Abstract
Security is one of the main aspects of Web Services composition. In this paper we describe a logical approach based on partial model checking technique and open system analysis for the verification and synthesis of secure service orchestrators. Indeed through this framework we are able to specify a system with a possible intruder and verify whether the whole system is secure, i.e., whether the system satisfies a given temporal logic formula that describes a correct behavior (security property). Moreover we are able to define an orchestrator operator able to orchestrate several services in such a way to guarantee both functional and security requirements.
Work partially supported by the EU project FP7-257930 Aniketos: Ensuring Trustworthiness and Security in Service Composition and by the EU project FP7-256980 Nessos: Network of Excellence on Engineering Secure Future Internet Software Services and Systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Andersen, H.R.: Partial model checking. In: LICS, p. 398. IEEE (1995)
Martinelli, F.: Languages for description and analysis of authentication protocols. In: Proceedings of 6th Italian Conference on Theoretical Computer Science, pp. 304–315 (1998)
Martinelli, F.: Analysis of security protocols as open systems. TCS 290(1), 1057–1106 (2003)
Milner, R.: Communication and Concurrency. Prentice-Hall, Inc., Upper Saddle River (1989)
Ciancia, V., Martin, J.A., Martinelli, F., Matteucci, I., Petrocchi, M., Pimentel, E.: A tool for the synthesis of cryptographic orchestrators. In: Model Driven Security Workshop, MDSEC. ACM (2012)
Martinelli, F.: Formal Methods for the Analysis of Open Systems with Applications to Security Properties. PhD thesis, University of Siena (1998)
Marchignoli, D., Martinelli, F.: Automatic verification of cryptographic protocols through compositional analysis techniques. In: Cleaveland, W.R. (ed.) TACAS 1999. LNCS, vol. 1579, pp. 148–162. Springer, Heidelberg (1999)
Martinelli, F., Petrocchi, M., Vaccarelli, A.: Formal analysis of some secure procedures for certificate delivery. Softw. Test., Verif. Reliab. 16(1), 33–59 (2006)
Ciancia, V., Martinelli, F., Matteucci, I., Morisset, C.: Quantitative evaluation of enforcement strategies. In: Proceedings of FPS 2013. LNCS, vol. 8352 (2013)
Baldoni, M., Baroglio, C., Martelli, A., Patti, V.: Reasoning about interaction protocols for web service composition. Electr. Notes Theor. Comput. Sci. 105, 21–36 (2004)
Bao, L., Zhang, W., Zhang, X.: Describing and Verifying Web Service Using CCS. In: PDCAT
Cámara, J., Canal, C., Cubo, J., Vallecillo, A.: Formalizing wsbpel business processes using process algebra. Electr. Notes Theor. Comput. Sci. 154(1), 159–173 (2006)
Ferrara, A.: Web services: a process algebra approach. In: Aiello, M., Aoyama, M., Curbera, F., Papazoglou, M.P. (eds.) ICSOC, pp. 242–251. ACM (2004)
Salaun, G., Bordeaux, L., Schaerf, M.: Describing and reasoning on web services using process algebra. In: Proceedings of the IEEE International Conference on Web Services (ICWS 2004), p. 43. IEEE Computer Society, Washington, DC (2004)
Reisig, W.: Modeling- and analysis techniques for web services and business processes. In: Steffen, M., Zavattaro, G. (eds.) FMOODS 2005. LNCS, vol. 3535, pp. 243–258. Springer, Heidelberg (2005)
Bartoletti, M., Degano, P., Ferrari, G.L.: Plans for service composition. In: Workshop on Issues in the Theory of Security, WITS (2006)
Bartoletti, M., Degano, P., Ferrari, G.L.: Types and effects for secure service orchestration. In: Proc. 19th Computer Security Foundations Workshop, CSFW (2006)
Bartoletti, M., Degano, P., Ferrari, G.L.: Security issues in service composition. In: Gorrieri, R., Wehrheim, H. (eds.) FMOODS 2006. LNCS, vol. 4037, pp. 1–16. Springer, Heidelberg (2006)
Pistore, M., Roberti, P., Traverso, P.: Process-level composition of executable web services: “On-the-fly” versus “Once-for-all” composition. In: Gómez-Pérez, A., Euzenat, J. (eds.) ESWC 2005. LNCS, vol. 3532, pp. 62–77. Springer, Heidelberg (2005)
Pistore, M., Traverso, P., Bertoli, P.: Automated composition of web services by planning in asynchronous domains. In: Biundo, S., Myers, K.L., Rajan, K. (eds.) ICAPS, pp. 2–11. AAAI (2005)
Busi, N., Gorrieri, R., Guidi, C., Lucchi, R., Zavattaro, G.: Choreography and orchestration: A synergic approach for system design. In: Benatallah, B., Casati, F., Traverso, P. (eds.) ICSOC 2005. LNCS, vol. 3826, pp. 228–240. Springer, Heidelberg (2005)
Brucker, A.D., Hang, I., Lückemeyer, G., Ruparel, R.: Securebpmn: modeling and enforcing access control requirements in business processes. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, SACMAT 2012, pp. 123–126. ACM, New York (2012)
Lapadula, A., Pugliese, R., Tiezzi, F.: A calculus for orchestration of web services. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 33–47. Springer, Heidelberg (2007)
Arsac, W., Compagna, L., Pellegrino, G., Ponta, S.E.: Security validation of business processes via model-checking. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 29–42. Springer, Heidelberg (2011)
Martinelli, F., Matteucci, I.: A framework for automatic generation of security controller. STVR (2010)
Maler, O., Pnueli, A., Sifakis, J.: On the synthesis of discrete controllers for timed systems. In: Mayr, E.W., Puech, C. (eds.) STACS 1995. LNCS, vol. 900, pp. 229–242. Springer, Heidelberg (1995)
Martín, J.A., Martinelli, F., Pimentel, E.: Synthesis of secure adaptors. J. Log. Algebr. Program. 81(2), 99–126 (2012)
Martín, J.A., Pimentel, E.: Contracts for security adaptation. J. Log. Algebr. Program. 80(3-5), 154–179 (2011)
Chevalier, Y., Mekki, M.A., Rusinowitch, M.: Automatic composition of services with security policies. In: IEEE SERVICES 2008 - Part I, pp. 529–537 (2008)
Viganò, L.: Automated security protocol analysis with the AVISPA tool. ENTCS 155, 69–86 (2006)
Armando, A., et al.: The AVANTSSAR platform for the automated validation of trust and security of service-oriented architectures. In: Flanagan, C., König, B. (eds.) TACAS 2012. LNCS, vol. 7214, pp. 267–282. Springer, Heidelberg (2012)
Li, J., Yarvis, M., Reiher, P.: Securing distributed adaptation. Computer Networks 38(3) (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Martinelli, F., Matteucci, I. (2014). Partial Model Checking for the Verification and Synthesis of Secure Service Compositions. In: Katsikas, S., Agudo, I. (eds) Public Key Infrastructures, Services and Applications. EuroPKI 2013. Lecture Notes in Computer Science, vol 8341. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-53997-8_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-53997-8_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-53996-1
Online ISBN: 978-3-642-53997-8
eBook Packages: Computer ScienceComputer Science (R0)