Hasso-Plattner-Institut
 
    • de
 

Conference Papers for Security and Trust Engineering at the chair of Prof. Dr. Christoph Meinel

Here you can find all our peer-reviewed conference papers about security and trust engineering:

Transformation and Aggregation of Web Service Security Requirements

Warschofsky, Robert; Menzel, Michael; Meinel, Christoph in Proceedings of the 8th IEEE European Conference on Web Services (ECOWS 2010) Seite 43-50 . Ayia Napa, Cyprus , IEEE Computer Society , 2010 .

Service-oriented Architectures support the provision, discovery, and usage of services in different application contexts. The Web Service specifications provide a technical foundation to implement this paradigm and provide mechanisms to face the new security challenges raised by SOA. To enable the seamless usage of services, security requirements can be expressed as security policies (e.g. WS-Policy and WS-Security Policy) that enable the negotiation of these requirements between clients and services. However, the concept of policy negotiation has not been applicable in the scope of service compositions so far. Since each orchestrated Web Service in a service composition might demand the provision of specific user information and requires a particular security mechanism, the security policy of a service composition depends on the aggregated requirements of the orchestrated services. Current Web Service frameworks are not capable of resolving such policy dependencies. In this paper we present our solution to enable an automated creation of security policies from orchestrated services. Therefore, we present a policy model that is capable of capturing Web Service security requirements. Based on this model, we introduce an algorithm that performs the aggregation of security requirements stated by the orchestrated services and mappings to transform WS-Security Policy instances and the security model instances into each other.
2010_Warschofsky_ECOWS.pdf
Weitere Informationen
Tags its
BibTeX

 

You can find other sub-lists of our conference papers focusing on 

Go back to the complete list of peer-reviewed conference papers.

Other Links

... to our Research
              Security Engineering - Learning & Knowledge Tech - Design Thinking - former
... to our Teaching
              Tele-Lectures - MOOCs - Labs - Systems 
... to our Publications
              Books - Journals - Conference-Papers - Patents
... and to our Annual Reports.