Towards secure execution orders for composite web services

Proceedings - 2007 IEEE International Conference on Web Services, ICWS 2007

Volumn , Issue , 2007, Pages 489-496

  Biskup, Joachim ^a   Carminati, Barbara ^b   Ferrari, Elena ^b   Müller, Frank ^a   Wortmann, Sandra ^a  

^a TU DORTMUND UNIVERSITY   (Germany)

^b UNIVERSITY OF INSUBRIA   (Italy)

Author keywords

[No Author keywords available]

Indexed keywords

CONTAINERS; DATA STRUCTURES; FILE ORGANIZATION; INFORMATION SERVICES; STRUCTURE (COMPOSITION); WEB SERVICES;

COMPOSITE WEB SERVICES; EXECUTION FLOW; INTERNATIONAL CONFERENCES; SECURITY ISSUES; SECURITY REQUIREMENTS; WEB SERVICE COMPOSITION;

WORLD WIDE WEB;

EID: 46849096072     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICWS.2007.179     Document Type: Conference Paper

References (25)

1. S. Agarwal, B. Sprick, and S. Wortmann. Credential based access control for semantic web services. In T. Payne, editor, AAAI Spring Symposium - Semantic Web Services, pages 44 -52, 2004.
2. M. Bartoletti, P. Degano, and G. Ferrari. Plans for service composition. In Proceedings of the Workshop on Issues in the Theory of Security (WITS), Vienna, Austria, 2006.
3. E. Bertino, A. Squicciarini, and D. Mevi. A fine-grained access control model for web services. In Proceedings of the 2004 IEEE International Conference on Services Computing, pages 33-40, Shangai, China, 2004.
4. R. Bhatti, E. Bertino, and A. Ghafoor. A trust-based context-aware access control model for web-services. In B. Werner, editor, IEEE International Conference on Web Services (ICWS '04), pages 184-191, San Diego, CA, USA, 2004. IEEE Computer Society Press.
5. J. Biskup and Y. Karabulut. A hybrid PKI model: Application to secure mediation. In E. Gudes and S. Shenoi, editors, Proceedings of the 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, pages 271-282. Kluwer Academic Publishers, 2003.
6. P. A. Bonatti and P. Samarati. A uniform framework for regulating service access and information release on the web. Journal of Computer Security, 10(3):241-271, 2002.
7. B. Carminati, E. Ferrari, and P. Hung. Secure conscious web service composition. In Proceedings of the IEEE International Conference on Web Services, Chicago, USA, 2006.
8. R. Chinnici, J.-J. Moreau, A. Ryman, and S. Weerawarana. Web services description language (WSDL) version 2.0. http://www.w3.org/TR/wsdl20, 2006.
9. E. Christensen, F. Curbera, G. Meredith, and S. Weerawarana. Web Services Description Language (WSDL) 1.1. http://www.w3.org/TR/wsdl, 2001.
10. M. Coetzee and J. Eloff. Towards web service access control. Computers & Security, 23(7):559-570, 2004.
11. S. Haibo and H. Fan. A context-aware role-based access control model for web services. In Proceedings of the 2004 IEEE International Conference on on e-Business Engineering, 2005.
12. J. B. Joshi, W. G. Aref, A. Ghafoor, and E. H. Spafford. Security models for web-based applications. Communications of the ACM, 44(2):38-44, 2001.
13. L. Kagal, M. Paolucci, N. Srinivasan, G. Denker, T. Finin, and K. Sycara. Authorization and privacy for semantic web services. In Proceedings of the AAAI Spring Symposium, Workshop on Semantic Web Services, 2005.
14. H. Koshutanski and F. Massacci. Interactive access control for web services. In Y. Deswarte, F. Cuppens, S. Jajodia, and L. Wang, editors, Proceedings of the 19th IFIP International Information Security Conference (SEC'04), pages 151-166, Toulouse, France, 2004. Kluwer Academic Publishers.
15. M. G. Nanda, S. Chandra, and V. Sarkar. Decentralizing execution of composite web services. In OOPSLA, pages 170-187, 2004.
16. OASIS. Web Services Security. http://www.oasis-open.org/committees/ download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf, 2004. OASIS Standard.
17. OASIS. Web Services Business Process Execution Language (WS-BPEL), version 2.0. http://www.oasis-open.org/apps/org/workgroup/wsbpel, 2005. OASIS Standard.
18. OASIS. ebXML BPSS (ebBP), version 2.0.4. http://docs.oasis-open.org/ ebxml-bp/2.0.4/OS, 2006. OASIS Standard.
19. OASIS. Web Services Context Specification (WS-Context) version 1.0. http://docs.oasis-open.org/ws-caf/ws-context/v1.0/OS/wsctx.html, 2007. OASIS Standard.
20. L. M. Patcas, J. Murphy, and G.-M. Muntean. Middleware support for data-flow distribution in web services composition. In ECOOP2005 PhDOOS Workshop and Doctoral Symposium, 2005.
21. A. Shamir. How to Share a Secret. Communications of the ACM, 22(11):612-613, 1979.
22. World Wide Web Consortium (W3C). Web services activity. http://www.w3.org/2002/ws, 2002-2005.
23. W3C. Web Services Addressing. http://www.w3.org/Submission/ws-addressing/ , 2004. W3C Member Submission.
24. W3C. SOAP, version 1.2. http://www.w3.org/TR/soap12-part1/, 2007. W3C Recommendation.
25. E. Yuan and J. Tong. Attribute based access control (ABAC) for web services. In Proceedings of the IEEE International Conference on Web Services, Orlando, Florida, 2005.