Dynamic access control policies and web-service composition.

Date

2005

Advisors

Journal Title

Journal ISSN

ISSN

DOI

Volume Title

Publisher

IEEE Computer Society

Type

Conference

Peer reviewed

Yes

Abstract

Service composition is a fundamental technique for develop- ing web-service applications. In general, a single service is not enough to achieve the user’s goal, rather several services, often from different providers, are composed dynamically to satisfy a request. Ensuring se- curity in such a system is challenging and not supported by most of the security frameworks proposed in current literature. This paper presents a formal model for composing security policies dynamically to cope with changes in requirements or occurrences of events. The model can be used to specify the security policies of web-services and to reason about their composition. We illustrate our approach with a simple example from healthcare services.

Description

Keywords

Citation

Siewe, F. Janicke, H. and Jones, K. (2005). Dynamic access control policies and web-service composition.The proceedings of the 1st Young Researcher Workshop on Service-Oriented Computing, Leicester, U.K..

Rights

Research Institute

Cyber Technology Institute (CTI)