Finding secure compositions of software services: Towards a pattern based approach

Article English OPEN
Pino, L. ; Spanoudakis, G. (2012)

In service based systems, there is often a need to replace services at runtime as they become either unavailable or they no longer meet required quality or security properties. In such cases, it is often necessary to build compositions of services that can replace a problematic service because no single service with a sufficient match to it can be located. In this paper, we present an approach for building compositions of services that can preserve required security properties. Our approach is based on the use of secure composition patterns which are applied in connection with basic discovery mechanisms to build secure service compositions.
  • References (17)
    17 references, page 1 of 2

    [1] A. Zisman, K. Mahbub and G. Spanoudakis, “A service discovery framework based on linear composition,” in Proc. IEEE Int. Service Computing Conference (SCC 2007), pp.536-543, 2007

    [2] F. Lécué, E. Silva and L. F. Pires, “A framework for dynamic web services composition,” in Proc. 2nd ECOWS Work. on Emerging Web Services Technology (WEWST07), 2007.

    [3] W. M. P. Van Der Aalst et al., “Workflow patterns,” Distrib. Parallel Databases 12(1): 5-51, 2003.

    [4] ASSERT4SOA Project, “D5.1- Formal models and model composition,” 2011.

    [5] J. McCarthy and P. Hayes, “Some philosophical problems from the standpoint of artificial intelligence,” in B. Meltzer and D. Michie, editors, Machine Intelligence, 4:463-502, 1969.

    [6] M. Deubler, J. Grünbauer, J. Jürjens and G. Wimmel, “Sound development of secure service-based systems,” in Proc. of the 2nd Int. Conf. on Service oriented computing (ICSOC '04), pp. 115-124, 2004.

    [7] Jing Dong, Tu Peng and Yajing Zhao, “Automated verification of security pattern compositions,” Inf. Softw. Techn. 52(3):274- 295, 2010.

    [8] M. Bartoletti, P. Degano and G. L. Ferrari, “Enforcing secure service composition,” 18th Work. on Computer Security Foundations, 2005.

    [9] M. Lelarge, Z. Liu and A. Riabov, “Automatic composition of secure workflows,” in Proc. of ATC'2006, 2006.

    [10] B. Carminati, et al., “Security conscious web service composition,” in Proc. of the Int. Conf. on Web Services (ICWS), 2006.

  • Metrics
    No metrics available
Share - Bookmark