Aspect Oriented Approach to Building Secure Service Composition

Service composition is an effective way to achieve value-added service, which has found wide application in various areas. security design at architecture level is critical to achieve high assurance for these applications. However, most security design techniques for service composition were in ad hoc fashion and fell short in precise notations. This paper proposes a formal aspect-oriented approach to designing and analyzing secure service composition. The underlying formalism is Petri net and its modeling method, and focuses on the service authorization, implementation trace ability, data protection and fault handling. Aspect specification provides means to observe behaviors of basic aspect schema, and to describe their interrelationship, while the weaving mechanism systematically integrates these schemas into a complete service composition model. Based on this, the security and fault recovery mechanism of service composition are analyzed, and its correctness and effectiveness are proved. A case study of Export Service demonstrates the approach can simplify the modeling process and improve the design quality.