Skip to main content
SpringerLink
Log in

On the Synthesis of Secure Services Composition

  • Chapter
Engineering Secure Future Internet Services and Systems

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8431))

Abstract

Web service composition is one of the main research challenges of the last decades. Several frameworks have been developed to compose services in order to meet requirements and constraints imposed by a service consumer. Hereafter, we survey research work on evaluation and automatic synthesis of service composition with a particular eye to security aspects.

Furthermore, we describe our logical approach based on the partial model checking technique and open system analysis for the synthesis of secure service orchestrators that are also able to exploit some cryptographic primitives. We also show two implementations able to automatically generate an orchestrator process that composes several services in such a way to guarantee both functional and security requirements.

The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grants no 256980 (NESSoS).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Andersen, H.R.: Partial model checking. In: LICS, p. 398. IEEE (1995)

    Google Scholar 

  2. Armando, A., et al.: The avispa tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  3. Armando, A., et al.: The AVANTSSAR platform for the automated validation of trust and security of service-oriented architectures. In: Flanagan, C., König, B. (eds.) TACAS 2012. LNCS, vol. 7214, pp. 267–282. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  4. Arnold, A., Vincent, A., Walukiewicz, I.: Games for synthesis of controllers with partial observation. Theoretical Computer Science 303(1), 7–34 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  5. Arsac, W., Compagna, L., Pellegrino, G., Ponta, S.E.: Security validation of business processes via model-checking. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 29–42. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  6. Asarin, E., Maler, O., Pnueli, A.: Symbolic Controller Synthesis for Discrete and Timed Systems. In: Antsaklis, P.J., Kohn, W., Nerode, A., Sastry, S.S. (eds.) HS 1994. LNCS, vol. 999, pp. 1–20. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  7. Avanesov, T., Chevalier, Y., Anis Mekki, M., Rusinowitch, M., Turuani, M.: Distributed Orchestration of Web Services under Security Constraints. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds.) DPM 2011 and SETOP 2011. LNCS, vol. 7122, pp. 235–252. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  8. Avanesov, T., et al.: Intruder deducibility constraints with negation. Decidability and application to secured service compositions. CoRR, abs/1207.4871 (2012)

    Google Scholar 

  9. Avanesov, T., Chevalier, Y., Rusinowitch, M., Turuani, M.: Towards the Orchestration of Secured Services under Non-disclosure Policies. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 130–145. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  10. AVANTSSAR. Deliverable 2.3 (update): ASLan++ specification and tutorial (2011), http://www.avantssar.eu

  11. Baldoni, M., Baroglio, C., Martelli, A., Patti, V.: Reasoning about interaction protocols for web service composition. Electr. Notes Theor. Comput. Sci. 105, 21–36 (2004)

    Article  Google Scholar 

  12. Bao, L., Zhang, W., Zhang, X.: Describing and Verifying Web Service Using CCS. pdcat, 421–426 (2006)

    Google Scholar 

  13. Bartoletti, M., Degano, P., Ferrari, G.L.: Plans for Service Composition. In: Workshop on Issues in the Theory of Security (WITS) (2006)

    Google Scholar 

  14. Bartoletti, M., Degano, P., Ferrari, G.-L.: Security issues in service composition. In: Gorrieri, R., Wehrheim, H. (eds.) FMOODS 2006. LNCS, vol. 4037, pp. 1–16. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  15. Bartoletti, M., Degano, P., Ferrari, G.L.: Types and Effects for Secure Service Orchestration. In: Proc. 19th Computer Security Foundations Workshop (CSFW) (2006)

    Google Scholar 

  16. Benatallah, B., Casati, F., Ponge, J., Toumani, F.: Compatibility and replaceability analysis for timed web service protocols. In: BDA (2005)

    Google Scholar 

  17. Benatallah, B., Casati, F., Ponge, J., Toumani, F.: On Temporal Abstractions of Web Service Protocols. In: CAiSE Short Paper Proceedings (2005)

    Google Scholar 

  18. Bravetti, M., Zavattaro, G.: Service oriented computing from a process algebraic perspective. The Journal of Logic and Algebraic Programming 70(1), 3–14 (2007)

    Article  MATH  MathSciNet  Google Scholar 

  19. Busi, N., Gorrieri, R., Guidi, C., Lucchi, R., Zavattaro, G.: Choreography and orchestration: A synergic approach for system design. In: Benatallah, B., Casati, F., Traverso, P. (eds.) ICSOC 2005. LNCS, vol. 3826, pp. 228–240. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  20. Cámara, J., Canal, C., Cubo, J., Vallecillo, A.: Formalizing WSBPEL Business Processes Using Process Algebra. ENTCS 154(1), 159–173 (2006)

    Google Scholar 

  21. Carbone, R., Minea, M., Mödersheim, S.A., Ponta, S.E., Turuani, M., Viganò, L.: Towards Formal Validation of Trust and Security in the Internet of Services. In: Domingue, J., et al. (eds.) Future Internet Assembly. LNCS, vol. 6656, pp. 193–207. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  22. Chevalier, Y., Mekki, M.A., Rusinowitch, M.: Automatic Composition of Services with Security Policies. In: SERVICES 2008 - Part I, pp. 529–537. IEEE (2008)

    Google Scholar 

  23. Ciancia, V., Martin, J.A., Martinelli, F., Matteucci, I., Petrocchi, M., Pimentel, E.: A tool for the synthesis of cryptographic orchestrators. In: ACM (ed.) Model Driven Security Workshop, MDSEC (2012)

    Google Scholar 

  24. Ciancia, V., Martinelli, F., Matteucci, I., Petrocchi, M., Martn, J.A., Pimentel, E.: Automated synthesis and ranking of secure BPMN orchestrators (2013) (to apper)

    Google Scholar 

  25. Dong, J.S., Liu, Y., Sun, J., Zhang, X.: Verification of Computation Orchestration Via Timed Automata. In: Liu, Z., Kleinberg, R.D. (eds.) ICFEM 2006. LNCS, vol. 4260, pp. 226–245. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  26. Ferrara, A.: Web services: A process algebra approach. In: ICSOC, pp. 242–251 (2004)

    Google Scholar 

  27. Havelund, K., Roşu, G.: Synthesizing monitors for safety properties. In: Katoen, J.-P., Stevens, P. (eds.) TACAS 2002. LNCS, vol. 2280, pp. 342–356. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  28. Kazhamiakin, R., Pandya, P., Pistore, M.: Timed modelling and analysis in web service compositions. In: ARES 2006: Proceedings of the First International Conference on Availability, Reliability and Security, ARES 2006, pp. 840–846. IEEE Computer Society, Washington, DC (2006)

    Google Scholar 

  29. Kupferman, O., Madhusudan, P., Thiagarajan, P.S., Vardi, M.Y.: Open systems in reactive environments: Control and synthesis. In: Palamidessi, C. (ed.) CONCUR 2000. LNCS, vol. 1877, pp. 92–107. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  30. Lapadula, A., Pugliese, R., Tiezzi, F.: A calculus for orchestration of web services. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 33–47. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  31. Li, J., Yarvis, M., Reiher, P.: Securing Distributed Adaptation. Computer Networks 38(3) (2002)

    Google Scholar 

  32. Marchignoli, D., Martinelli, F.: Automatic verification of cryptographic protocols through compositional analysis techniques. In: Cleaveland, W.R. (ed.) TACAS 1999. LNCS, vol. 1579, pp. 148–162. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  33. Martín, J.A., Martinelli, F., Pimentel, E.: Synthesis of secure adaptors. J. Log. Algebr. Program. 81(2), 99–126 (2012)

    Article  MATH  MathSciNet  Google Scholar 

  34. Martín, J.A., Pimentel, E.: Contracts for security adaptation. J. Log. Algebr. Program. 80(3-5), 154–179 (2011)

    Article  MATH  Google Scholar 

  35. Martinelli, F.: Languages for description and analysis of authentication protocols. In: Proceedings of 6th Italian Conference on Theoretical Computer Science, pp. 304–315 (1998)

    Google Scholar 

  36. Martinelli, F.: Analysis of security protocols as open systems. Theoretical Computer Science 290(1), 1057–1106 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  37. Martinelli, F., Matteucci, I.: A framework for automatic generation of security controller. In: STVR (2010)

    Google Scholar 

  38. Martinelli, F., Matteucci, I.: Synthesis of web services orchestrators in a timed setting. In: Dumas, M., Heckel, R. (eds.) WS-FM 2007. LNCS, vol. 4937, pp. 124–138. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  39. Martinelli, F., Petrocchi, M., Vaccarelli, A.: Automated Analysis of Some Security Mechanisms of SCEP. In: Chan, A.H., Gligor, V. (eds.) ISC 2002. LNCS, vol. 2433, pp. 414–427. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  40. Martinelli, F., Petrocchi, M., Vaccarelli, A.: Formal analysis of some secure procedures for certificate delivery. STVR 16(1), 33–59 (2006)

    Google Scholar 

  41. Merlin, P., Bochmann, G.V.: On the Construction of Submodule Specification and Communication Protocols. ACM Transactions on Programming Languages and Systems 5, 1–25 (1983)

    Article  MATH  Google Scholar 

  42. Milner, R.: Communication and Concurrency. Prentice-Hall, Inc., Upper Saddle River (1989)

    MATH  Google Scholar 

  43. OMG. Business Process Model and Notation (BPMN)

    Google Scholar 

  44. OMG. Introduction To OMG’s Unified Modeling Language

    Google Scholar 

  45. Oquendo, F.: p-ADL for WS-Composition: A Service-Oriented Architecture Description Language for the Formal Development of Dynamic Web Service Compositions. In: SBCARS, pp. 52–66 (2008)

    Google Scholar 

  46. Papazoglou, M.P.: Web Services - Principles and Technology. Prentice-Hall, Inc. (2008)

    Google Scholar 

  47. Pinchinat, S., Riedweg, S.: A Decidable Class of Problems for Control under Partial Observation, vol. 95, pp. 454–460 (2005)

    Google Scholar 

  48. Pistore, M., Roberti, P., Traverso, P.: Process-Level Composition of Executable Web Services: “On-the-fly” Versus “Once-for-all” Composition. In: Gómez-Pérez, A., Euzenat, J. (eds.) ESWC 2005. LNCS, vol. 3532, pp. 62–77. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  49. Pistore, M., Traverso, P., Bertoli, P.: Automated Composition of Web Services by Planning in Asynchronous Domains. In: ICAPS, pp. 2–11 (2005)

    Google Scholar 

  50. Qayyum, Z., Oquendo, F.: .NET Extensions to the p-architecture Description Languages. In: SEKE, pp. 244–249 (2008)

    Google Scholar 

  51. Raclet, J., Pinchinat, S.: The control of non-deterministic systems: A logical approach. In: Proc. 16th IFAC Word Congress, Prague, Czech Republic (2005)

    Google Scholar 

  52. Reisig, W.: Modeling- and analysis techniques for web services and business processes. In: Steffen, M., Zavattaro, G. (eds.) FMOODS 2005. LNCS, vol. 3535, pp. 243–258. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  53. Riedweg, S., Pinchinat, S.: Quantified Mu-Calculus for Control Synthesis. In: Rovan, B., Vojtáš, P. (eds.) MFCS 2003. LNCS, vol. 2747, pp. 642–651. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  54. Riedweg, S., Pinchinat, S.: You Can Always Compute Maximally Permissive Controllers Under Partial Observation When They Exist. In: Proc. 2005 American Control Conference, Portland, Oregon (2005)

    Google Scholar 

  55. Rosu, G., Havelund, K.: Synthesizing Dynamic Programming Algorithms from Linear Temporal Logic Formulae. Technical report (2001)

    Google Scholar 

  56. Salaun, G., Bordeaux, L., Schaerf, M.: Describing and Reasoning on Web Services using Process Algebra. In: Proceedings of the IEEE International Conference on Web Services (ICWS 2004), p. 43. IEEE Computer Society, Washington, DC (2004)

    Chapter  Google Scholar 

  57. Turuani, M.: The CL-Atse Protocol Analyser. In: Pfenning, F. (ed.) RTA 2006. LNCS, vol. 4098, pp. 277–286. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  58. Viganò, L.: Automated Security Protocol Analysis with the AVISPA Tool. ENTCS 155, 69–86 (2006)

    Google Scholar 

  59. W3C. Xquery 3.0: An xml query language

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. E.T.S. Ingeniería Informática, Universidad de Málaga, Campus de Teatinos, 29071, Málaga, Spain

    Jose A. Martín & Ernesto Pimentel

  2. Istituto di Informatica e Telematica - C.N.R., Pisa, Italy

    Fabio Martinelli & Ilaria Matteucci

  3. INRIA, France

    Mathieu Turuani

Authors
  1. Jose A. Martín
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fabio Martinelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ilaria Matteucci
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ernesto Pimentel
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mathieu Turuani
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. INKO, Software Engineering, Universität Duisburg-Essen, 47048, Duisburg, Germany

    Maritta Heisel

  2. Department of Computer Science, KU Leuven, Celestijnenlaan 200A, 3001, Heverlee, Belgium

    Wouter Joosen

  3. Computer Science Department, Network, Information and Computer Security Lab, University of Malaga, 29071, Malaga, Spain

    Javier Lopez

  4. Istituto di Informatica e Telematica (IIT), Consiglio Nazionale delle Ricerche (CNR), Via G. Moruzzi 1, 56124, Pisa, Italy

    Fabio Martinelli

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Martín, J.A., Martinelli, F., Matteucci, I., Pimentel, E., Turuani, M. (2014). On the Synthesis of Secure Services Composition. In: Heisel, M., Joosen, W., Lopez, J., Martinelli, F. (eds) Engineering Secure Future Internet Services and Systems. Lecture Notes in Computer Science, vol 8431. Springer, Cham. https://doi.org/10.1007/978-3-319-07452-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-07452-8_6

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-07451-1

  • Online ISBN: 978-3-319-07452-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation