Abstract
Automatic composition of web services is a challenging task. Many works have considered simplified automata models that abstract away from the structure of messages exchanged by the services. For the domain of secured services (using e.g. digital signing or timestamping) we propose a novel approach to automated composition of services based on their security policies. Given a community of services and a goal service, we reduce the problem of composing the goal from services in the community to a security problem where an intruder should intercept and redirect messages from the service community and a client service till reaching a satisfying state. We have implemented the algorithm in AVANTSSAR Platform [5] and applied the tool to several case studies.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
AVANTSSAR. Deliverable 2.1: Requirements for modelling and ASLan v.1 (2008), http://www.avantssar.eu
AVANTSSAR. Deliverable 2.3: ASLan final version with dynamic service and policy composition (2010), http://www.avantssar.eu
AVANTSSAR. Deliverable 5.1: Problem cases and their trust and security requirements (2008), http://www.avantssar.eu
AVANTSSAR. Deliverable 5.4: Assessment of the AVANTSSAR Validation Platform (2010), http://www.avantssar.eu
AVANTSSAR. AVANTSSAR Platform (2010), http://www.avantssar.eu
Armando, A., et al.: The Avispa Tool for the automated validation of internet security protocols and applications, http://www.avispa-project.org/
AVISPA Deliverable 2.3: The Intermediate Format (2003), http://www.avispa-project.org
Berardi, D., Calvanese, D., De Giacomo, G., Lenzerini, M., Mecella, M.: Automatic Composition of E-services That Export Their Behavior. In: Orlowska, M.E., Weerawarana, S., Papazoglou, M.P., Yang, J. (eds.) ICSOC 2003. LNCS, vol.Ā 2910, pp. 43ā58. Springer, Heidelberg (2003)
Berardi, D., Calvanese, D., De Giacomo, G., Hull, R., Mecella, M.: Automatic composition of transition-based semantic web services with messaging. In: Proceedings of the 31st International Conference on Very Large Data Bases, Trondheim, Norway, August 30 - September 2, pp. 613ā624. ACM, New York (2005)
Bultan, T., Su, J., Fu, X.: Analyzing conversations of Web services. In: Proceedings of the Internet Computing, pp. 18ā25. IEEE, Los Alamitos (2006)
Bultan, T., Fu, X., Hull, R., Su, J.: Conversation specification: a new approach to design and analysis of e-service composition. In: Proceedings of the International Conference on World Wide Web, WWW 2003, pp. 403ā410 (2003)
Colombo, M., Di Nitto, E., Mauri, M.: SCENE: A Service Composition Execution Environment Supporting Dynamic Changes Disciplined Through Rules. In: Dan, A., Lamersdorf, W. (eds.) ICSOC 2006. LNCS, vol.Ā 4294, pp. 191ā202. Springer, Heidelberg (2006)
Dolev, D., Yao, A.: On the Security of Public-Key Protocols. IEEE Transactions on Information TheoryĀ 2(29) (1983)
McAllester, D.A.: Automatic Recognition of Tractability in Inference Relations. Journal of the ACMĀ 40, 284ā303 (1993)
Monfroy, E., Perrin, O., Ringeissen, C.: Dynamic Web Services Provisioning with Constraints. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part I. LNCS, vol.Ā 5331, pp. 26ā43. Springer, Heidelberg (2008)
Oasis Technical Comittee on Secure Exchange. Ws-securitypolicy 1.2 (2007), http://doc.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-cd-02.pdf
Pistore, M., Marconi, A., Bertoli, P., Traverso, P.: Automated Composition of Web Services by Planning at the Knowledge Level. In: International Joint Conference on Artificial Intelligence, IJCAI (2005)
Sheth, A.P., Kashyap, V.: So far (schematically) yet so near (semantically). In: Hsiao, D.K., Neuhold, E.J., Sacks-Davis, R. (eds.) DS-5. IFIP Transactions, vol.Ā A-25, pp. 283ā312. North-Holland, Amsterdam (1992)
World Wide Web Consortium. Simple Object Access Protocol 1.2 (April 2007), http://www.w3.org/TR/soap12-part1
Rusinowitch, M., Turuani, M.: Protocol insecurity with finite number of sessions is NP-complete. In: Proc.14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia (June 2001)
Turuani, M.: The CL-Atse Protocol Analyser. In: Pfenning, F. (ed.) RTA 2006. LNCS, vol.Ā 4098, pp. 277ā286. Springer, Heidelberg (2006)
Oasis Consortium. Web Services Business Process Execution Language Version 2.0. (January 23, 2006), http://www.oasis-open.org/committees/documents.php?wg_abbrev=wsbpel
World Wide Web Consortium. Web Services Description Language (WSDL) 1.1 (March 15, 2001), http://www.w3.org/TR/wsdl ,
Wu, Z., Gomadam, K., Ranabahu, A., Sheth, A., Miller, J.: Automatic Composition of Semantic Web Services Using Process Mediation. In: ICEIS, vol.Ā (4), pp. 453ā462 (2007)
World Wide Web Consortium. XML Path Language (XPath) 2.0. (January 23, 2007), http://www.w3.org/TR/xpath20/
World Wide Web Consortium. XML Schema Definition (XSD) (March 2005), http://www.w3.org/XML/Schema
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
Ā© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chevalier, Y., Mekki, M.A., Rusinowitch, M. (2011). Orchestration under Security Constraints. In: Aichernig, B.K., de Boer, F.S., Bonsangue, M.M. (eds) Formal Methods for Components and Objects. FMCO 2010. Lecture Notes in Computer Science, vol 6957. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25271-6_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-25271-6_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25270-9
Online ISBN: 978-3-642-25271-6
eBook Packages: Computer ScienceComputer Science (R0)