Skip to main content
SpringerLink
Log in

A Heuristic Approach for Secure Service Composition Adaptation

  • Chapter
  • First Online:
Cyberpatterns

  • 1553 Accesses

Abstract

Secure adaptation of service composition is crucial for service-oriented applications. An effective adaptation method must improve a composition’s adherence to specified behaviour, performance and security guarantees at reasonable cost in terms of computing complexity and time consumption. This chapter discusses current techniques that have been developed to help achieve secure service composition. Based on security verification results, which have been categorised into four patterns in this chapter, a simple heuristics-based adaptation strategy is proposed. This proposal aims at more accurate yet relatively fast secure service adaptation strategy. In order to make direct comparisons of different services, a simple quantification method is also introduced.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 54.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aniketos website. http://www.aniketos.eu/. Accessed 12 Sept 2013.

  2. Chan SW. Security annotations and authorization in GlassFish and the Java EE 5 SDK. http://www.oracle.com/technetwork/articles/javaee/security-annotation-142276.html (2006). Accessed 12 Sept 2013.

  3. OMG. Business process model and notation 2 specification. http://www.omg.org/spec/BPMN/2.0/PDF (2011). Accessed 12 Sept 2013.

  4. Christensen E, Curbera F, Meredith G, Weerawarana S. Web services description language (WSDL) 1.1. http://www.w3.org/TR/2001/NOTE-wsdl-20010315 (2001). Accessed 12 Sept 2013.

  5. Akkiraju IR, et al. Web Service Semantics—WSDL-S. http://www.w3.org/Submission/2005/SUBM-WSDL-S-20051107/ (2005). Accessed 12 Sept 2013.

  6. Kadner K, Oberle D, et al. Unified service description language XG final report. http://www.w3.org/2005/Incubator/usdl/XGR-usdl-20111027/ (2011). Accessed 12 Sept 2013.

  7. Miao W, Liu S. Service-oriented modeling using the SOFL formal engineering method. IEEE Asia-Pacific services computing conference. IEEE CS press, Jeju; 7–11 Dec 2009. doi:10.1109/APSCC.2009.5394123. p. 187–192

  8. Dragoni N, et al. Security-by-contract (SxC) for software and services of mobile systems. In: Di Nitto et al., editors. At your service: service-oriented computing from an EU perspective. Cambridge: MIT Press; 2009. p. 429–454.

    Google Scholar 

  9. Costa G, et al. Security-by-contract-with-trust for mobile devices. J Wirel Mob Netw Ubiquitous Comput Dependable Appl. 2010;1:75–91.

    Google Scholar 

  10. Miao W, Liu S. A formal specification-based testing approach to accurate web service selection. IEEE Asia Pacific Services Computing Conference. IEEE CS Press, Jeju, Korea; 12–15 Dec 2011. p. 259–266. doi:10.1109/APSCC.2011.34.

  11. AVANTSSAR website. 2013. http://www.avantssar.eu/. Accessed 12 Sept 2013.

  12. SAP Product Page: Netweaver Composition Environment. 2013 http://scn.sap.com/community/netweaver. Accessed 12 Sept 2013.

  13. Zhou B, Drew O, Arabo A, Llewellyn-Jones D, Kifayat K, Merabti M, Shi Q, Craddock R, Waller A, Jones G. System-of-systems boundary check in a public event scenario. 5th international conference on systems of systems engineering, winner of the conference best paper award, Loughborough, UK; June 2010. doi:10.1109/SYSOSE.2010.5544013.

  14. Gritzalis S, Spinellis D. The cascade vulnerability problem: the detection problem and a simulated annealing approach to its correction. Microprocess Microsyst. 1998;21(10):621–8.

    Article  Google Scholar 

  15. Zhou B, Llewellyn-Jones D, Shi Q, Asim M, Merabti M, Lamb D. Secure service composition adaptation based on simulated annealing. Proceedings of the 6th layered assurance workshop, annual computer security applications conference (ACSAC 2012), Orlando, Florida, USA; Dec 2012. p. 49–55.

    Google Scholar 

  16. Aktug I, Naliuka K. ConSpec—a formal language for policy specification. Electron Notes Theoret Comput Sci (ENTCS). 2008;197(1):45–58.

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgments

The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grant no. 257930 (http://www.aniketos.eu/).

Author information

Authors and Affiliations

  1. School of Computing and Mathematical Sciences, Liverpool John Moores University, Byrom Street, Liverpool, L3 3AF, UK

    Bo Zhou, David Llewellyn-Jones, David Lamb, Muhammad Asim, Qi Shi & Madjid Merabti

Authors
  1. Bo Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Llewellyn-Jones
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. David Lamb
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Muhammad Asim
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Qi Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Madjid Merabti
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bo Zhou .

Editor information

Editors and Affiliations

  1. Department of Computing and Communication Technologies, Oxford Brookes University, Oxford, Oxfordshire, United Kingdom

    Clive Blackwell

  2. Department of Computing and Communication Technologies, Oxford Brookes University, Oxford, Oxfordshire, United Kingdom

    Hong Zhu

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Zhou, B., Llewellyn-Jones, D., Lamb, D., Asim, M., Shi, Q., Merabti, M. (2014). A Heuristic Approach for Secure Service Composition Adaptation. In: Blackwell, C., Zhu, H. (eds) Cyberpatterns. Springer, Cham. https://doi.org/10.1007/978-3-319-04447-7_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-04447-7_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-04446-0

  • Online ISBN: 978-3-319-04447-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation