|
Title:
|
USING CONSTRAINED POLICY GRAPH FOR MODELING AND ANALYSIS OF THE WEB SERVICE COMPOSITION POLICIES |
|
Author(s):
|
Zahra Derakhshandeh , Behrouz Tork Ladani , Naser Nematbakhsh |
|
ISBN:
|
978-972-8924-68-3 |
|
Editors:
|
Pedro Isaías, Miguel Baptista Nunes and Dirk Ifenthaler |
|
Year:
|
2008 |
|
Edition:
|
Single |
|
Keywords:
|
Access control policy, policy composition, verification, conflict, web service composition |
|
Type:
|
Full Paper |
|
First Page:
|
259 |
|
Last Page:
|
266 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
Most of the works done for specifying and analyzing the Access Control Polices (ACPs) consider the security policies
per system while it is required to unify the security policies in an integrated system with several subsystems. Moreover,
an important problem in web service composition is that the partners contributed in a combination may have inconsistent
ACPs. This makes the composed web service invalid. Also the ACP of composed web service may violate the ACP of
one partner. So web services ACPs must be modeled and analyzed for detecting contradictions. Meanwhile, the web
service composition methods such as BPEL and WSCI do not consider the possibility of policy specification and
verification as well as other non-functional properties. In this paper, a formal model for specification of ACPs is
represented as Constrained Policy Graph (CPG). This model is capable of expressing several ACPs and combining
them in a unified framework. Using CPG, not only the policies can be constrained according to system requirements but
also, it can be used for combining ACPs as well as their nested specification. Furthermore, ACPs can be verified against
conflicts or contradictions using this model. We show one of the main applications of our proposed model in web service
composition field by presenting the way of modeling the ACPs of the web services and composed web service. |
|
|
|
|
|
|
