面向服务的应用程序中安全策略的操作模型

2011 IEEE 2nd International Conference on Software Engineering and Service Science Pub Date : 2011-07-15 DOI:10.1109/ICSESS.2011.5982244

Zhang Yuan, S. Meng

{"title":"面向服务的应用程序中安全策略的操作模型","authors":"Zhang Yuan, S. Meng","doi":"10.1109/ICSESS.2011.5982244","DOIUrl":null,"url":null,"abstract":"We use a scenario-based visual notation, called Policy Sequence Chart (PSC), for specifying security policies in service coordination. A security policy defines a set of security requirements that correspond to permissions, prohibitions and obligations to some executions when some contextual conditions are satisfied. In this paper, we propose an approach of defining operational semantics of PSCs in terms of constraint automata, which can be used as the semantic foundation for checking compliance between service coordination and the security policies.","PeriodicalId":108533,"journal":{"name":"2011 IEEE 2nd International Conference on Software Engineering and Service Science","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An operational model of security policies in Service-Oriented Applications\",\"authors\":\"Zhang Yuan, S. Meng\",\"doi\":\"10.1109/ICSESS.2011.5982244\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We use a scenario-based visual notation, called Policy Sequence Chart (PSC), for specifying security policies in service coordination. A security policy defines a set of security requirements that correspond to permissions, prohibitions and obligations to some executions when some contextual conditions are satisfied. In this paper, we propose an approach of defining operational semantics of PSCs in terms of constraint automata, which can be used as the semantic foundation for checking compliance between service coordination and the security policies.\",\"PeriodicalId\":108533,\"journal\":{\"name\":\"2011 IEEE 2nd International Conference on Software Engineering and Service Science\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-07-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 IEEE 2nd International Conference on Software Engineering and Service Science\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSESS.2011.5982244\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE 2nd International Conference on Software Engineering and Service Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSESS.2011.5982244","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

我们使用一种基于场景的可视化符号，称为策略序列图(PSC)，用于指定服务协调中的安全策略。安全策略定义了一组安全需求，当满足某些上下文条件时，这些需求对应于某些执行的许可、禁止和义务。本文提出了一种基于约束自动机的psc操作语义定义方法，该方法可作为检查服务协调与安全策略遵从性的语义基础。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An operational model of security policies in Service-Oriented Applications

We use a scenario-based visual notation, called Policy Sequence Chart (PSC), for specifying security policies in service coordination. A security policy defines a set of security requirements that correspond to permissions, prohibitions and obligations to some executions when some contextual conditions are satisfied. In this paper, we propose an approach of defining operational semantics of PSCs in terms of constraint automata, which can be used as the semantic foundation for checking compliance between service coordination and the security policies.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2011 IEEE 2nd International Conference on Software Engineering and Service Science

自引率

0.00%

发文量