Advertisement

Securing Web Service Compositions: Formalizing Authorization Policies Using Event Calculus

  • Mohsen Rouached
  • Claude Godart
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4294)

Abstract

This paper presents a formal model for composing security policies dynamically to cope with changes in requirements or occurrences of events. We address one particular issue – that of authorization within a Web services composition. In particular, we propose a dynamic authorization model which allows for complex authorization policies whilst ensuring trust and privacy between the components services.

References

  1. 1.
    Charfi, A., Mezini, M.: Aspect-oriented web service composition with ao4bpel. In: Zhang, L.-J., Jeckle, M. (eds.) ECOWS 2004. LNCS, vol. 3250, pp. 168–182. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. 2.
    Geer, D.: Taking steps to secure web services. IEEE Computer 36(10), 14–16 (2003)Google Scholar
  3. 3.
    Hung, P., Ferrari, E., Carminati, B.: Towards standardized web services privacy technologies. In: Proc of the IEEE International Conference on Web Services (ICWS 2004), San Diego, CA, USA (July 2004)Google Scholar
  4. 4.
    Koshutanski, H., Massacci, F.: An access control framework for business processes for web services. In: XMLSEC 2003: Proceedings of the 2003 ACM workshop on XML security, pp. 15–24. ACM Press, New York (2003)CrossRefGoogle Scholar
  5. 5.
    Kowalski, R., Sergot, M.J.: A logic-based calculus of events. New generation Computing 4(1), 67–95 (1986)CrossRefGoogle Scholar
  6. 6.
    Moses, T.: Extensible access control markup language (xacml) version 2.0 3 (February 2005)Google Scholar
  7. 7.
    Tatsubori, M., Imamura, T., Nakamura, Y.: Best-practice patterns and tool support for configuring secure web services messaging. In: ICWS 2004: Proceedings of the IEEE International Conference on Web Services (ICWS 2004), Washington, DC, USA, p. 244. IEEE Computer Society, Los Alamitos (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Mohsen Rouached
    • 1
  • Claude Godart
    • 1
  1. 1.LORIA-INRIA-UMR 7503Vandœuvre-les-Nancy CedexFrance

Personalised recommendations