Abstract
Performing runtime verification of composite web services is one of the actual main research challenges. This paper presents a formal approach for dynamically enforcing security policies on web services choreographies. We define a security framework for monitoring choreographed web services by inlining a monitor that checks whether a choreography adheres to some constraints dictated by a security policy. Therefore, this monitor prohibits the execution of undesirable behaviors during runtime and does not change the original behavior of the choreography until an action is about to violate the security policy.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Corporation, I.: Business process execution language for web services bpel-4ws (2002). http://www.ibm.com/developerworks/library/ws-bpel/
Kavantzas, N., Burdett, D., Ritzinger, G., Fletcher, T., Lafon, Y.: Web services choreography description language version 1.0. W3C Working Draft, December 2004
Morrisett, G., Walker, D., Crary, K., Glew, N.: From system f to typed assembly language. ACM Trans. Program. Lang. Syst. 21(3), 527–568 (1999)
Necula, G.C.: Proof-carrying code. In: Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. POPL ’97, pp. 106–119. ACM, New York, NY, USA (1997)
Ligatti, J., Bauer, L., Walker, D.: Edit automata: enforcement mechanisms for run-time security policies. Int. J. Inf. Secur. 4(1–2), 2–16 (2005)
Martinell, F., Matteucci, I.: Through modeling to synthesis of security automata. In: Proceedings of the Second International Workshop on Security and Trust Management (STM 2006). Electronic Notes in Theoretical Computer Science, vol. 179, pp. 31–46 (2007)
Erlingsson, Schneider, F.: Irm enforcement of java stack inspection. In: 2000 Proceedings of IEEE Symposium on Security and Privacy, 2000. S P 2000, pp. 246–255 (2000)
Carbone, M., Honda, K., Yoshida, N.: Theoretical aspects of communication-centred programming. Electr. Notes Theor. Comput. Sci. 209, 125–133 (2008)
Milner, R., Parrow, J., Walker, D.: A calculus of mobile processes. I. Inf. Comput. 100(1), 1–40 (1992)
Honda, K., Vasconcelos, V.T., Kubo, M.: Language primitives and type discipline for structured communication-based programming. In: Hankin, C. (ed.) ESOP 1998. LNCS, vol. 1381, pp. 122–138. Springer, Heidelberg (1998)
Hennessy, M., Riely, J.: Resource access control in systems of mobile agents. Electr. Notes Theor. Comput. Sci. 16(3), 174–188 (1998)
Carbone, M., Nielsen, M., Sassone, V.: A calculus for trust management. In: Lodaya, K., Mahajan, M. (eds.) FSTTCS 2004. LNCS, vol. 3328, pp. 161–173. Springer, Heidelberg (2004)
Kozen, D.: Kleene algebra with tests. ACM Trans. Program. Lang. Syst. 19(3), 427–443 (1997)
Dumez, C., Bakhouya, M., Gaber, J., Wack, M., Lorenz, P.: Model-driven approach supporting formal verification for web service composition protocols. J. Netw. Comput. Appl. 36(4), 1102–1115 (2013)
Tan, W., Fan, Y., Zhou, M.: A petri net-based method for compatibility analysis and composition of web services in business process execution language. IEEE Trans. Autom. Sci. Eng. 6(1), 94–106 (2009)
Dranidis, D., Ramollari, E., Kourtesis, D.: Run-time verification of behavioural conformance for conversational web services. In: ECOWS, pp. 139–147 (2009)
Ardissono, L., Furnari, R., Goy, A., Petrone, G., Segnan, M.: Monitoring choreographed services. In: Sobh, T. (ed.) Innovations and Advanced Techniques in Computer and Information Sciences and Engineering, pp. 283–288. Springer, Netherlands (2007)
Gay, R., Mantel, H., Sprick, B.: Service automata. In: Barthe, G., Datta, A., Etalle, S. (eds.) FAST 2011. LNCS, vol. 7140, pp. 148–163. Springer, Heidelberg (2012)
She, W., Yen, I., Thuraisingham, B.M., Bertino, E.: Security-aware service composition with fine-grained information flow control. IEEE Trans. Serv. Comput. 6(3), 330–343 (2013)
Martín, J.A., Martinelli, F., Matteucci, I., Pimentel, E., Turuani, M.: On the synthesis of secure services composition. In: Heisel, M., Joosen, W., Lopez, J., Martinelli, F. (eds.) Engineering Secure Future Internet Services and Systems. LNCS, vol. 8431, pp. 140–159. Springer, Heidelberg (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Dahmani, K., Langar, M., Robbana, R. (2015). A Formal Dynamic Verification of Choreographed Web Services Conversations. In: Au, MH., Miyaji, A. (eds) Provable Security. ProvSec 2015. Lecture Notes in Computer Science(), vol 9451. Springer, Cham. https://doi.org/10.1007/978-3-319-26059-4_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-26059-4_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26058-7
Online ISBN: 978-3-319-26059-4
eBook Packages: Computer ScienceComputer Science (R0)