Proceedings of the 1st workshop on Aspect oriented middleware development
Business processes for web services: principles and applications
IBM Systems Journal
AO4BPEL: An Aspect-oriented Extension to BPEL
World Wide Web
Enforcing security for desktop clients using authority aspects
Proceedings of the 8th ACM international conference on Aspect-oriented software development
A model-based aspect-oriented framework for building intrusion-aware software systems
Information and Software Technology
Multi-Level Secure Framework (MLSF) for composite web services
Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human
Incorporating Security Requirements into Service Composition: From Modelling to Execution
ICSOC-ServiceWave '09 Proceedings of the 7th International Joint Conference on Service-Oriented Computing
Security-aware web service composition approaches: state-of-the-art
Proceedings of the 13th International Conference on Information Integration and Web-based Applications and Services
Aspect-Oriented workflow languages
ODBASE'06/OTM'06 Proceedings of the 2006 Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, DOA, GADA, and ODBASE - Volume Part I
Towards an approach to design and enforce security in web service composition
International Journal of Web Engineering and Technology
The RBAC model and implementation architecture in multi-domain environment
Electronic Commerce Research
Hi-index | 0.00 |
Web service composition languages promise a cheap and effectivemeans for application integration over the Internet as in typical B2Binteraction scenarios. BPEL is the upcoming standard for web servicecomposition and several implementations of it are already available. However, for web service composition languages to keep theirpromises it is essential to provide more support for security. Companieswill embrace web service composition languages only if theirrequirements of confidentiality, integrity, authentication, etc. are fulfilled. In this paper, we look at security in web services compositions andpresent a framework for securing BPEL compositions using WS-Securityand WS-Policy. The main components of our framework are theprocess container implemented by a set of aspects in AO4BPEL, anaspectoriented extension to BPEL, the security service and the deployment descriptor. We also introduce the notion of policy-basedprocess deployment to check the compatibility of the security policiesof the composition and its partners at deployment time.