Skip to main content
SpringerLink
Log in

Rule-Based Security Capabilities Matching for Web Services

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

A primary problem for security aware Web service discovery is how to discover security capabilities of Web services and how these security capabilities can be matched with security requirements of various requesters. Presently, most approaches are based on syntactic matching, which is prone to result in false negative because of lacking of semantics. In this paper, we propose a rule-based approach to decide whether security capabilities match security requirements. Based on a semantic model of security policy, security capabilities are inferred from security policy of Web services. General Web service security ontology is proposed to semantically model security requirements of various service requesters. The architecture of rule-based matching engine is also presented to describe the whole matching process. The prototype system and case study show that the proposed approach is flexible and feasible.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Milanovic, N., & Malek, M. (2004). Current solutions for Web service composition. IEEE Internet Computing, 8(6), 51–59.

    Article  Google Scholar 

  2. Kagal, L., Paolucci, M., Srinivasan, N., Denker, G., Finin, T., & Sycara, K. (2004). Authorization and privacy for semantic Web services. Journal of IEEE Intelligent Systems, 19(4), 50–56.

    Article  Google Scholar 

  3. Silas, S., Ezra, K., & Rajsingh, E. B. (2012). A novel fault tolerant service selection framework for pervasive computing. Human-Centric Computing and Information Sciences, 2(5), 5–18.

    Article  Google Scholar 

  4. Wang, X., Sang, Y., Liu, Y., & Luo, Y. (2011). Considerations on security and trust measurement for virtualized environment. Journal of Convergence, 2(2), 19–24.

    Google Scholar 

  5. Shalaby, M., & El-Kassas, S. (2012). Applying scrum framework in the IT service support domain. Journal of Convergence, 3(1), 21–28.

    Google Scholar 

  6. Nadalin, A., Goodner, M., Gudgin, M., Barbir, A., & Grangvist, H. (2007). WS-SecurityPolicy 1.2. Resource document. OASIS. http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf. Accessed 23 July 2012 .

  7. Luo, H., & Shyu, M. L. (2011). Quality of service provision in mobile multimedia—A survey. Human-Centric Computing and Information Sciences, 1(1), 5–19.

    Article  Google Scholar 

  8. He, D. D., Compton, M., Taylor, K., & Yang, J. (2009). Access control: What is required in business collaboration? In Proceedings of 20th Australasian conference on Australasian database, pp. 105–114.

  9. Carminati, B., Ferrari, F., Bishop, R., & Huang, P. C. K. (2007). Security conscious Web service composition with semantic Web support. In Proceedings of the 23rd IEEE international conference on data engineering, pp. 695–704.

  10. McGuinness, D. L., & Harmelen F. V. (2004). OWL Web ontology language overview. W3C. http://www.w3.org/TR/owl-features/. Accessed 23 July 2012.

  11. Vedamuthu, A. S., Orchard, D., Hirsch, F., Hondo, M., Yendluri, P., Boubez, T., & Yalcinalp, U. (2007). Web services policy 1.5-Framework. Resource document. W3C. http://www.w3.org/TR/2007/REC-ws-policy-20070904/. Accessed 23 July 2012.

  12. Martin, D., Burstein, M., Hobbs, J., Lassila, O., McMermott, D., McIlraith, S., et al. (2006). OWL-S: Semantic markup for Web services. W3C. http://www.w3.org/Submission/2004/SUBM-OWL-S-20041122/. Accessed 23 July 2012.

  13. Vladimir, K., Bijan, P., Yarden, K., & James, H. (2006). Representing Web service policies in OWL-DL. In Proceedings of the international semantic web conference, pp. 461–475.

  14. Diego, Z. G., & Maria, B. F. (2008). Ontology-based security policies for supporting the management of Web service business processes. In Proceedings of the IEEE international conference on semantic computing, pp. 331–338.

  15. Denker, G., Kagal, L., & Finin, T. (2005). Security in the semantic Web using OWL. Information Security Technical Report, 10(1), 51–58.

    Article  Google Scholar 

  16. Denker, G., Kagal, L., Finin, T., Sycara, K., & Paoucci, M. (2003). Security for DAML Web services: Annotation and matchmaking. In Proceedings of the 2nd international semantic web conference, pp. 335–350.

  17. Kim, A., Luo, J., & Kang, M. (2005). Security ontology for annotating resources. In Proceedings of 4th international conference on ontologies, databases, and applications of semantics, pp. 1483–1499.

  18. Carminati, B., Ferrari, E., & Huang, P. C. (2006). Security conscious Web service composition. In Proceedings of IEEE international conference on web service, pp. 489–496.

  19. Hu, J., Khalil, I., Han, S., & Mahmood, A. (2011). Seamless integration of dependability and security concepts in soa: A feedback control system based framework and taxonomy. Journal of Network and Computer Applications, 34, 1150–1159.

    Article  Google Scholar 

  20. Karat, J., Karat, C. M., Bertino, E., Li, N., Ni, Q., Brodie, L. C. J., et al. (2009). Policy framework for security and privacy management. IBM Journal of Research and Development, 53, 242–255.

    Article  Google Scholar 

  21. Warschofsky, R., Menzel, M., & Meinel, M. (2010). Transformation and aggregation of Web service security requirements. In Proceedings of 2010 eighth IEEE European conference on web services, pp. 43–50.

  22. Martin, J. A., & Pimentel, E. (2011). Contracts for security adaptation. The Journal of Logic and Algebraic Programming, 80, 154–179.

    Article  MATH  Google Scholar 

  23. Casola, V., Mancini, E. P., Mazzocca, N., Rak, M., & Villano, U. (2008). Self-optimization of secure Web services. Journal of Computer Communications, 31, 4312–4323.

    Article  Google Scholar 

  24. Robinson, P., Kerschbaum, F., & Schaad, A. (2006). From business process choreography to authorization policies. Lecture Notes in Computer Science, 4127, 297–309.

    Article  Google Scholar 

  25. Menzel, M., Thomas, I., & Meinel, C. (2009). Security requirements specification in service-oriented business process management. In Proceedings of 2009 international conference on availability, reliability and security, pp. 41–48.

  26. Menzel, M., & Meinel, C. (2009). A security meta-model for service-oriented architectures. In Proceedings of 2009 IEEE International Conference on Services Computing, pp. 251–259.

  27. Lin, D., Rao, P., Bertino, E., Li, N., & Lobo, J. (2010). EXAM—A comprehensive environment for the analysis of access control policies. International Journal Information Security, 9, 253–273.

    Article  Google Scholar 

  28. Horrocks, I., Patel-Schneider, P. F., Boley, H., Tabet, S., Grosof, B., & Dean, M. (2004) SWRL: A semantic Web rule language combining OWL and RuleML. W3C. http://www.w3.org/Submission/2004/SUBM-SWRL-20040521/. Accessed 23 July 2012.

Download references

Acknowledgments

This work is sponsored by the National High Technology Research and Development Program of China (863 programs) under the Grant No. 2009aa01z426, partially supported by The National Natural Science Foundation of China, under the Grant No. 60902102 and No. 60873215, the Program for Changjiang Scholars and Innovative Research Team in University (No. IRT1012), Aid Program for Science and Technology Innovative Research Team in Higher Educational Institutions for Human Province ”network technology”.

Author information

Authors and Affiliations

  1. School of Computer, National University of Defense Technology, Changsha, China

    Bo Yu, Yongjun Wang, Bofeng Zhang & Yuan Cao

  2. Center for Security, Institute of China Electronic Equipment System Engineering, Beijing, China

    Lin Yang & Linru Ma

  3. Zhengzhou Information Science and Technology Institute, Zhengzhou, China

    Xiangyang Luo

Authors
  1. Bo Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lin Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yongjun Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bofeng Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yuan Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Linru Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Xiangyang Luo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bo Yu.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Yu, B., Yang, L., Wang, Y. et al. Rule-Based Security Capabilities Matching for Web Services. Wireless Pers Commun 73, 1349–1367 (2013). https://doi.org/10.1007/s11277-013-1254-1

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-013-1254-1

Keywords

Search

Navigation