Specification of Security Policy for Compliance Assessment of CBPs
The analysis of BPEL as a specification language in the former chapter has revealed the potential of violating security policy-implied restrictions to Web service invocation, in particular with respect to information flow of values passed to and returned from Web services. From the outset, one major aim was to define methods that support assessment of remotely defined business processes for compliance with security policies in force at the location of execution. This chapter introduces novel approaches to security policy enforcement based on the results presented in Chapter 4.
KeywordsBusiness Process Output Parameter Security Policy Conformance Testing Implementation Under Test
Unable to display preview. Download preview PDF.