Title: A novel aspect-oriented BPEL framework for the dynamic enforcement of web services security

Authors: Azzam Mourad; Sara Ayoubi; Hamdi Yahyaoui; Hadi Otrok

Addresses: Department of Computer Science and Mathematics, Lebanese American University, Lebanon ' Department of Computer Science and Mathematics, Lebanese American University, Lebanon ' Computer Science Department, Kuwait University, Kuwait ' Department of Electrical and Computer Engineering, Khalifa University of Science, Technology and Research, UAE

Abstract: In this paper, we propose a new framework for the dynamic enforcement of composite Web services security, which is based on a synergy between Aspect-Oriented Programming (AOP) and BPEL (Business Process Execution Language). This synergy is achieved through the elaboration of a new language called AspectBPEL, which is used to specify security policies as separate components, referred to as aspects, to be weaved systematically in a BPEL process. The injected aspects activate the security policies at runtime on specific join points. Our approach enjoys several additional features such as (1) separating the business and security concerns of composite Web services (2) allowing the update of security mechanisms of composite Web services at run time, (3) providing modularity for modelling cross-cutting concerns between Web services, (4) centralising some security measurements at the BPEL side and (5) providing a framework fully compatible with any BPEL engine regardless of the adopted development environment.

Keywords: composite web services; web services security; BPEL; security policies; AOP; RBAC; aspect-oriented programming; dynamic security enforcement; modelling.

DOI: 10.1504/IJWGS.2012.051526

International Journal of Web and Grid Services, 2012 Vol.8 No.4, pp.361 - 385

Received: 24 Aug 2012
Accepted: 16 Sep 2012

Published online: 31 Dec 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article