Research Article
Secure Composition of Cascaded Web Services
@INPROCEEDINGS{10.4108/icst.collaboratecom.2012.250522, author={Basit Shafiq and Soon Chun and Jaideep Vaidya and nazia badar and Nabil Adam}, title={Secure Composition of Cascaded Web Services}, proceedings={8th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing}, publisher={IEEE}, proceedings_a={COLLABORATECOM}, year={2012}, month={12}, keywords={web service composition security privacy}, doi={10.4108/icst.collaboratecom.2012.250522} }- Basit Shafiq
Soon Chun
Jaideep Vaidya
nazia badar
Nabil Adam
Year: 2012
Secure Composition of Cascaded Web Services
COLLABORATECOM
ICST
DOI: 10.4108/icst.collaboratecom.2012.250522
Abstract
A business process can be developed as a composition of Web services provided by different service providers. These service providers may have their own policies and constraints for service provisioning and collaboration. In this paper, we focus on secure composition of services, specifically from the perspective of service enactment. Service enactment requires finding an execution plan for the service composition that conforms to the requirements and constraints of the service requester and all service providers. However, due to privacy and security concerns, participants may selectively expose their Web service operations and process details. We propose an approach for service enactment that does not require the participants to reveal their internal operations and constraints and that can still result in an execution plan which satisfies the requirements and constraints of all participants. The proposed approach uses Finite State Machines (FSM) to model component Web service operations, their interdependencies, as well security and access control policy constraints. Model checking is used to generate an appropriate Web service execution plan in an incremental manner. Commutative encryption based techniques are used to preserve privacy and security.
