By Topic

Aspect Oriented Approach to Building Secure Service Composition

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Guisheng Fan ; Dept. of Comput. Sci. & Eng., East China Univ. of Sci. & Technol., Shanghai, China ; Huiqun Yu ; Liqiong Chen ; Dongmei Liu

Service composition is an effective way to achieve value-added service, which has found wide application in various areas. security design at architecture level is critical to achieve high assurance for these applications. However, most security design techniques for service composition were in ad hoc fashion and fell short in precise notations. This paper proposes a formal aspect-oriented approach to designing and analyzing secure service composition. The underlying formalism is Petri net and its modeling method, and focuses on the service authorization, implementation trace ability, data protection and fault handling. Aspect specification provides means to observe behaviors of basic aspect schema, and to describe their interrelationship, while the weaving mechanism systematically integrates these schemas into a complete service composition model. Based on this, the security and fault recovery mechanism of service composition are analyzed, and its correctness and effectiveness are proved. A case study of Export Service demonstrates the approach can simplify the modeling process and improve the design quality.

Published in:

Software Engineering Conference (APSEC), 2010 17th Asia Pacific

Date of Conference:

Nov. 30 2010-Dec. 3 2010