Dynamic access control policies and web-service composition.

Date
2005
Authors
Siewe, Francois
Janicke, Helge
Jones, Kevin
Journal Title
Journal ISSN
ISSN
DOI
Volume Title
Publisher
IEEE Computer Society
Peer reviewed
Yes
Abstract
Service composition is a fundamental technique for develop- ing web-service applications. In general, a single service is not enough to achieve the user’s goal, rather several services, often from different providers, are composed dynamically to satisfy a request. Ensuring se- curity in such a system is challenging and not supported by most of the security frameworks proposed in current literature. This paper presents a formal model for composing security policies dynamically to cope with changes in requirements or occurrences of events. The model can be used to specify the security policies of web-services and to reason about their composition. We illustrate our approach with a simple example from healthcare services.
Description
Keywords
Citation
Siewe, F. Janicke, H. and Jones, K. (2005). Dynamic access control policies and web-service composition.The proceedings of the 1st Young Researcher Workshop on Service-Oriented Computing, Leicester, U.K..
Research Institute
Cyber Technology Institute (CTI)