Title :
Toward Systematic Integration of Security Policies into Web Services
Author :
Mourad, Azzam ; Otrok, Hadi ; Ayoubi, Sara
Author_Institution :
Dept. of Comput. Sci. & Math., Lebanese American Univ., Beirut, Lebanon
Abstract :
In this paper, we introduce our approach for the automatic generation of BPEL (Business Process Execution Language) aspects from security policies. It is based on a synergy between policies, Aspect-Oriented Programming (AOP) and composition of web services. Our proposed approach allows first to transform security policies into BPEL aspects. Then, the generated aspects are weaved in the BPEL process of the composed web services at runtime [1]. The main contributions of our approach are: (1) Describing dynamic security policies, (2) generating automatically the BPEL aspects, (3) separating the business and security concerns of composite web services, and hence developing them separately (4) allowing the modification of the dynamic security features and web services composition at run time and (5) providing modularity for modeling cross-cutting concerns between web services.
Keywords :
Web services; aspect-oriented programming; business data processing; security of data; Web service composition; aspect-oriented programming; automatic BPEL generation; business process execution language; dynamic security policy; systematic integration; Access control; Authentication; Business; Runtime; Weaving; Web services; AOP; BPEL; RBAC; Security Policies; Web Services Security;
Conference_Titel :
Intelligence and Security Informatics Conference (EISIC), 2011 European
Conference_Location :
Athens
Print_ISBN :
978-1-4577-1464-1
Electronic_ISBN :
978-0-7695-4406-9
DOI :
10.1109/EISIC.2011.48
