F. Lins, J. Damasceno, Bruno Silva, Robson W. A. Medeiros, Andre R. R. Souza, Fabricio Teles, David Aragão, E. Sousa, N. Rosa, Bryan Stephenson, H. M. Nezhad, Jun Yu Li
{"title":"探讨在web服务组合中设计和实施安全性的方法","authors":"F. Lins, J. Damasceno, Bruno Silva, Robson W. A. Medeiros, Andre R. R. Souza, Fabricio Teles, David Aragão, E. Sousa, N. Rosa, Bryan Stephenson, H. M. Nezhad, Jun Yu Li","doi":"10.1504/IJWET.2012.050966","DOIUrl":null,"url":null,"abstract":"Modelling and enforcing security requirements is an important but challenging task in web service composition. However, the explicit treatment of security requirements is challenging for many reasons: diversity of security background of involved stakeholders, absence or complexity of notations to express security requirements, complexity of mapping security requirements into security mechanisms and enforcing them at runtime. Existing work often delays considering the security requirements until the implementation and execution. We present an approach to design and enforce security in web service composition. By adopting the proposed approach, security requirements are incorporated during the business process definition and service composition code generation, and enforced at runtime. The proposed approach is supported by a set of tools that allows annotating business processes with security requirements, refining the security annotated business process and enforcing security annotations at execution time. We showcase an illustrative application to demonstrate the proposed approach and developed tools.","PeriodicalId":396746,"journal":{"name":"Int. J. Web Eng. Technol.","volume":"45 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Towards an approach to design and enforce security in web service composition\",\"authors\":\"F. Lins, J. Damasceno, Bruno Silva, Robson W. A. Medeiros, Andre R. R. Souza, Fabricio Teles, David Aragão, E. Sousa, N. Rosa, Bryan Stephenson, H. M. Nezhad, Jun Yu Li\",\"doi\":\"10.1504/IJWET.2012.050966\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Modelling and enforcing security requirements is an important but challenging task in web service composition. However, the explicit treatment of security requirements is challenging for many reasons: diversity of security background of involved stakeholders, absence or complexity of notations to express security requirements, complexity of mapping security requirements into security mechanisms and enforcing them at runtime. Existing work often delays considering the security requirements until the implementation and execution. We present an approach to design and enforce security in web service composition. By adopting the proposed approach, security requirements are incorporated during the business process definition and service composition code generation, and enforced at runtime. The proposed approach is supported by a set of tools that allows annotating business processes with security requirements, refining the security annotated business process and enforcing security annotations at execution time. We showcase an illustrative application to demonstrate the proposed approach and developed tools.\",\"PeriodicalId\":396746,\"journal\":{\"name\":\"Int. J. Web Eng. Technol.\",\"volume\":\"45 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Int. J. Web Eng. Technol.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1504/IJWET.2012.050966\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Web Eng. Technol.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/IJWET.2012.050966","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards an approach to design and enforce security in web service composition
Modelling and enforcing security requirements is an important but challenging task in web service composition. However, the explicit treatment of security requirements is challenging for many reasons: diversity of security background of involved stakeholders, absence or complexity of notations to express security requirements, complexity of mapping security requirements into security mechanisms and enforcing them at runtime. Existing work often delays considering the security requirements until the implementation and execution. We present an approach to design and enforce security in web service composition. By adopting the proposed approach, security requirements are incorporated during the business process definition and service composition code generation, and enforced at runtime. The proposed approach is supported by a set of tools that allows annotating business processes with security requirements, refining the security annotated business process and enforcing security annotations at execution time. We showcase an illustrative application to demonstrate the proposed approach and developed tools.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
