Foundation for Fine-Grained Security and DRM Control Based on a Service Call Graph Context Identification

Su, Ziyi; Biennier, Frédérique

doi:10.1007/978-3-319-09492-2_14

Foundation for Fine-Grained Security and DRM Control Based on a Service Call Graph Context Identification

Ziyi Su¹⁰ &
Frédérique Biennier¹¹

Conference paper
First Online: 01 January 2014

1006 Accesses

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 190))

Abstract

Maintaining service/data providers’ protection requirements in a dynamic service composition context requires a collaborative business process slicing method to capture the assets derivation pattern. Based on a brief discussion of sub-context modes in collaborative enterprise scenarios, we propose a service composition context identification method with Service Call Graph (SCG) model, extending the System Dependency Graph, to describe dependencies among partners in a business process. This graph is then analyzed to group partners into sub-context thanks to asset-based and request-based slicing strategies. By this way, downstream consumers’ security profile can be compared with upstream asset providers’ policies so that security requirements can be fulfilled.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

Bussard, L., Neven, G., Preiss, F.-S.: Downstream usage control. In: 11th IEEE International Symposium on Policies for Distributed Systems and Networks, pp. 22–29. IEEE Computer Society, Washington, DC (2010)
Google Scholar
Daniele, C., Giles, H.: Cloud computing: benefits, risks and recommendations for information security. Technical report, European Network and Information Security Agency (2009)
Google Scholar
GrammaTech.: Dependence graphs and program slicing-codesurfer technology overview. Technical report, GrammaTech Inc.
Google Scholar
Gu, L., Ding, X., Deng, R.H., Xie, B., Mei, H.: Remote attestation on program execution. In: 3rd ACM Workshop on Scalable Trusted Computing, pp. 11–20. ACM, New York (2008)
Google Scholar
Kagal, L., Abelson, H.: Access control is an inadequate framework for privacy protection. In: W3C Privacy Workshop. W3C (2010)
Google Scholar
Linda, B.B., Richard, C., Kristin, L., Ric, T., Mark, E.: The evolving role of IT managers and CIOs–findings from the 2010 IBM global IT risk study. Technical report, IBM (2010)
Google Scholar
OASIS: eXtensible Access Control Markup Language (XACML) version 2.0 (2005). http://docs.oasis-open.org/xacml/2.0/
OASIS: Web Services Business Process Execution Language (WS-BPEL) (2007). http://docs.oasis-open.org/wsbpel/2.0/wsbpel-v2.0.html
Park, J., Sandhu, R.: Originator control in usage control. In: 3rd International Workshop on Policies for Distributed Systems and Networks, pp. 60–66. IEEE Computer Society, Washington, DC (2002)
Google Scholar
Su, Z., Biennier, F.: End-to-end security policy description and management for collaborative system. In: 6th International Conference on Information Assurance and Security, pp. 137–142 (2010)
Google Scholar
Su, Z., Biennier, F.: Toward comprehensive security policy governance in collaborative enterprise. In: Frick, J., Laugen, B.T. (eds.) APMS 2011. IFIP AICT, vol. 384, pp. 350–358. Springer, Heidelberg (2012)
Google Scholar
Su, Z., Biennier, F.: Service Call Graph (SCG)-information flow analysis in Web service composition. In: 15th International Conference on Enterprise Information Systems, pp. 17–24. SciTePress (2013)
Google Scholar
Zhang, X., Li, Y., Nalla, D.: An attribute-based access matrix model. In: 20th ACM Symposium on Applied Computing, pp. 359–363. ACM, Santa Fe, NM (2005)
Google Scholar
Zhao, J., Rinard, M.: System dependence graph construction for aspect-oriented programs. Technical report MIT-LCS-TR-891, Laboratory for Computer Science. MIT (2003)
Google Scholar

Download references

Acknowledgements

This work is supported by “the Fundamental Research Funds for the Central Universities” under grant Number 12QNJJ025.

Author information

Authors and Affiliations

Department of Computer Science and Information Technology, Northeast Normal University, Changchun, China
Ziyi Su
Lab. LIRIS CNRS, INSA-lyon, Avenue Albert Einstein, Villeurbanne, France
Frédérique Biennier

Authors

Ziyi Su
View author publications
You can also search for this author in PubMed Google Scholar
Frédérique Biennier
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ziyi Su .

Editor information

Editors and Affiliations

Groupe ESEO, Angers, France
Slimane Hammoudi
Polytechnic Institute of Setúbal, Setúbal, Portugal & INSTICC, Setúbal, Portugal
José Cordeiro
Wroclaw University of Economics, Wroclaw, Poland & Macquarie University, Sydney, NSW, Australia
Leszek A. Maciaszek
Polytechnic Institute of Setúbal, Setúbal, Portugal & INSTICC, Setúbal, Poland
Joaquim Filipe

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Su, Z., Biennier, F. (2014). Foundation for Fine-Grained Security and DRM Control Based on a Service Call Graph Context Identification. In: Hammoudi, S., Cordeiro, J., Maciaszek, L., Filipe, J. (eds) Enterprise Information Systems. ICEIS 2013. Lecture Notes in Business Information Processing, vol 190. Springer, Cham. https://doi.org/10.1007/978-3-319-09492-2_14

Download citation

DOI: https://doi.org/10.1007/978-3-319-09492-2_14
Published: 25 July 2014
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-09491-5
Online ISBN: 978-3-319-09492-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics