Verifying BPEL Workflows Under Authorisation Constraints

نویسندگان

Zhao Xiangpeng

Antonio Cerone

Padmanabhan Krishnan

چکیده

Business Process Execution Language (BPEL), or Web Services BPEL (WS-BPEL), is the standard for specifying workflow process definition using web services. Research on formal modelling and verification of BPEL has largely concentrated on control flow and data flow, while security related properties have received little attention. In this work, we present a formal framework that integrates Role Based Access Control (RBAC) into BPEL and allows us to express authorisation constraints using temporal logic. Using this framework, we show how model-checking can be applied to verify that a given BPEL process satisfies the security constraints.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Adding Security to BPEL Workflows of Web Services

BPEL (Business Process Enterprise Language) is a language for web services composition and several implementations of it exist. For BPEL to be effective, it is necessary that it provides more support for security. BPEL doesn’t present any means to specify security constraints for workflows. BPEL through its activities tries to provide specific functional aspects and any non-functional aspects a...

متن کامل

Pattern-Based Design and Verification of Secure Service Compositions

Ensuring the preservation of security is a key requirement and challenge for Service-Based Systems (SBS) due to the use of third party software services not operating under different security perimeters. In this paper, we present an approach for verifying the security properties of SBS workflows and adapting them if such properties are not preserved. Our approach uses secure service composition...

متن کامل

Verifying Business Rules Using an SMT Solver for BPEL Processes

WS-BPEL is the standard for modelling executable business processes. Recently, verification of BPEL processes has been an important topic in the research community. While most of the existing approaches for BPEL process verification merely consider control-flow based analysis, some actually consider data-flows, but only in a very restrictive manner. In this paper, we present a novel approach th...

متن کامل

An Access-Control Framework for WS-BPEL

abstraCt Business processes, the next-generation workflows, have attracted considerable research interest in the last 15 years. More recently, several XML-based languages have been proposed for specifying and orchestrating business processes, resulting in the WS-BPEL language. Even if WS-BPEL has been developed to specify automated business processes that orchestrate activities of multiple Web ...

متن کامل

Towards Simulation Workflows with Bpel: Deriving Missing Features from Gricol

In this paper, we investigate the suitability of the generalpurpose workflow language BPEL to create executable simulation workflows. We therefore compare BPEL to GriCoL, a graphical language with proven applicability for simulation workflows in Grid environments. We discover a number of incomparable concepts in the two languages. On the one hand, BPEL’s unique features in comparison to GriCoL ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2006

Verifying BPEL Workflows Under Authorisation Constraints

نویسندگان

چکیده

منابع مشابه

Adding Security to BPEL Workflows of Web Services

Pattern-Based Design and Verification of Secure Service Compositions

Verifying Business Rules Using an SMT Solver for BPEL Processes

An Access-Control Framework for WS-BPEL

Towards Simulation Workflows with Bpel: Deriving Missing Features from Gricol

عنوان ژورنال:

اشتراک گذاری