A Framework for Secure Service Composition

Author

Brucker, Achim D. ; Malmignati, Francesco ; Merabti, Madjid ; Qi Shi ; Bo Zhou

Author_Institution

SAP AG, Karlsruhe, Germany

fYear

2013

fDate

8-14 Sept. 2013

Firstpage

647

Lastpage

652

Abstract

Modern applications are inherently heterogeneous: they are built by composing loosely coupled services that are, usually, offered and operated by different service providers. While this approach increases the flexibility of the composed applications, it makes the implementation of security and trustworthiness requirements difficult. As the number of security requirements is increasing dramatically, there is a need for new approaches that integrate security requirements right from the beginning while composing service-based applications. In this paper, we present a framework for secure service composition using a model-based approach for specifying, building, and executing composed services. As a unique feature, this framework integrates security requirements as a first class citizen and, thus, avoids the ``security as an afterthought´´ paradigm.

Keywords

formal specification; security of data; service-oriented architecture; trusted computing; loosely coupled service composition; secure service composition; security requirements; service building; service execution; service specification; service-based application composition; trustworthiness requirements; Availability; Biological system modeling; Business; Runtime; Security; Service-oriented architecture; BPMN; secure service composition; service availability; service modelling;

fLanguage

English

Publisher

ieee

Conference_Titel

Social Computing (SocialCom), 2013 International Conference on

Conference_Location

Alexandria, VA

Type

conf

DOI

10.1109/SocialCom.2013.97

Filename

6693394