Security Mapping to Enhance Matching Fine-Grained Security Policies

  • Monia Ben Brahim
  • Maher Ben Jemaa
  • Mohamed Jmaiel
Part of the Communications in Computer and Information Science book series (CCIS, volume 87)

Abstract

In the heterogeneous environment of Web service, it is common that the data processed by a service consumer and a service provider present several syntactic heterogeneities such as data name heterogeneity and data structure heterogeneity. However, current approaches of security policy (SP) matching don’t consider such heterogeneities that may exist between the protection scopes of fine-grained SPs. In this paper, we show how this can lead to wrong matching results and propose a security mapping approach to enhance the correctness of matching results when dealing with fine-grained SPs.

Keywords

Web service message security fine-grained security security policy policy matching security mapping mediation policy 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
  2. 2.
  3. 3.
  4. 4.
  5. 5.
  6. 6.
  7. 7.
  8. 8.
    Boukottaya, A., Vanoirbeek, C.: Schema matching for transforming structured documents. In: DocEng ’05: Proceedings of the 2005 ACM Symposium on Document engineering, pp. 101–110. ACM, New York (2005)CrossRefGoogle Scholar
  9. 9.
    Chabeb, Y., Tata, S., Ozanne, A.: Yasa-m: A semantic web service matchmaker. In: Proceedings of the IEEE International Conference on Advanced Information Networking and Applications. IEEE Computer Society, Los Alamitos (2010)Google Scholar
  10. 10.
    Hollunder, B.: Domain-specific processing of policies or: WS-Policy intersection revisited. In: ICWS 2009: Proceedings of the IEEE International Conference on Web Services, pp. 246–253. IEEE Computer Society, Los Alamitos (2009)CrossRefGoogle Scholar
  11. 11.
    eHealth Initiative: Executive summary–electronic pre-scribing: Toward maximum value and rapid adoption, http://www.ehealthinitiative.org/initiatives/erx/document.asp
  12. 12.
    Klusch, M., Kapahnke, P., Zinnikus, I.: Hybrid adaptive Web service selection with SAWSDL-MX and WSDL-Analyzer. In: Aroyo, L., Traverso, P., Ciravegna, F., Cimiano, P., Heath, T., Hyvönen, E., Mizoguchi, R., Oren, E., Sabou, M., Simperl, E. (eds.) ESWC 2009. LNCS, vol. 5554, pp. 550–564. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  13. 13.
    Lécue, F., Salibi, S., Bron, P., Moreau, A.: Semantic and syntactic data flow in Web service composition. In: ICWS ’08: Proceedings of the 2008 IEEE International Conference on Web Services, pp. 211–218. IEEE Computer Society, Los Alamitos (2008)CrossRefGoogle Scholar
  14. 14.
    Tosic, V., Erradi, A., Maheshwari, P.: On extending WS-Policy with specification of XML Web service semantics. In: CEA’07: Proceedings of the 2007 annual Conference on Interna-tional Conference on Computer Engineering and Applications, pp. 407–412. World Scientific and Engineering Academy and Society (WSEAS), Singapore (2007)Google Scholar
  15. 15.
    Ono, K., Nakamura, Y., Satoh, F., Tateishi, T.: Verifying the consistency of security poli-cies by abstracting into security types. In: ICWS’07: Proceedings of the 2007 IEEE International Conference on Web Services, pp. 497–504. IEEE Computer Society, Los Alamitos (2007)CrossRefGoogle Scholar
  16. 16.
    Tran, V.X., Puntheeranurak, S., Tsuji, H.: A new service matching definition and algorithm with SAWSDL. In: Proceedings of the third IEEE International Conference on Digital Ecosystems and Technologies, pp. 371–376. IEEE Computer Society, Los Alamitos (2009)CrossRefGoogle Scholar
  17. 17.
    Verma, K., Akkiraju, R., Goodwin, R.: Semantic matching of Web service policies. In: Proceedings of the Second Workshop on Semantic and DynamicWeb Processes, pp. 79–90 (2005)Google Scholar
  18. 18.
    Xue, X.: Automatic Mapping Generation and Adaptation for XML Data Sources. PhD thesis, Université de Versailles (2006)Google Scholar
  19. 19.
    Zuquim Guimaraes Garcia, D., Beatriz Felgar de Toledo, M.: Web service security management using semantic web techniques. In: SAC’08: Proceedings of the 2008 ACM Sym-posium on Applied Computing, pp. 2256–2260. ACM, New York (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Monia Ben Brahim
    • 1
  • Maher Ben Jemaa
    • 1
  • Mohamed Jmaiel
    • 1
  1. 1.ReDCAD LaboratoryUniversity of Sfax, National School of Engineers of SfaxSfaxTunisia

Personalised recommendations