Skip to main content
Springer Nature Link
Log in

Regulating Data Exchange in Service Oriented Applications

  • Conference paper
International Symposium on Fundamentals of Software Engineering (FSEN 2007)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 4767))

Included in the following conference series:

  • 390 Accesses

Abstract

We define a type system for COWS, a formalism for specifying and combining services, while modelling their dynamic behaviour. Our types permit to express policies constraining data exchanges in terms of sets of service partner names attachable to each single datum. Service programmers explicitly write only the annotations necessary to specify the wanted policies for communicable data, while a type inference system (statically) derives the minimal additional annotations that ensure consistency of services initial configuration. Then, the language dynamic semantics only performs very simple checks to authorize or block communication. We prove that the type system and the operational semantics are sound. As a consequence, we have the following data protection property: services always comply with the policies regulating the exchange of data among interacting services. We illustrate our approach through a simplified but realistic scenario for a service-based electronic marketplace.

This work has been supported by the EU project SENSORIA, IST-2005-016004.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Schneider, F.B., Morrisett, G., Harper, R.: A language-based approach to security. In: Wilhelm, R. (ed.) Informatics. LNCS, vol. 2000, pp. 86–101. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  2. Brogi, A., Canal, C., Pimentel, E., Vallecillo, A.: Formalizing web service choreographies. ENTCS 105, 73–94 (2004)

    Google Scholar 

  3. Viroli, M.: Towards a formal foundational to orchestration languages. ENTCS 105, 51–71 (2004)

    Google Scholar 

  4. Geguang, P., Xiangpeng, Z., Shuling, W., Zongyan, Q.: Towards the semantics and verification of bpel4ws. In: WLFM, Elsevier, Amsterdam (2005)

    Google Scholar 

  5. Busi, N., Gorrieri, R., Guidi, C., Lucchi, R., Zavattaro, G.: Choreography and orchestration conformance for system design. In: Ciancarini, P., Wiklicky, H. (eds.) COORDINATION 2006. LNCS, vol. 4038, pp. 63–81. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  6. Laneve, C., Padovani, L.: Smooth orchestrators. In: Aceto, L., Ingólfsdóttir, A. (eds.) FOSSACS 2006 and ETAPS 2006. LNCS, vol. 3921, pp. 32–46. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  7. Lapadula, A., Pugliese, R., Tiezzi, F.: A WSDL-based type system for WS-BPEL. In: Ciancarini, P., Wiklicky, H. (eds.) COORDINATION 2006. LNCS, vol. 4038, pp. 145–163. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  8. Guidi, C., Lucchi, R., Gorrieri, R., Busi, N., Zavattaro, G.: SOCK: a calculus for service oriented computing. In: Dan, A., Lamersdorf, W. (eds.) ICSOC 2006. LNCS, vol. 4294, pp. 327–338. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  9. Lapadula, A., Pugliese, R., Tiezzi, F.: A Calculus for Orchestration of Web Services. In: ESOP. LNCS, vol. 4421, pp. 33–47. Springer, Heidelberg (2007)

    Google Scholar 

  10. De Nicola, R., Gorla, D., Pugliese, R.: Confining data and processes in global computing applications. Science of Computer Programming 63, 57–87 (2006)

    Article  MATH  MathSciNet  Google Scholar 

  11. OASIS. Web Services Business Process Execution Language Version 2.0. Technical report, WS-BPEL TC OASIS (August 2006), http://www.oasis-open.org/

  12. Lapadula, A., Pugliese, R., Tiezzi, F.: A Calculus for Orchestration of Web Services (full version). Technical report, Dipartimento di Sistemi e Informatica, Univ. Firenze (2007), http://rap.dsi.unifi.it/cows

  13. Goguen, H.: Typed operational semantics. In: Dezani-Ciancaglini, M., Plotkin, G. (eds.) TLCA 1995. LNCS, vol. 902, pp. 186–200. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  14. Merro, M., Sangiorgi, D.: On asynchrony in name-passing calculi. Mathematical Structures in Computer Science 14(5), 715–767 (2004)

    Article  MATH  MathSciNet  Google Scholar 

  15. Lapadula, A., Pugliese, R., Tiezzi, F.: Regulating data exchange in service oriented applications (full version). Technical report, Dipartimento di Sistemi e Informatica, Univ. Firenze (2007), http://rap.dsi.unifi.it/cows

  16. Ross-Talbot, S., Fletcher, T.: Web services choreography description language: Primer (working draft). Technical report, W3C (June 2006)

    Google Scholar 

  17. Kirli, Z.D.: Confined mobile functions. In: CSFW, pp. 283–294. IEEE, Los Alamitos (2001)

    Google Scholar 

  18. Cardelli, L., Ghelli, G., Gordon, A.D.: Types for the ambient calculus. Inf. Comput. 177(2), 160–194 (2002)

    MATH  MathSciNet  Google Scholar 

  19. Cardelli, L., Ghelli, G., Gordon, A.D.: Secrecy and group creation. Inf. Comput. 196(2), 127–155 (2005)

    Article  MATH  MathSciNet  Google Scholar 

  20. Vitek, J., Bokowski, B.: Confined types in java. SPE 31(6), 507–532 (2001)

    MATH  Google Scholar 

  21. Zhao, T., Palsber, J., Vitek, J.: Lightweight confinement for featherweight java. In: OOPSLA, pp. 135–148. ACM Press, New York (2003)

    Google Scholar 

  22. Carbone, M., Honda, K., Yoshida, N.: A calculus of global interaction based on session types. In: DCM, Elsevier, Amsterdam (2006) (to appear as ENTCS)

    Google Scholar 

  23. Yoshida, N., Vasconcelos, V.T.: Language primitives and type discipline for structured communication-based programming revisited: Two systems for higher-order session communication. In: SecReT. ENTCS, Elsevier, Amsterdam (2006)

    Google Scholar 

  24. Kobayashi, N.: Type systems for concurrent programs. In: Aichernig, B.K., Maibaum, T.S.E. (eds.) Formal Methods at the Crossroads. From Panacea to Foundational Support. LNCS, vol. 2757, pp. 439–453. Springer, Heidelberg (2003)

    Google Scholar 

  25. Igarashi, A., Kobayashi, N.: A generic type system for the pi-calculus. Theor. Comput. Sci. 311(1-3), 121–163 (2004)

    Article  MATH  MathSciNet  Google Scholar 

  26. Kobayashi, N., Suenaga, K., Wischik, L.: Resource usage analysis for the π-calculus. In: Emerson, E.A., Namjoshi, K.S. (eds.) VMCAI 2006. LNCS, vol. 3855, pp. 298–312. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  27. Laneve, C., Zavattaro, G.: Foundations of web transactions. In: Sassone, V. (ed.) FOSSACS 2005. LNCS, vol. 3441, pp. 282–298. Springer, Heidelberg (2005)

    Google Scholar 

  28. Mazzara, M., Lucchi, R.: A pi-calculus based semantics for WS-BPEL. Journal of Logic and Algebraic Programming 70(1), 96–118 (2006)

    MathSciNet  Google Scholar 

  29. Bruni, R., Melgratti, H.C., Montanari, U.: Theoretical foundations for compensations in flow composition languages. In: POPL, pp. 209–220. ACM Press, New York (2005)

    Chapter  Google Scholar 

  30. Bruni, R., Butler, M., Ferreira, C., Hoare, T., Melgratti, H.C., Montanari, U.: Comparing two approaches to compensable flow composition. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, pp. 383–397. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  31. Garcia-Molina, H., Salem, K.: Sagas. In: SIGMOD, pp. 249–259. ACM Press, New York (1987)

    Google Scholar 

  32. Bartoletti, M., Degano, P., Ferrari, G.: Security Issues in Service Composition. In: Gorrieri, R., Wehrheim, H. (eds.) FMOODS 2006. LNCS, vol. 4037, pp. 1–16. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Sistemi e Informatica Università degli Studi di Firenze,  

    Alessandro Lapadula, Rosario Pugliese & Francesco Tiezzi

Authors
  1. Alessandro Lapadula
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rosario Pugliese
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Francesco Tiezzi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Farhad Arbab Marjan Sirjani

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lapadula, A., Pugliese, R., Tiezzi, F. (2007). Regulating Data Exchange in Service Oriented Applications. In: Arbab, F., Sirjani, M. (eds) International Symposium on Fundamentals of Software Engineering. FSEN 2007. Lecture Notes in Computer Science, vol 4767. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75698-9_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-75698-9_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-75697-2

  • Online ISBN: 978-3-540-75698-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics