Abstract
We present an approach to deploying a security property life cycle management mechanism for secure service composition. A Security Property Determination Module component is introduced that forms part of the Aniketos project, in the context of a case study relating to an online payment system that has been developed using real services deployed within the Activiti BPMN service process engine. Both the theory behind the implementation as well as the implementation itself will be discussed, along with the lessons learnt and the potential for future improvements to the lifecycle mechanism. The mechanism integrates tightly with the verification processes of the Aniketos platform. It also allows the security property lifecycle to be managed at run-time without user intervention. The mechanism unifies the verification of imported properties and the digital signing and storage of properties associated with both atomic and composed services. These integrated capabilities form a novel approach discussed and situated in the context of the case study.
The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grant no 257930 (Aniketos). We would like to thank all partners for their helpful contributions to this work.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Rios, E. (ed.): Aniketos D1.5: Final Aniketos architecture and requirements specification. Aniketos Project (2013)
Neuhaus, S., Zimmermann, T.: Security trend analysis with CVE topic models. In: 2010 IEEE 21st International Symposium on Software Reliability Engineering, pp. 111–120 (2010)
Flizikowski, A., Majewski, M., Kowalczyk, Z., Romano, S.P.: Framework: applied security for heterogeneous networks. J. Telecommun. Inf. Technol. (2011)
Tian, H., Huang, L., Zhou, Z., Zhang, H.: Common vulnerability markup language. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846, pp. 228–240. Springer, Heidelberg (2003)
Armold, A.D., Hyla, B.M., Rowe, N.C.: Automatically building an information-security vulnerability database workshop on information assurance. In: IEEE Workshop on Information Assurance, pp. 376–377. United States Military Academy, West Point, NY (2006)
Dai, L., Cooper, K.: A survey of modelling and analysis approaches for architecting secure software systems. Int. J. Network Secur. 5, 187–198 (2007)
Amer, S.H., Humphries, M.J.W., Hamilton, J.A.: Survey: security in the system development life cycle. In: IEEE Workshop on Information Assurance. United States Military Academy, West Point, NY (2005)
Anisetti, M., Ardagna, C.A., Damiani, E.: Certifying security and privacy properties in the internet of services. In: Salgarelli, L., Bianchi, G., Blefari-Melazzi, N. (eds.) Trustworthy Internet, pp. 221–234. Springer, Milan (2011)
Anisetti, M., Ardagna, C.A., Damiani, E., Maggesi, J.: Security certification-aware service discovery and selection. In: Fifth IEEE International Conference on Service-Oriented Computing and Applications (SOCA 2012), pp. 1–8. IEEE, Taipei (2012)
Rudolph, M., Schwarz, R.: A critical survey of security indicator approaches. In: Seventh International Conference on Availability, Reliability and Security, pp. 291–300. IEEE, Prague (2012)
Weyns, D., Iftikhar, M.U., De la Iglesia, D.G., Ahmad, T.: A survey of formal methods in self-adaptive systems. In: Proceedings of the Fifth International C* Conference on Computer Science and Software Engineering - C3S2E’12. pp. 67–79. ACM Press, New York (2012)
Han, W., Lei, C.: A survey on policy languages in network and security management. Comput. Netw. 56, 477–489 (2012)
Jiao, D., Liu, L., Ma, S., Wang, X.: Research on security policy and framework. In: Second International Symposium on Networking and Network Security (ISNNS’10), pp. 214–217. Academy Publisher, Jinggangshan (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hoque, S., Rahim, A., Llewellyn-Jones, D., Merabti, M. (2013). Security Property Lifecycle Management for Secure Service Compositions. In: Felici, M. (eds) Cyber Security and Privacy. CSP 2013. Communications in Computer and Information Science, vol 182. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41205-9_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-41205-9_6
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41204-2
Online ISBN: 978-3-642-41205-9
eBook Packages: Computer ScienceComputer Science (R0)