Article: A formal aspect-oriented method to model and analyse secure service composition Journal: International Journal of Autonomous and Adaptive Communications Systems (IJAACS) 2015 Vol.8 No.2/3 pp.119 - 140 Abstract: Service-oriented computing (SOC) is becoming a prominent paradigm for creating value-added enterprise applications by composing web services. However, this flexibility comes along with new security risks. In this paper, Petri nets are used to precisely describe the different components of service composition, such as service, component, the basic relation between components, etc. The dynamic matching strategy of service composition is proposed, aspect orientation is used to weave it into the base net, which includes evaluation concern, authorisation concern and failure processing concern, the weaving mechanism dynamically integrates these schemas into a secure aspect model. Based on this, the operation semantics and related theories of Petri nets help prove the effectiveness and feasibility of proposed method, the enforcement algorithm is also given. An example explains the modelling process of service composition, and a series of experiments are done to explain that the use of aspects for service composition is more efficient than conventional techniques. Inderscience Publishers - linking academia, business and industry through research

Title: A formal aspect-oriented method to model and analyse secure service composition

Authors: Guisheng Fan; Huiqun Yu; Liqiong Chen; Dongmei Liu

Addresses: Department of Computer Science and Engineering, East China University of Science and Technology, Shanghai 200237, China; Shanghai Key Laboratory of Computer Software Evaluating and Testing, Shanghai 201112, China ' Department of Computer Science and Engineering, East China University of Science and Technology, Shanghai 200237, China ' Department of Computer Science and Information Engineering, Shanghai Institute of Technology, Shanghai 200235, China ' Department of Computer Science and Engineering, East China University of Science and Technology, Shanghai 200237, China

Abstract: Service-oriented computing (SOC) is becoming a prominent paradigm for creating value-added enterprise applications by composing web services. However, this flexibility comes along with new security risks. In this paper, Petri nets are used to precisely describe the different components of service composition, such as service, component, the basic relation between components, etc. The dynamic matching strategy of service composition is proposed, aspect orientation is used to weave it into the base net, which includes evaluation concern, authorisation concern and failure processing concern, the weaving mechanism dynamically integrates these schemas into a secure aspect model. Based on this, the operation semantics and related theories of Petri nets help prove the effectiveness and feasibility of proposed method, the enforcement algorithm is also given. An example explains the modelling process of service composition, and a series of experiments are done to explain that the use of aspects for service composition is more efficient than conventional techniques.

Keywords: aspect orientation; web service security; Petri nets; access control; secure service composition; formal aspect; modelling; service-oriented computing; SOC; web services; dynamic matching; evaluation; authorisation; failure processing.

DOI: 10.1504/IJAACS.2015.069574

International Journal of Autonomous and Adaptive Communications Systems, 2015 Vol.8 No.2/3, pp.119 - 140

Received: 19 Feb 2013
Accepted: 29 Jul 2013
Published online: 27 May 2015 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: A formal aspect-oriented method to model and analyse secure service composition

Keep up-to-date