• DocumentCode
    2537545
  • Title

    Automated Validation of Security-Sensitive Web Services Specified in BPEL and RBAC

  • Author

    Calvi, Alberto ; Ranise, Silvio ; Vigan, Luca

  • Author_Institution
    Dipt. di Inf., Univ. di Verona, Verona, Italy
  • fYear
    2010
  • fDate
    23-26 Sept. 2010
  • Firstpage
    456
  • Lastpage
    464
  • Abstract
    We formalize automated analysis techniques for the validation of web services specified in BPEL and a RBAC variant tailored to BPEL. The idea is to use decidable fragments of first-order logic to describe the state space of a certain class of web services and then use state-of-the-art SMT solvers to handle their reach ability problems. To assess the practical viability of our approach, we have developed a prototype tool implementing our techniques and applied it to a digital contract signing service inspired by an industrial case study.
  • Keywords
    Web services; authorisation; computability; formal logic; formal specification; specification languages; SMT solvers; business process execution language; digital contract signing service; first-order logic; formal specification; role-based access control; security-sensitive Web services; Authorization; Petri nets; Process control; Semantics; Web services;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Symbolic and Numeric Algorithms for Scientific Computing (SYNASC), 2010 12th International Symposium on
  • Conference_Location
    Timisoara
  • Print_ISBN
    978-1-4244-9816-1
  • Type

    conf

  • DOI
    10.1109/SYNASC.2010.75
  • Filename
    5715323
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2537545