Title: New XACML-AspectBPEL approach for composite web services security

Authors: Sara Ayoubi; Azzam Mourad; Hadi Otrok; Ahmad Shahin

Addresses: Department of Computer Science and Mathematics, Lebanese American University, Lebanon ' Department of Computer Science and Mathematics, Lebanese American University, Lebanon ' Department of Electrical and Computer Engineering, Khalifa University of Science, Technology and Research, UAE ' CIS Department, Lebanese University, Lebanon

Abstract: Web services technology is the latest evolution in distributed computing. With all of the advantages of web services, one of the main hurdles remains security in composite web services. In this paper, we tackle this problem through a new approach towards the integration of security into the BPEL (Business Process Execution Language) process of composite web services. Our approach allows specifying the XACML (eXtensible Access Control Markup Language) policies that determine join points in a BPEL process where security is needed. Subsequently, BPEL flows with the needed security are generated into AspectBPEL security aspects to be weaved in the aforementioned process. The main contributions of our approach are: (a) describing dynamic security policies using a standard language XACML, (b) generating automatically the AspectBPEL aspects of the XACML policies and (c) separating the business and security concerns of composite web services, hence developing and updating them separately at the BPEL side.

Keywords: web service security; XACML; BPEL; secure web services; AOP; RBAC; dynamic security policies; business concerns; security concerns; composite web services.

DOI: 10.1504/IJWGS.2013.054109

International Journal of Web and Grid Services, 2013 Vol.9 No.2, pp.127 - 145

Received: 08 Oct 2012
Accepted: 01 Feb 2013
Published online: 29 Sep 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article