Skip to main content
SpringerLink
Log in

A policy enforcement framework for verification and control of service collaboration

  • Original Article
  • Published:
Information Systems and e-Business Management Aims and scope Submit manuscript

Abstract

This paper proposes a policy enforcement framework to dynamically verify and control the collaboration process in Service-Oriented Architecture (SOA). Dynamic SOA collaboration is different from traditional service collaboration where the workflow is pre-defined at design time while the services used can be discovered at runtime. In dynamic collaboration, both the workflows and services can be determined at runtime. As they will be determined at runtime, many verification activities can be performed at runtime. This paper proposes a dynamic policy enforcement framework that follows the dynamic SOA collaboration process to ensure that various system constraints can be enforced at runtime. The framework includes a policy specification language, a policy completeness and consistency checking, and distributed policy enforcement. Finally, this paper presents the construction of a sample example to illustrate these features with quantitative performance data.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22

Similar content being viewed by others

Abbreviations

CIM:

Common Information Model

C&C:

Consistence and Completeness

C-E Tree:

Conditions-events tree

CPA:

Collaboration Protocol Agreement

CPP:

Collaboration Protocol Profile

DCP:

Dynamic Collaboration Protocol

DNF:

Disjunctive Normal Form

ebSOA:

Electronic Business Service Oriented Architecture

ebXML:

Electronic Business using eXtensible Markup Language

IETF:

The Internet Engineering Task Force

KB:

Knowledge Base

K-maps:

Karnaugh Maps

OWL-DL:

Web Ontology Language Description Logics

PDP:

Policy Decision Points

PEP:

Policy Enforcement Points

Pi4SOA:

Policy Infrastructure for SOA

PSL:

Policy Specification Language

PSML-C:

Process Specification and Modeling Language for Collaboration

PSML-P:

Process Specification and Modeling Language for Policy

PSML-S:

Process Specification and Modeling Language for Service

OASIS:

Organization for the Advancement of Structured Information Standards

QoS:

Quality of Service

RuleML:

Rule Markup Language

SCA:

Service Component Architecture

SOA:

Service-Oriented Architecture

tModel:

Technical Interface Model

UDDI:

Universal Description Discovery and Integration

UN/CEFACT:

United Nations Centre for Trade facilitation and Electronic Business

WCF:

Windows Communication Foundation

WSDL:

Web Service Definition Language

WSPL:

Web Service Policy Language

WS-Policy:

The Web Services Policy Framework

WS-PolicyConstraints:

Web Service Policy Constraint Language

WWF:

Windows Workflow Foundation

W3C:

The World Wide Web Consortium

XACML:

eXtensible Access Control Markup Language

XML:

Extensible Markup Language

References

  • Agrawal D, Giles J, Lee KW, Voruganti K, Filali-Adib K (2004) Policy-based validation of SAN configuration. In: Proceedings of 5th IEEE international workshop on policies for distributed systems and networks (POLICY’04), pp 77–86

  • Andersen AH (2004) An introduction to the Web services policy language (WSPL). In: Proceedings of 5th IEEE international workshop on policies for distributed systems and networks, POLICY 2004. Yorktown Heights, pp 189–192

  • Anderson A (2006) Web Services Policies. IEEE Secur Priv Mag 4(3):84–87

    Article  Google Scholar 

  • BizTalk Server Policy (2002) http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sdk/ htm/ebiz_prog_rules_xxxf.asp

  • Chandramouli R (2003) a Policy validation framework for enterprise authorization specification. In: Proceedings of 19th annual computer security application conference, Las Vegas, USA, December 2003

  • Damianou N, Bandara A, Sloman M, Lupu E (2002) A survey of policy specification approaches, technical report, Department of Computing at Imperial College of Science Technology and Medicine

  • Goguen J, Meseguer J (1982) Security policies and security models. In: Proceedings of IEEE symposium on security and privacy, Oakland, USA, April 1982

  • Hirtle D, Boley H, Grosof B, Kifer M, Sintek M, Tabet S, Wagner G (2006) Schema specification of RuleML 0.91. http://www.ruleml.org/0.91/

  • Java Policy Implementation and Policy file Syntax (1996) http://java.sun.com/j2se/1.4.2/docs/guide/ security/PolicyFiles.html

  • Kagal L, Berners-Lee T, Connolly D, Weitzner D (2006a) Self-describing delegation networks for the Web. In: Proceedings of 7th IEEE international workshop on policies for distributed systems and networks, London, pp 205–214

  • Kagal L, Berners-Lee T, Connolly D, Weitzner D (2006b) Using Semantic Web Technologies for Policy Management on the Web. In: Proceedings of 21st national conference on artificial intelligence (AAAI), Boston, USA

  • Kangasluoma V (1999) Policy specification languages, technical report. Department of Computer Science at Helsinki University of Technology, November

  • Kolovski V, Parsia B, Katz Y, Hendler J (2005) Representing Web service policies in OWL-DL. In: Proceedings of the 4th international semantic Web conference, ISWC 2005, Galway, pp 461–75

  • Locasto M, SPCL (2003) Structured Policy Command Language, technical report, Department of Computer Science at Columbia University, May

  • Lupu E, Sloman M (1999) Conflicts in Policy-Based Distributed System Management. IEEE Trans Softw Eng 25(6)

  • Lymberopoulos L, Lupu E, Sloman M (2003) An adaptive policy based framework for network services management. J Netw Syst Manage 11(3):277–304 (Special Issue on Policy Based Management)

    Google Scholar 

  • McDaniel P, Prakash A (2003) A Flexible Architecture for Security Policy Enforcement. In: Proceedings of DARPA information survivability conference and exposition

  • Moore B, Ellesson E, Strassner J, Westerinen A (2001) Policy core information model—version 1 specification. IETF RFC 3060

  • OASIS, ebXML: http://www.ebxml.org/

  • OASIS (2005) XACML 2.0 Specification, http://www.oasis-open.org/specs/

  • Parsia B, Kolovski V, Hendler J (2005) Expressing WS Policies using OWL. In: Proceedings of policy management for the Web workshop, Chiba, pp 29–36

  • Patwardhan A, Korolev V, Kagal L, Joshi A (2004) Declarative policies for describing Web service capabilities and constraints. In: Proceedings of W3C workshop on constraints and capabilities for Web services, Redwood shores, USA

  • RuleML-powered Policy specification and interchange (2004) http://policy.ruleml.org/

  • Shafiq B, Masood A, Ghafoor A (2006) Policy-based verification of distributed workflows in a multi-domain environment, technical report, https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/view_entry.php?bibtex_id= 2969

  • Smith R (2001) Experimenting with Security Policy. In: Proceedings of DARPA information survivability conference and exposition

  • Tsai WT (2005) Service-oriented system engineering: a new paradigm. IEEE international workshop on service-oriented system engineering (SOSE), Beijing, pp 3–8

  • Tsai WT, Zhang D, Chen Y, Huang H, Paul R, Liao N (2004) A Software Reliability Model for Web services. In: The 8th IASTED international conference on software engineering and applications, Cambridge, pp 144–149

  • Tsai WT, Liu X, Chen Y (2005a) Distributed policy specification and enforcement in service-oriented business systems. In: Proceedings of the IEEE international conference on e-business engineering, Beijing, China, pp 10–17

  • Tsai WT, Wei X, Chen Y (2005b) A robust testing framework for verifying Web services by completeness and consistency analysis. In: IEEE international workshop on service-oriented system engineering (SOSE), Beijing, pp 151–158

  • Tsai WT, Chen Y, Paul R, Huang H, Zhou X, Wei X (2005c) Adaptive testing, Oracle generation, and test script ranking for Web services. In: 29th IEEE annual international computer software and applications conference (COMPSAC), Edinburgh, pp 101–106

  • Tsai WT, Chen Y, Paul R, Zhou X, Fan C (2006) Simulation verification and validation by dynamic policy specification and enforcement. SIMULATION. Trans Soc Model Simul 82(5):295–310

    Article  Google Scholar 

  • UDDI Version 3 Specification, available at http://uddi.org/pubs/uddi_v3.htm

  • Web Services Policy 1.2—Framework (WS-Policy) (2006) W3C member submission, 25 April 2006, available at http://www.w3.org/Submission/2006/06/

  • XACML-Based Web Services Policy Constraint Language (WS-PolicyConstraints), October 2005, available at http://research.sun.com/projects/xacml/

  • Xiao B, Tsai WT, Huang Q, Chen Y, Paul R (2006) SOA Collaboration Modeling, Analysis, and Simulation in PSML-C. In: Proceedings of the IEEE international conference on e-business engineering, Shangai, China, pp 639–646

Download references

Author information

Authors and Affiliations

  1. Arizona State University, Tempe, AZ, 85287, USA

    W. T. Tsai, Xinyu Zhou & Xiao Wei

Authors
  1. W. T. Tsai
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xinyu Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiao Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to W. T. Tsai.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Tsai, W.T., Zhou, X. & Wei, X. A policy enforcement framework for verification and control of service collaboration. ISeB 6, 83–107 (2008). https://doi.org/10.1007/s10257-007-0059-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10257-007-0059-8

Keywords

Search

Navigation