Abstract
One important challenge the Aniketos platform has to address is the effective monitoring of services at runtime to ensure that services behave as promised. A service developer plays the role that is responsible for constructing service compositions and the service provider is responsible for offering them to consumers of the Aniketos platform. Typically, service consumers will have different needs and requirements; they have varying business goals and different expectations from a service, for example in terms of functionality, quality of service and security needs. Given this, it is important to ensure that a service should deliver for which it has been selected and should match the consumer’s expectations. If it fails, the system should take appropriate subsequent reactions, e.g., notifications to the service consumer or service designer.
In this chapter, we present the policy-driven monitoring framework which is developed as part of the Aniketos project. The monitoring framework allows different user-specified policies to be monitored simultaneously. The monitoring is performed at the business level, as well as at the implementation level, which allows for checking the policies of composite services as well as atomic ones. The framework sends an alarm in case of policy violation to notify the interested parties and triggers re-composition or re-configuration of the service.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Ghezzi, C., Guinea, S.: Run-time Monitoring in Service Oriented Architectures. In: Test and Analysis of Web Services. Springer, Heidelberg (2007)
OMG, Business Process Model and Notation (BPMN) Version 2.0 (2011), http://www.omg.org/spec/BPMN/2.0/
Rademakers, T.: Activiti in Action:Executable business processes in BPMN 2.0. Manning Publications (2012)
Baresi, L., Guinea, S., Nano, O., Spanoudakis, G.: Comprehensive monitoring of BPEL processes. IEEE Internet Computing 14(3), 50–57 (2010)
Haiteng, Z., Zhiqing, S., Hong, Z.: Runtime Monitoring Web Services Implemented in BPEL. In: International Conference on Uncertainty Reasoning and Knowledge Engineering (URKE), Bali, Indonesia, vol. 1, pp. 228–231 (2011)
Wu, G., Wei, J., Huang, T.: Flexible Pattern Monitoring for WS-BPEL through Stateful Aspect Extension. In: Proc. of the IEEE Intl. Conf. on Web Services (ICWS 2008), Beijing, China, pp. 577–584 (2008)
Baresi, L., Ghezzi, C., Guinea, S.: Smart Monitors for Composed Services. In: Proceedings of the 2nd International Conference on Service Oriented Computing (ICSOC 2004), New York, USA, pp. 193–202 (2004)
Aniketos Consortium, Deliverable D9.2: Demonstration material and events from the complete project (2012)
eXtensible Access Control Markup Language (XACML) Version 3.0, http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.pdf
Shanahan, M.: The Event Calculus Explained. In: Veloso, M.M., Wooldridge, M.J. (eds.) Artificial Intelligence Today. LNCS (LNAI), vol. 1600, pp. 409–430. Springer, Heidelberg (1999)
Bonatti, P.A., De Coi, J.L., Olmedilla, D., Sauro, L.: PROTUNE: A Rule-based PROvisionalTrUst Negotia-tion Framework (2010)
Aktug, I., Naliuka, K.: ConSpec: A Formal Language for Policy Specification. In: Proceedings of the First International Workshop on Run Time Enforcement for Mobile and Distributed Systems (2007)
Erlingsson, U.: The inlined reference monitor approach to security policy enforcement. PhD thesis, Department of Computer Science, Cornell University (2004)
Brucker, A.D.: Integrating Security Aspects into Business Process Models. IT - Information Technology 55(6), 239–246 (2013)
S3MS project, http://researchprojects.kth.se/index.php/kb_1/io_9718/io.html
Activiti engine, http://www.activiti.org/
Aniketos Consortium, Deliverable D9.2: Demonstration material and events from the complete project (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Asim, M., Yautsiukhin, A., Brucker, A.D., Lempereur, B., Shi, Q. (2014). Security Policy Monitoring of Composite Services. In: Brucker, A.D., Dalpiaz, F., Giorgini, P., Meland, P.H., Rios, E. (eds) Secure and Trustworthy Service Composition. Lecture Notes in Computer Science, vol 8900. Springer, Cham. https://doi.org/10.1007/978-3-319-13518-2_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-13518-2_13
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-13517-5
Online ISBN: 978-3-319-13518-2
eBook Packages: Computer ScienceComputer Science (R0)