Title :
Dynamic Weaving of Security Aspects in Service Composition
Author :
Song, Haitao ; Sun, Yanming ; Yin, Yingyu ; Zheng, Shixiong
Author_Institution :
Coll. of Mech. Eng., South China Univ. of Technol., Guangzhou
Abstract :
Web service composition is to construct complex service through combining available services components as request. Service composition often has to handle the security risk that can not be predicted when the service components are developed. This paper presents an aspect-oriented (AO) approach to enhance the security of service composition that can not only realize flexible security policies but also accomplish it with very little run-time overhead. The security control is separated from other functional requirements and encapsuled into service extension aspect. And the composition can be extended by weaving the extension at runtime. It also gives the service composer a chance to unify security policy in composed service by specifying appropriate security extension himself. A Web service extension environment (WSXE) is devised to demonstrate the approach. Finally, an application of performing user-defined access control dynamically at runtime is given to exemplify the dynamic extension to service composition
Keywords :
Web services; authorisation; data encapsulation; formal specification; object-oriented programming; Web service composition; Web service extension environment; aspect-oriented approach; security control; security extension; security policy; security risk; service composition security; Access control; Educational institutions; Mechanical engineering; Printing; Runtime; Search engines; Security; Sun; Weaving; Web services;
Conference_Titel :
Service-Oriented System Engineering, 2006. SOSE '06. Second IEEE International Workshop
Conference_Location :
Shanghai
Print_ISBN :
0-7695-2726-4
DOI :
10.1109/SOSE.2006.14
