Analysis of Security-Relevant Semantics of BPEL
In this section, the results of an analysis of BPEL as a specification language will be presented. The purpose of this analysis was to identify the intrinsic potential of BPEL to specify business process behaviour that is able to violate restrictions imposed by security policies. These results form the basis for the methods and procedures for security policy assessment introduced in the next chapter. Readers familiar with syntax and semantics of BPEL as a specification language may skip the overview in Section 4.2.
KeywordsBusiness Process Security Policy Covert Channel Event Handler Fault Handler
Unable to display preview. Download preview PDF.