Orchestration under Security Constraints

  • Yannick Chevalier
  • Mohamed Anis Mekki
  • Michaël Rusinowitch
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6957)


Automatic composition of web services is a challenging task. Many works have considered simplified automata models that abstract away from the structure of messages exchanged by the services. For the domain of secured services (using e.g. digital signing or timestamping) we propose a novel approach to automated composition of services based on their security policies. Given a community of services and a goal service, we reduce the problem of composing the goal from services in the community to a security problem where an intruder should intercept and redirect messages from the service community and a client service till reaching a satisfying state. We have implemented the algorithm in AVANTSSAR Platform [5] and applied the tool to several case studies.


Service Composition Horn Clause Communication Step Security Constraint Composition Problem 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    AVANTSSAR. Deliverable 2.1: Requirements for modelling and ASLan v.1 (2008),
  2. 2.
    AVANTSSAR. Deliverable 2.3: ASLan final version with dynamic service and policy composition (2010),
  3. 3.
    AVANTSSAR. Deliverable 5.1: Problem cases and their trust and security requirements (2008),
  4. 4.
    AVANTSSAR. Deliverable 5.4: Assessment of the AVANTSSAR Validation Platform (2010),
  5. 5.
    AVANTSSAR. AVANTSSAR Platform (2010),
  6. 6.
    Armando, A., et al.: The Avispa Tool for the automated validation of internet security protocols and applications,
  7. 7.
    AVISPA Deliverable 2.3: The Intermediate Format (2003),
  8. 8.
    Berardi, D., Calvanese, D., De Giacomo, G., Lenzerini, M., Mecella, M.: Automatic Composition of E-services That Export Their Behavior. In: Orlowska, M.E., Weerawarana, S., Papazoglou, M.P., Yang, J. (eds.) ICSOC 2003. LNCS, vol. 2910, pp. 43–58. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Berardi, D., Calvanese, D., De Giacomo, G., Hull, R., Mecella, M.: Automatic composition of transition-based semantic web services with messaging. In: Proceedings of the 31st International Conference on Very Large Data Bases, Trondheim, Norway, August 30 - September 2, pp. 613–624. ACM, New York (2005)Google Scholar
  10. 10.
    Bultan, T., Su, J., Fu, X.: Analyzing conversations of Web services. In: Proceedings of the Internet Computing, pp. 18–25. IEEE, Los Alamitos (2006)Google Scholar
  11. 11.
    Bultan, T., Fu, X., Hull, R., Su, J.: Conversation specification: a new approach to design and analysis of e-service composition. In: Proceedings of the International Conference on World Wide Web, WWW 2003, pp. 403–410 (2003)Google Scholar
  12. 12.
    Colombo, M., Di Nitto, E., Mauri, M.: SCENE: A Service Composition Execution Environment Supporting Dynamic Changes Disciplined Through Rules. In: Dan, A., Lamersdorf, W. (eds.) ICSOC 2006. LNCS, vol. 4294, pp. 191–202. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Dolev, D., Yao, A.: On the Security of Public-Key Protocols. IEEE Transactions on Information Theory 2(29) (1983)Google Scholar
  14. 14.
    McAllester, D.A.: Automatic Recognition of Tractability in Inference Relations. Journal of the ACM 40, 284–303 (1993)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Monfroy, E., Perrin, O., Ringeissen, C.: Dynamic Web Services Provisioning with Constraints. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part I. LNCS, vol. 5331, pp. 26–43. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  16. 16.
    Oasis Technical Comittee on Secure Exchange. Ws-securitypolicy 1.2 (2007),
  17. 17.
    Pistore, M., Marconi, A., Bertoli, P., Traverso, P.: Automated Composition of Web Services by Planning at the Knowledge Level. In: International Joint Conference on Artificial Intelligence, IJCAI (2005)Google Scholar
  18. 18.
    Sheth, A.P., Kashyap, V.: So far (schematically) yet so near (semantically). In: Hsiao, D.K., Neuhold, E.J., Sacks-Davis, R. (eds.) DS-5. IFIP Transactions, vol. A-25, pp. 283–312. North-Holland, Amsterdam (1992)Google Scholar
  19. 19.
    World Wide Web Consortium. Simple Object Access Protocol 1.2 (April 2007),
  20. 20.
    Rusinowitch, M., Turuani, M.: Protocol insecurity with finite number of sessions is NP-complete. In: Proc.14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia (June 2001)Google Scholar
  21. 21.
    Turuani, M.: The CL-Atse Protocol Analyser. In: Pfenning, F. (ed.) RTA 2006. LNCS, vol. 4098, pp. 277–286. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  22. 22.
    Oasis Consortium. Web Services Business Process Execution Language Version 2.0. (January 23, 2006),
  23. 23.
    World Wide Web Consortium. Web Services Description Language (WSDL) 1.1 (March 15, 2001),,
  24. 24.
    Wu, Z., Gomadam, K., Ranabahu, A., Sheth, A., Miller, J.: Automatic Composition of Semantic Web Services Using Process Mediation. In: ICEIS, vol. (4), pp. 453–462 (2007)Google Scholar
  25. 25.
    World Wide Web Consortium. XML Path Language (XPath) 2.0. (January 23, 2007),
  26. 26.
    World Wide Web Consortium. XML Schema Definition (XSD) (March 2005),

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Yannick Chevalier
    • 1
  • Mohamed Anis Mekki
    • 1
  • Michaël Rusinowitch
    • 1
  1. 1.LORIA & INRIA Nancy Grand EstFrance

Personalised recommendations