Title: Towards an approach to design and enforce security in web service composition

Authors: Fernando Lins; Julio Damasceno; Bruno Silva; Robson Medeiros; Andre Souza; Fabricio Teles; David Aragao; Erica Sousa; Nelson Rosa; Bryan Stephenson; Hamid Motahari-Nezhad; Jun Li

Addresses: Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitária, Recife, PE, 50740560 Brazil; Department of Statistics and Informatics, Federal Rural University of Pernambuco, Dom Manuel de Medeiros Street, Dois Irmãos, Recife, PE, 52171-900 Brazil. ' Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitária, Recife, PE, 50740560 Brazil; Department of Statistics and Informatics, Federal Rural University of Pernambuco, Dom Manuel de Medeiros Street, Dois Irmãos, Recife, PE, 52171-900 Brazil. ' Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitária, Recife, PE, 50740-560 Brazil. ' Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitária, Recife, PE, 50740560 Brazil; Department of Statistics and Informatics, Federal Rural University of Pernambuco, Dom Manuel de Medeiros Street, Dois Irmãos, Recife, PE, 52171-900 Brazil. ' Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitária, Recife, PE, 50740560 Brazil. ' Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitária, Recife, PE, 50740560 Brazil. ' Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitária, Recife, PE, 50740560 Brazil. ' Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitária, Recife, PE, 50740560 Brazil. ' Centre of Informatics, Federal University of Pernambuco, 1235 Prof. Moraes Rego Avenue, Cidade Universitária, Recife, PE, 50740560 Brazil. ' HP Labs Palo Alto, 1501 Page Mill Rd, Palo Alto, CA 94304, USA. ' HP Labs Palo Alto, 1501 Page Mill Rd, Palo Alto, CA 94304, USA. ' HP Labs Palo Alto, 1501 Page Mill Rd, Palo Alto, CA 94304, USA

Abstract: Modelling and enforcing security requirements is an important but challenging task in web service composition. However, the explicit treatment of security requirements is challenging for many reasons: diversity of security background of involved stakeholders, absence or complexity of notations to express security requirements, complexity of mapping security requirements into security mechanisms and enforcing them at runtime. Existing work often delays considering the security requirements until the implementation and execution. We present an approach to design and enforce security in web service composition. By adopting the proposed approach, security requirements are incorporated during the business process definition and service composition code generation, and enforced at runtime. The proposed approach is supported by a set of tools that allows annotating business processes with security requirements, refining the security annotated business process and enforcing security annotations at execution time. We showcase an illustrative application to demonstrate the proposed approach and developed tools.

Keywords: web services; security design; security enforcement; business process definition; model driven architecture; MDA; web service composition; security annotations.

DOI: 10.1504/IJWET.2012.050966

International Journal of Web Engineering and Technology, 2012 Vol.7 No.4, pp.323 - 357

Published online: 16 Aug 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article