Verifying the Consistency of Security Policies by Abstracting into Security Types

The service-oriented architecture (SOA) makes application development easier, because applications can be built from existing services with a bottom-up methodology. However, it is difficult to determine if a desired new service can be built from existing services. Not only the functional consistency of the existing services, but also the consistency of their non-functional (such as security) aspects must be verified. Message protection is an aspect of security. Every service needs an appropriate security policy defining the protection of messages exchanged between the parties to the service. Because of the intricacy of the Web services security policy language, it is difficult to verify the consistency of the security policies. We are developing a method to verify the consistency of security policies by abstracting them. Each security policy is abstracted, and then attached as a security type to the corresponding service in the application model. The security type denotes a security level for message protection. The security developer defines the possible abstraction methods. In this paper, we define the constraint of abstraction methods based on the semantics of the policy language. And also we state verifying the consistency of security types by using information flow analysis.