Reasoning about events to specify authorization policies for web services composition

Mohsen Rouached*, Claude Godart

*المؤلف المقابل لهذا العمل

نتاج البحث: Conference contribution

9 اقتباسات (Scopus)

ملخص

Availability of a wide variety of Web services over the Internet offers opportunities of providing new value added services built by composing them out of existing ones. By integrating individual existing Web services the technology enables the provision of advanced and sophisticated services, such as allowing users to use different types of resources and services simultaneously in a simple procedure. However the management and maintenance of a large number of Web services is not easy and, in particular, needs appropriate authorization policies to be defined so as to realize reliable and secure Web Services. The required authorization policies can be quite complex, resulting in unintended conflicts, which could result in information leaks or prevent access to information needed. This paper proposes a logic based approach using for specifying authorization policies and detecting conflicts resulting from the combination of various kinds of authorization and constraint policies used in Web services environments. The method not only enables static detection of policy conflicts but also yields information that is helpful for correcting the policies. An automated induction-based theorem prover SPIKE is used as verification back-end.

اللغة الأصليةEnglish
عنوان منشور المضيفProceedings - 2007 IEEE International Conference on Web Services, ICWS 2007
الصفحات481-488
عدد الصفحات8
المعرِّفات الرقمية للأشياء
حالة النشرPublished - 2007
منشور خارجيًانعم
الحدث2007 IEEE International Conference on Web Services, ICWS 2007 - Salt Lake City, UT, United States
المدة: يوليو ٩ ٢٠٠٧يوليو ١٣ ٢٠٠٧

سلسلة المنشورات

الاسمProceedings - 2007 IEEE International Conference on Web Services, ICWS 2007

Other

Other2007 IEEE International Conference on Web Services, ICWS 2007
الدولة/الإقليمUnited States
المدينةSalt Lake City, UT
المدة٧/٩/٠٧٧/١٣/٠٧

ASJC Scopus subject areas

  • ???subjectarea.asjc.1700.1705???
  • ???subjectarea.asjc.1700.1710???
  • ???subjectarea.asjc.1800.1802???
  • ???subjectarea.asjc.2200.2208???

بصمة

أدرس بدقة موضوعات البحث “Reasoning about events to specify authorization policies for web services composition'. فهما يشكلان معًا بصمة فريدة.

قم بذكر هذا