2011 • In Data Privacy Management and Autonomous Spontaneus Security - 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Leuven, Belgium, September 15-16, 2011, Revised Selected Papers.
Web services; automatic composition; security; distributed orchestration; formal methods
Abstract :
[en] We present a novel approach to automated distributed orchestration of Web services tied with security policies. The construction of an orchestration complying with the policies is based on the resolution of deducibility constraint systems and has been implemented for the non-distributed case as part of the AVANTSSAR Validation Platform. The tool has been successfully experimented on several case-studies from industry and academia.
Disciplines :
Computer science
Identifiers :
UNILU:UL-CONFERENCE-2012-441
Author, co-author :
Avanesov, Tigran ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Chevalier, Yannick
Anis Mekki, Mohammed
Rusinowitch, Michaël
Turuani, Mathieu
Language :
English
Title :
Distributed Orchestration of Web Services under Security Constraints
Publication date :
2011
Event name :
SETOP'11
Event place :
Leuven, Belgium
Event date :
September 15-16, 2011
Main work title :
Data Privacy Management and Autonomous Spontaneus Security - 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Leuven, Belgium, September 15-16, 2011, Revised Selected Papers.
Publisher :
Springer Berlin Heidelberg
ISBN/EAN :
978-3-642-28878-4
Pages :
235-252
Peer reviewed :
Peer reviewed
Commentary :
7122
Revised Selected Papers of 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011
Automated Validation of Trust and Security of Service-Oriented Architectures, AVANTSSAR project, http://www.avantssar.eu
Network of Excellence on Engineering Secure Future Internet Software Services and Systems, NESSoS project, http://www.nessos-project.eu
Avanesov, T., Chevalier, Y., Rusinowitch, M., Turuani, M.: Satisfiability of General Intruder Constraints with and without a Set Constructor. Research Report RR-7276, INRIA (May 2010), http://hal.inria.fr/inria-00480632/en/
Baresi, L., Maurino, A., Modafferi, S.: Towards distributed bpel orchestrations. ECEASST 3 (2006)
Berardi, D., Calvanese, D., De Giacomo, G., Hull, R., Mecella, M.: Automatic Composition of Transition-based semantic Web Services with Messaging. In: Proc. 31st Int. Conf. Very Large Data Bases, VLDB 2005, pp. 613-624 (2005)
Berardi, D., Calvanese, D., De Giacomo, G., Lenzerini, M., Mecella, M.: Automatic Composition of E-services That Export Their Behavior. In: Orlowska, M.E., Weerawarana, S., Papazoglou, M.P., Yang, J. (Eds.) ICSOC 2003. LNCS, Vol. 2910, pp. 43-58. Springer, Heidelberg (2003)
Bhargavan, K., Corin, R., Deniélou, P.M., Fournet, C., Leifer, J.J.: Cryptographic protocol synthesis and verification for multiparty sessions. In: 2009 22nd IEEE Computer Security Foundations Symposium, pp. 124-140. IEEE (2009)
Bucchiarone, A., Gnesi, S.: A survey on services composition languages and models. In: Proceedings of International Workshop on Web Services Modeling and Testing (WS-MaTe 2006), pp. 51-63 (2006)
Bultan, T., Fu, X., Hull, R., Su, J.: Conversation specification: a new approach to design and analysis of e-service composition. In: WWW, pp. 403-410 (2003)
Bursuc, S., Comon-Lundh, H., Delaune, S.: Deducibility Constraints. In: Datta, A. (Ed.) ASIAN 2009. LNCS, Vol. 5913, pp. 24-38. Springer, Heidelberg (2009)
Calvanese, D., De Giacomo, G., Lenzerini, M., Mecella, M., Patrizi, F.: Automatic service composition and synthesis: the roman model. IEEE Data Eng. Bull. 31(3), 18-22 (2008)
Camara, J., Martin, J.A., Salaun, G., Cubo, J., Ouederni, M., Canal, C., Pimentel, E.: Itaca: An integrated toolbox for the automatic composition and adaptation of web services. In: ICSE 2009, pp. 627-630 (2009)
Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: An np decision procedure for protocol insecurity with xor. Theo. Comp. Sci. 338(1-3), 247-274 (2005)
Chevalier, Y., Mekki, M.A., Rusinowitch, M.: Automatic composition of services with security policies. In: Proceedings of the 2008 IEEE Congress on Services - Part I, SERVICES 2008, pp. 529-537. IEEE, Washington, DC (2008)
Chevalier, Y., Rusinowitch, M.: Compiling and securing cryptographic protocols. Inf. Process. Lett. 110(3), 116-122 (2010)
Dolev, D., Yao, A.: On the Security of Public-Key Protocols. IEEE Transactions on Information Theory 2(29) (1983)
Fabrega, F.J.T., Herzog, J.C., Guttman, J.D.: Strand spaces: why is a security protocol correct? In: Proceedings of the 1998 IEEE Symposium on Security and Privacy, pp. 160-171 (May 1998)
Martìn, J.A., Martinelli, F., Pimentel, E.: Synthesis of secure adaptors. Journal of Logic and Algebraic Programming 81(2), 99-126 (2012), doi: 10.1016/j.jlap.2011.08.001
Mazaré, L.: Computational Soundness of Symbolic Models for Cryptographic Protocols. PhD thesis, Institut National Polytechnique de Grenoble (October 2006)
Patrizi, F.: An introduction to simulation-based techniques for automated service composition. In: YR-SOC 2009, Pisa, Italy. EPTCS, Vol. 2, pp. 37-49 (June 2009)
Pedraza, G., Estublier, J.: Distributed Orchestration Versus Choreography: The FOCAS Approach. In: Wang, Q., Garousi, V., Madachy, R., Pfahl, D. (Eds.) ICSP 2009. LNCS, Vol. 5543, pp. 75-86. Springer, Heidelberg (2009)
Peltz, C.: Web Services Orchestration, HP white paper (2003)
Peltz, C.: Web services orchestration and choreography. Computer 36, 46-52 (2003)
Quinton, S., Ben-Hafaiedh, I., Graf, S.: From orchestration to choreography: Memoryless and distributed orchestrators. In: Proc. of FLACOS 2009 (2009)
ter Beek, M., Bucchiarone, A., Gnesi, S.: Web service composition approaches: From industrial standards to formal methods. In: Second International Conference on Internet and Web Applications and Services, ICIW 2007, page 15 (2007)
The AVISPA Project, http://www.avispa-project.org/
Trainotti, M., Pistore, M., Calabrese, G., Zacco, G., Lucchese, G., Barbon, F., Bertoli, P.G., Traverso, P.: ASTRO: Supporting Composition and Execution of Web Services. In: Benatallah, B., Casati, F., Traverso, P. (Eds.) ICSOC 2005. LNCS, Vol. 3826, pp. 495-501. Springer, Heidelberg (2005), http://sra.itc.it/projects/astro/
Turuani, M.: The CL-Atse Protocol Analyser. In: Pfenning, F. (Ed.) RTA 2006. LNCS, Vol. 4098, pp. 277-286. Springer, Heidelberg (2006)