New XACML-AspectBPEL approach for composite web services security Online publication date: Mon, 29-Sep-2014
by Sara Ayoubi; Azzam Mourad; Hadi Otrok; Ahmad Shahin
International Journal of Web and Grid Services (IJWGS), Vol. 9, No. 2, 2013
Abstract: Web services technology is the latest evolution in distributed computing. With all of the advantages of web services, one of the main hurdles remains security in composite web services. In this paper, we tackle this problem through a new approach towards the integration of security into the BPEL (Business Process Execution Language) process of composite web services. Our approach allows specifying the XACML (eXtensible Access Control Markup Language) policies that determine join points in a BPEL process where security is needed. Subsequently, BPEL flows with the needed security are generated into AspectBPEL security aspects to be weaved in the aforementioned process. The main contributions of our approach are: (a) describing dynamic security policies using a standard language XACML, (b) generating automatically the AspectBPEL aspects of the XACML policies and (c) separating the business and security concerns of composite web services, hence developing and updating them separately at the BPEL side.
Online publication date: Mon, 29-Sep-2014
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Web and Grid Services (IJWGS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email email@example.com