Secure Service Orchestration
نویسندگان
چکیده
We present a framework for designing and composing services in a secure manner. Services can enforce security policies locally, and can invoke other services in a “call-by-contract” fashion. This mechanism offers a significant set of opportunities, each driving secure ways to compose services. We discuss how to correctly plan service orchestrations in some relevant classes of services and security properties. To this aim, we propose both a core functional calculus for services and a graphical design language. The core calculus is called λ [10]. It features primitives for selecting and invoking services that respect given behavioural requirements. Critical code can be enclosed in security framings, with a possibly nested, local scope. These framings enforce safety properties on execution histories. A type and effect system over-approximates the actual run-time behaviour of services. Effects include the actions with possible security concerns, as well as information about which services may be selected at run-time. A verification step on these effects allows for detecting the viable plans that drive the selection of those services that match the security requirements on demand.
منابع مشابه
Discovering Secure Service Compositions
Security is an important concern for service based systems, i.e., systems that are composed of autonomous and distributed software services. This is because the overall security of such systems depends on the security of the individual services they deploy and, hence, it is difficult to assess especially in cases where the latter services must be discovered and composed dynamically. This paper ...
متن کاملMetric-Aware Secure Service Orchestration
Secure orchestration is an important concern in the internet of service. Next to providing the required functionality the composite services must also provide a reasonable level of security in order to protect sensitive data. Thus, the orchestrator has a need to check whether the complex service is able to satisfy certain properties. Some properties are expressed with metrics for precise defini...
متن کاملService Interaction through Gateways for Inter-Cloud Collaboration within the Arrowhead Framework
Service oriented architectures (SOA) provide functional and configuration flexibility in closed communication environments, where security and service-related orchestration issues are controlled within the local network. For automation systems, these SOA-based networks can have core services, such as Service Registry, Orchestration, Authorization, and so on. A set of such core services are defi...
متن کاملA Dynamic Orchestration Model for Future Internet Applications
Society and business are demanding systems that can securely and costeffectively exploit opportunities presented by an Internet of Services. To achieve this goal a system must dynamically adapt to its environment and consider multiple and shifting stakeholder concerns such as application functionality, policies and business processes. In this paper we describe a dynamic orchestration model call...
متن کاملGeneral Framewhork for Secure Service Orchestration
Web services composition allows a software designer for combining atomic services, for instance taken from a marketplace, in a complex business process fulfilling a desired functional goal. Moreover, among a large number of possible compositions, the designer may want to consider only those which satisfy specific non-functional requirements. In our work we consider verification of security prop...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2007