By Topic

Fine-Grain, End-to-End Security for Web Service Compositions

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Lenin Singaravelu ; Georgia Institute of Technology ; Calton Pu

Web service composition introduces two research challenges to end-to-end integrity and confidentiality of information flow. First, component services need the ability to selectively read or modify information flows. Second, component web services may or may not be trusted by all participants in the same degree. Existing specifications such as WS-security provide fine-grained signatures and encryption for pair-wise interactions, but insufficient support for end-to-end security properties in open environments. Using an electronic prescription application, we illustrate the need for an enhanced framework for providing end-to-end security properties. We then describe a fine-grained, security framework, called WS-FESec, that leverages WS-security to support flexible preservation of end-to-end integrity and confidentiality in web service compositions. Finally, we discuss WS-FESec's support for the lattice model of secure information flow and show how it can be employed to preserve end-to-end security properties in the electronic prescriptions application.

Published in:

IEEE International Conference on Services Computing (SCC 2007)

Date of Conference:

9-13 July 2007