Title :
Security Specification at Process Level
Author :
Chollet, St?©phanie ; Lalanda, Philippe
Author_Institution :
Lab. Inf. de Grenoble, Grenoble
Abstract :
In this paper, we present a process-oriented tool allowing the specification of security properties at the service composition level. The tool is based on the notions of abstract and concrete services as well as on the concept of separation of concerns. It provides a framework that allows different people to effectively discuss security issues. Abstract services can be viewed as activities rather than as technical services and are such better understood by non-technical people. Similarly, security is discussed in terms of needs and no complex security technologies are to be specified. The tool relies between these two meta-models specifying orchestration-related concepts and security concepts. Meta-links between the meta-models have been defined to specify the authorized security constraints on the orchestrated services. The tool has been validated on an application specified by Thales.
Keywords :
formal specification; security of data; meta-links; meta-models; orchestration-related concepts; process-oriented tool; security specification; service composition level; Application software; Communication system control; Companies; Computer industry; Concrete; Costs; Security; Service oriented architecture; Software tools; Web services; Security; process; service composition;
Conference_Titel :
Services Computing, 2008. SCC '08. IEEE International Conference on
Print_ISBN :
978-0-7695-3283-7
DOI :
10.1109/SCC.2008.51
