{"title":"面向服务体系结构中的高效动态策略监控","authors":"Hakan Hacıgümüş","doi":"10.1109/APSCC.2008.195","DOIUrl":null,"url":null,"abstract":"We focus on dynamic monitoring of security and privacy policies in service oriented architectures (SOAs) based systems. In a service oriented system both the internal and the external services may easily interact with each other, which makes the establishment and the enforcement of the privacy policies and the rules across the systems increasingly challenging. We introduce efficient and flexible methods for auditing such systems by leveraging the middleware platform capabilities. The auditing methods allow for two different types of audits, the static audits and the dynamic audits. The static audits find out whether a process pattern that is defined by the audit has been executed in the system. The dynamic audits, however, find out on-the-fly whether any of the system policies are being violated as the service process flows are still in execution in the system. We also present the effectiveness of the dynamic monitoring that we have developed to support demanding requirements of the dynamic audits.","PeriodicalId":437766,"journal":{"name":"IEEE Asia-Pacific Services Computing Conference","volume":"220 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Efficient Dynamic Policy Monitoring in Service Oriented Architectures\",\"authors\":\"Hakan Hacıgümüş\",\"doi\":\"10.1109/APSCC.2008.195\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We focus on dynamic monitoring of security and privacy policies in service oriented architectures (SOAs) based systems. In a service oriented system both the internal and the external services may easily interact with each other, which makes the establishment and the enforcement of the privacy policies and the rules across the systems increasingly challenging. We introduce efficient and flexible methods for auditing such systems by leveraging the middleware platform capabilities. The auditing methods allow for two different types of audits, the static audits and the dynamic audits. The static audits find out whether a process pattern that is defined by the audit has been executed in the system. The dynamic audits, however, find out on-the-fly whether any of the system policies are being violated as the service process flows are still in execution in the system. We also present the effectiveness of the dynamic monitoring that we have developed to support demanding requirements of the dynamic audits.\",\"PeriodicalId\":437766,\"journal\":{\"name\":\"IEEE Asia-Pacific Services Computing Conference\",\"volume\":\"220 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Asia-Pacific Services Computing Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/APSCC.2008.195\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Asia-Pacific Services Computing Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/APSCC.2008.195","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Efficient Dynamic Policy Monitoring in Service Oriented Architectures
We focus on dynamic monitoring of security and privacy policies in service oriented architectures (SOAs) based systems. In a service oriented system both the internal and the external services may easily interact with each other, which makes the establishment and the enforcement of the privacy policies and the rules across the systems increasingly challenging. We introduce efficient and flexible methods for auditing such systems by leveraging the middleware platform capabilities. The auditing methods allow for two different types of audits, the static audits and the dynamic audits. The static audits find out whether a process pattern that is defined by the audit has been executed in the system. The dynamic audits, however, find out on-the-fly whether any of the system policies are being violated as the service process flows are still in execution in the system. We also present the effectiveness of the dynamic monitoring that we have developed to support demanding requirements of the dynamic audits.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
