Automatic Composition of Services with Security Policies - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2008

Automatic Composition of Services with Security Policies

Résumé

Automatic composition of web services is a challenging task. Many works have considered simplified automata models that abstract away from the structure of messages exchanged by the services. For the domain of security services (such as digital signing or timestamping) we propose a novel approach to automated composition of services based on their security policies. The approach amounts to collecting the constraints on messages, parameters and control flow from the components services and the goal service requirements.??A constraint solver checks the feasability of the composition — possibly adapting the message structure while preserving the semantics — and displays the service composition as a message sequence chart. The resulting composed service can be verified automatically for ensuring that it cannot be subject to active attacks from intruders. The services that are input to our system are provided in a declarative way using a high level specification language. The approach is fully automatic and we show on a case-study how it succeeds in deriving a composed service that is currently proposed as a product by OpenTrust.
Fichier non déposé

Dates et versions

inria-00330338 , version 1 (14-10-2008)

Identifiants

Citer

Yannick Chevalier, Mohammed Anis Mekki, Michael Rusinowitch. Automatic Composition of Services with Security Policies. Web Service Composition and Adaptation Workshop (held in conjunction with SCC/SERVICES-2008), Jul 2008, Honolulu, United States. pp.529-537, ⟨10.1109/SERVICES-1.2008.13⟩. ⟨inria-00330338⟩
203 Consultations
0 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More