2013 IEEE International Conference on Services Computing (2008)
July 7, 2008 to July 11, 2008
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SCC.2008.51
In this paper, we present a process-oriented tool allowing the specification of security properties at the service composition level. The tool is based on the notions of abstract and concrete services as well as on the concept of separation of concerns. It provides a framework that allows different people to effectively discuss security issues. Abstract services can be viewed as activities rather than as technical services and are such better understood by non-technical people. Similarly, security is discussed in terms of needs and no complex security technologies are to be specified. The tool relies between these two meta-models specifying orchestration-related concepts and security concepts. Meta-links between the meta-models have been defined to specify the authorized security constraints on the orchestrated services. The tool has been validated on an application specified by Thales.
Security, service composition, process
St?phanie Chollet, Philippe Lalanda, "Security Specification at Process Level", 2013 IEEE International Conference on Services Computing, vol. 01, no. , pp. 165-172, 2008, doi:10.1109/SCC.2008.51