Web services composition allows a software designer for combining atomic services, for instance taken from a marketplace, in a complex business process fullling a desired functional goal. Moreover, among a large number of possible compositions, the designer may want to consider only those which satisfy specic non-functional requirements. In our work we consider verication of security properties and evaluation quantitative security metrics in a single framework. The main focus of this article is the verication of a composition with several security metrics at once. We provide a general solution for the problem and show how such verication can be made more ecient in specic cases (e.g., when a metric is an abstraction of another one). We employ a mathematical structure called c-semirings granting the generality of our approach.
Multi-dimensional Secure Service Orchestration
Fabio Martinelli;Artsiom Yautsiukhin
2013
Abstract
Web services composition allows a software designer for combining atomic services, for instance taken from a marketplace, in a complex business process fullling a desired functional goal. Moreover, among a large number of possible compositions, the designer may want to consider only those which satisfy specic non-functional requirements. In our work we consider verication of security properties and evaluation quantitative security metrics in a single framework. The main focus of this article is the verication of a composition with several security metrics at once. We provide a general solution for the problem and show how such verication can be made more ecient in specic cases (e.g., when a metric is an abstraction of another one). We employ a mathematical structure called c-semirings granting the generality of our approach.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
