Service Oriented Computing (SOC) is a programming paradigm aiming at characterising Service Networks. Services are entities waiting for requests from clients and they often result from the composition of many (sub-)services. We address here the problem of statically guaranteeing security of open services, i.e. services with unknown components. Security constraints are expressed by policies that service components must obey. We present here a type and effect system that safely over-approximates the possible run-time behaviour of open services, collecting partial infor- mation on the behaviour of their components. From such an approxima- tion, we then extract a (partial) plan that drives executions of an open system that raises no security violations when plugged in any context. Finally, we show how partial plans satisfying security requirements can be put together to obtain a safe orchestration plan.
Modular plans for secure service composition
Costa G;
2012-01-01
Abstract
Service Oriented Computing (SOC) is a programming paradigm aiming at characterising Service Networks. Services are entities waiting for requests from clients and they often result from the composition of many (sub-)services. We address here the problem of statically guaranteeing security of open services, i.e. services with unknown components. Security constraints are expressed by policies that service components must obey. We present here a type and effect system that safely over-approximates the possible run-time behaviour of open services, collecting partial infor- mation on the behaviour of their components. From such an approxima- tion, we then extract a (partial) plan that drives executions of an open system that raises no security violations when plugged in any context. Finally, we show how partial plans satisfying security requirements can be put together to obtain a safe orchestration plan.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
