Dynamic access control policies and web-service composition.
Service composition is a fundamental technique for develop- ing web-service applications. In general, a single service is not enough to achieve the user’s goal, rather several services, often from different providers, are composed dynamically to satisfy a request. Ensuring se- curity in such a system is challenging and not supported by most of the security frameworks proposed in current literature. This paper presents a formal model for composing security policies dynamically to cope with changes in requirements or occurrences of events. The model can be used to specify the security policies of web-services and to reason about their composition. We illustrate our approach with a simple example from healthcare services.
Citation : Siewe, F. Janicke, H. and Jones, K. (2005). Dynamic access control policies and web-service composition.The proceedings of the 1st Young Researcher Workshop on Service-Oriented Computing, Leicester, U.K..
Research Group : Software Technology Research Laboratory (STRL)
Research Institute : Cyber Technology Institute (CTI)
Peer Reviewed : Yes