IEEE International Conference on Web Services (ICWS 2007) (2007)
Salt Lake City, Utah, USA
July 9, 2007 to July 13, 2007
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICWS.2007.93
Jinpeng Wei , Georgia Institute of Technology, Atlanta, GA, USA
Lenin Singaravelu , Georgia Institute of Technology, Atlanta, GA, USA
Calton Pu , Georgia Institute of Technology, Atlanta, GA, USA
Complex and dynamic web service compositions may introduce unpredictable and unintentional sharing of security-sensitive data (e.g., credit card numbers) as well as unexpected vulnerabilities that cause information leak. This paper describes a fine-grain access policy specification of security-sensitive data items for each component web service. We propose the SFGuard architecture to enforce these access policies at component web services. A prototype implementation of SF-Guard (on Apache Axis2) and its evaluation show that effective protection of security-sensitive information can be achieved at low overhead (a few percent addition to response time) while preserving the functionality of flexible web service composition.
J. Wei, L. Singaravelu and C. Pu, "Guarding Sensitive Information Streams through the Jungle of Composite Web Services," IEEE International Conference on Web Services (ICWS 2007)(ICWS), Salt Lake City, Utah, USA, 2007, pp. 455-462.