Orchestration under Security Constraints (original) (raw)
Related papers
A Platform for Secure and Trustworthy Service Composition
The Future Internet is moving from today's static services to an environment in which service consumers will transparently mix and match service components depending on service availability, quality, price and security attributes. This fact poses some challenges in terms of security and trustworthiness that should be guaranteed to the final users. In this paper, we present a platform for secure service design and composition based on the Activiti open-source workflow engine and Business Process Model and Notation (BPMN) extensions for expressing security needs over service specifications. The platform, developed in the realm of the Aniketos FP7 funded project, offers the capability to service designers and service providers to establish and maintain trustworthiness and secure behavior in today's constantly changing service environments. In order to demonstrate the validity of this approach, the use of the platform is shown in a real application scenario in which a security requirement on trustworthiness specified by design needs to be monitored and guaranteed during service execution.
Towards Automated Secure Web Service Execution
Lecture Notes in Computer Science, 2009
Existing solutions for authentication and authorization in Web services make use of technologies such as SAML or WS-Security. These provide a static solution by using a set of predefined protocols. We propose a semantic security protocol model from which security protocol specifications are generated and automatically executed by participants. The proposed model consists of a sequential component, implemented as a WSDL-S specification, and an ontology component, implemented as an OWL specification. The correctness of the proposed model is ensured by using a set of rules and algorithms for generating it based on a protocol model given by the user. We validate our approach by generating and implementing several specifications for existing protocols such as ISO9798 or Kerberos protocols.
Electronic Notes in Theoretical Computer Science, 2009
Composition of services is necessary for realizing complex tasks on the Web. It has been characterized either as a plan synthesis problem or as a software synthesis problem: given a goal and a set of Web services, generate a composition of the Web services that satisfies the goal. We propose algorithms for performing automated Web service composition. We also examine the composition of services from the perspective of computational complexity.
Secure Choreography of Cooperating Web Services
2005
The successful progress of the Web Services concept demands flexible ways for Web Services to cooperate and to jointly fulfill a task that is requested by a client. In some applications, the execution of the task is not completely specified beforehand, but could rather be referred to as "best effort". One example is information searches. A flexible invocation of cooperating Web Services might mean that their identities are not known beforehand. To achieve trust in the outcome of the task, it is essential that the identities of the cooperating Web Services can be tracked in a secure way. It is also essential that the requesting client can decide to what degree the task has been executed. In this paper an approach to securely track identities of Web Services is introduced. The use of one-way messages creates a system where the state of a request is preserved by the request itself.
Security Reinforcement - Web Service Formation
International Journal of Science Technology & Engineering
The (DaaS) Data as a Service, builds on service-oriented technologies to permit fast access to data resources on the Web. However, this pattern raises several new privacy concerns where traditional privacy prototypes do not handle. Additionally DaaS composition may disclose privacy-sensitive information. In this paper, we state a formal privacy model to extend DaaS descriptions with privacy capabilities. The privacy model provides a service to define a privacy policy and a set of privacy requisites. We also suggest privacy-preserving DaaS compositions that sound out allowing to verify the compatibility between privacy requisites and policies in DaaS composition. We proffer a negotiation mechanism that makes it possible to dynamically reconcile the privacy capabilities of services when incompatibilities emerge in a composition. We substantiate the applicability of our proposal via a prototype implementation and a set of experiments.
Automata-Based Verification of Security Requirements of Composite Web Services
With the increasing reliance of complex real-world applications on composite web services assembled from independently developed component services, there is a growing need for effective approaches to verifying that a composite service not only offers the required functionality but also satisfies the desired non-functional requirements (NFRs). In high-assurance applications such as traffic control, medical decision support, and coordinated response to civil emergencies, of special concern are NFRs having to do with security, safety and reliability of composite services. Current approaches to verifying NFRs of composite services (as opposed to individual services) remain largely ad-hoc and informal in nature. In this paper we develop techniques for ensuring that a composite service meets the user-specified NFRs expressible in the form of hard constraints e.g., "response time has to be less than 5 minutes." We introduce an automata-based framework for verifying that a composite service satisfies the desired NFRs based on the known guarantees regarding the non-functional properties of the component services. We further show how to improve the efficiency of verifying that a composite service indeed satisfies a desired set of NFRs by: (i) Exploiting information about the applicability of specific NFRs (e.g., security) only to certain subsets of the component services that make up a composite service to minimize the verification effort and (ii) Identifying inconsistencies between NFRs with overlapping scopes. We illustrate how our approach can be used to verify the security requirements for an Emergency Management System. We also show how the approach can be used to verify whether a composite service satisfies any desired set of NFRs that can be expressed in the form of hard constraints of a quantitative nature.
Secure service orchestration in open networks
Journal of Systems Architecture, 2011
Service Oriented Computing is a paradigm for creating a fully compositional service infrastructure. Compositionality makes security issues difficult to establish. As a matter of fact, defining global security properties on distribute, large-scale network seems to have little or even no sense at all.
Incorporating Security Requirements into Service Composition: From Modelling to Execution
Service-Oriented Computing – ICSOC 2007, 2009
Despite an increasing need for considering security requirements in service composition, the incorporation of security requirements into service composition is still a challenge for many reasons: no clear identification of security requirements for composition, absence of notations to express them, difficulty in integrating them into the business processes, complexity of mapping them into security mechanisms, and the complexity inherent to specify and enforce complex security requirements. We identify security requirements for service composition and define notations to express them at different levels of abstraction. We present a novel approach consisting of a methodology, called Sec-MoSC, to incorporate security requirements into service composition, map security requirements into enforceable mechanisms, and support execution. We have implemented this approach in a prototype tool by extending BPMN notation and building on an existing BPMN editor, BPEL engine and Apache Rampart. We showcase an illustrative application of the Sec-MoSC toolset.
Towards formalizing QoS of web services with weighted automata
2007
Web services (WSs) are used more and more as components of distributed applications with a goal to resolve complex tasks that simple services cannot. This use of WSs is connected to the emergence of languages like WS-BPEL which allows describing the external behaviour of WSs on top of the service interfaces. The use of WSs as components of distributed applications implies the possibility to change a failing service for another which can do at least the same things as the replaced service. The composition issues are also of particular interest to WSs users. Different solutions have been proposed during the last years to check such properties, but, to our knowledge, none of them takes QoS aspects into account. This paper introduces underpinnings and a tool for verifying WSs substitutivity and well-formed composition while considering WSs costs such as the execution time of the different operations provided by WSs.