Skip to main content
Springer Nature Link
Log in

A Verification Mechanism for Secured Message Processing in Business Collaboration

  • Conference paper
Advances in Data and Web Management (APWeb 2009, WAIM 2009)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 5446))

Abstract

Message processing can become unsecured resulting in unreliable business collaboration in terms of authorization policy conflicts, for example, when (1) incorrect role assignment or modification occurs in a partner’s services or (2) messages transferred from one organization are processed by unqualified roles in other collaborating business participants. Therefore, verification mechanism based on access policies is critical for managing secured message processing in business collaboration. In this paper, we exploit a role authorization model, Role-Net, which is developed based on Hierarchical Colored Petri Nets (HCPNs) to specify and manage role authorization in business collaboration. A property named Role Authorization Based Dead Marking Freeness is defined based on Role-Net to verify business collaboration reliability according to partners’ authorization policies. An algebraic verification method for secured message processing is introduced as well.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Papazoglou, M., Georgakopoulos, D.: Service-Oriented Computing. Communications of the ACM 46(10), 25–28 (2003)

    Article  Google Scholar 

  2. Wang, X., Zhang, Y., Shi, H., Yang, J.: BPEL4RBAC: An Authorisation Specification for WS-BPEL. In: Bailey, J., Maier, D., Schewe, K.-D., Thalheim, B., Wang, X.S. (eds.) WISE 2008. LNCS, vol. 5175, pp. 381–395. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  3. Sandhu, R.S., Coyne, E., Feinstein, H., Youman, C.: Role-based Access Control Models. IEEE Computer 29(2), 38–47 (1996)

    Article  Google Scholar 

  4. Ferraiolo, D., Cugini, J., Kuhn, R.: Role Based Access Control: Features and Motivations. In: Proceedings of ACSAC (1995)

    Google Scholar 

  5. Girault, C., Valk, R.: Petri Nets for Systems Engineering: A Guide to Modeling, Verification, and Applications. Springer, Heidelberg (2003)

    Book  MATH  Google Scholar 

  6. Sun, H., Wang, X., Yang, J., Zhang, Y.: Authorization Policy Based Business Collaboration Reliability Verification. In: Proceedings of ICSOC, pp. 579–584 (2008)

    Google Scholar 

  7. Song, Y., Lee, J.: Deadlock Analysis of Petri Nets Using the Transitive Matrix. In: Proceedings of the SICE Annual Conference, pp. 689–694 (2002)

    Google Scholar 

  8. Paci, F., Ouzzani, M., Mecella, M.: Verification of Access Control Requirements in Web Services Choreography. In: Proceedings of the IEEE International Conference on Service Computing, pp. 5–12 (2008)

    Google Scholar 

  9. Bertino, E., Crampton, J., Paci, F.: Access Control and Authorization Constraints for WS-BPEL. In: Proceedings of the IEEE International Conference on Web Services, pp. 275–284 (2006)

    Google Scholar 

  10. Liu, P., Chen, Z.: An Access Control Model for Web Services in Business Process. In: Proceedings of the 2004 IEEE/WIC/ACM International Conference on Web Intelligence, pp. 292–298 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computing, Macquarie University, Sydney, NSW2109, Australia

    Haiyang Sun & Jian Yang

  2. School of Computer Science and Mathematics, Victoria University, Melbourne, Victoria, Australia

    Xin Wang & Yanchun Zhang

Authors
  1. Haiyang Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jian Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yanchun Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, City University of Hong Kong, 83 Tat Chee Avenue, Kowloon, Hong Kong, China

    Qing Li

  2. Department of Computer Science & Technology, Tsinghua University, Beijing, China

    Ling Feng

  3. School of Computing Science, Simon Fraser University, 8888 University Drive, V5A 1S6, Burnaby BC, Canada

    Jian Pei

  4. Department of Computer Science, University of Vermont, VT 05405, Burlington, USA

    Sean X. Wang

  5. School of Information Technology and Electrical Engineering, The University of Queensland, QLD 4072, Brisbane, Australia

    Xiaofang Zhou

  6. Jiangsu Provincial Key Lab of Computer Information Processing Technology School of Computer Science & Technology, Soochow University China, 1 shizi Street Suzhou, 215006, Jiangsu, China

    Qiao-Ming Zhu

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sun, H., Yang, J., Wang, X., Zhang, Y. (2009). A Verification Mechanism for Secured Message Processing in Business Collaboration. In: Li, Q., Feng, L., Pei, J., Wang, S.X., Zhou, X., Zhu, QM. (eds) Advances in Data and Web Management. APWeb WAIM 2009 2009. Lecture Notes in Computer Science, vol 5446. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00672-2_42

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-00672-2_42

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-00671-5

  • Online ISBN: 978-3-642-00672-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation