Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Data Privacy Management

International Workshop on Autonomous and Spontaneous Security

DPM 2011, SETOP 2011: Data Privacy Management and Autonomous Spontaneus Security pp 235–252Cite as

Distributed Orchestration of Web Services under Security Constraints

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7122))

Abstract

We present a novel approach to automated distributed orchestration of Web services tied with security policies. The construction of an orchestration complying with the policies is based on the resolution of deducibility constraint systems and has been implemented for the non-distributed case as part of the AVANTSSAR Validation Platform. The tool has been successfully experimented on several case-studies from industry and academia.

This work is supported by FP7 AVANTSSAR [1] and FP7 NESSoS [2] projects.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Automated Validation of Trust and Security of Service-Oriented Architectures, AVANTSSAR project, http://www.avantssar.eu

  2. Network of Excellence on Engineering Secure Future Internet Software Services and Systems, NESSoS project, http://www.nessos-project.eu

  3. Avanesov, T., Chevalier, Y., Rusinowitch, M., Turuani, M.: Satisfiability of General Intruder Constraints with and without a Set Constructor. Research Report RR-7276, INRIA (May 2010), http://hal.inria.fr/inria-00480632/en/

  4. Baresi, L., Maurino, A., Modafferi, S.: Towards distributed bpel orchestrations. ECEASST 3 (2006)

    Google Scholar 

  5. Berardi, D., Calvanese, D., De Giacomo, G., Hull, R., Mecella, M.: Automatic Composition of Transition-based semantic Web Services with Messaging. In: Proc. 31st Int. Conf. Very Large Data Bases, VLDB 2005, pp. 613–624 (2005)

    Google Scholar 

  6. Berardi, D., Calvanese, D., De Giacomo, G., Lenzerini, M., Mecella, M.: Automatic Composition of E-services That Export Their Behavior. In: Orlowska, M.E., Weerawarana, S., Papazoglou, M.P., Yang, J. (eds.) ICSOC 2003. LNCS, vol. 2910, pp. 43–58. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  7. Bhargavan, K., Corin, R., Deniélou, P.M., Fournet, C., Leifer, J.J.: Cryptographic protocol synthesis and verification for multiparty sessions. In: 2009 22nd IEEE Computer Security Foundations Symposium, pp. 124–140. IEEE (2009)

    Google Scholar 

  8. Bucchiarone, A., Gnesi, S.: A survey on services composition languages and models. In: Proceedings of International Workshop on Web Services Modeling and Testing (WS-MaTe 2006), pp. 51–63 (2006)

    Google Scholar 

  9. Bultan, T., Fu, X., Hull, R., Su, J.: Conversation specification: a new approach to design and analysis of e-service composition. In: WWW, pp. 403–410 (2003)

    Google Scholar 

  10. Bursuc, S., Comon-Lundh, H., Delaune, S.: Deducibility Constraints. In: Datta, A. (ed.) ASIAN 2009. LNCS, vol. 5913, pp. 24–38. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  11. Calvanese, D., De Giacomo, G., Lenzerini, M., Mecella, M., Patrizi, F.: Automatic service composition and synthesis: the roman model. IEEE Data Eng. Bull. 31(3), 18–22 (2008)

    Google Scholar 

  12. Camara, J., Martin, J.A., Salaun, G., Cubo, J., Ouederni, M., Canal, C., Pimentel, E.: Itaca: An integrated toolbox for the automatic composition and adaptation of web services. In: ICSE 2009, pp. 627–630 (2009)

    Google Scholar 

  13. Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: An np decision procedure for protocol insecurity with xor. Theo. Comp. Sci. 338(1-3), 247–274 (2005)

    Article  MATH  Google Scholar 

  14. Chevalier, Y., Mekki, M.A., Rusinowitch, M.: Automatic composition of services with security policies. In: Proceedings of the 2008 IEEE Congress on Services - Part I, SERVICES 2008, pp. 529–537. IEEE, Washington, DC (2008)

    Chapter  Google Scholar 

  15. Chevalier, Y., Rusinowitch, M.: Compiling and securing cryptographic protocols. Inf. Process. Lett. 110(3), 116–122 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  16. Dolev, D., Yao, A.: On the Security of Public-Key Protocols. IEEE Transactions on Information Theory 2(29) (1983)

    Google Scholar 

  17. Fabrega, F.J.T., Herzog, J.C., Guttman, J.D.: Strand spaces: why is a security protocol correct? In: Proceedings of the 1998 IEEE Symposium on Security and Privacy, pp. 160–171 (May 1998)

    Google Scholar 

  18. Martìn, J.A., Martinelli, F., Pimentel, E.: Synthesis of secure adaptors. Journal of Logic and Algebraic Programming 81(2), 99–126 (2012), doi:10.1016/j.jlap.2011.08.001

    Article  Google Scholar 

  19. Mazaré, L.: Computational Soundness of Symbolic Models for Cryptographic Protocols. PhD thesis, Institut National Polytechnique de Grenoble (October 2006)

    Google Scholar 

  20. Patrizi, F.: An introduction to simulation-based techniques for automated service composition. In: YR-SOC 2009, Pisa, Italy. EPTCS, vol. 2, pp. 37–49 (June 2009)

    Google Scholar 

  21. Pedraza, G., Estublier, J.: Distributed Orchestration Versus Choreography: The FOCAS Approach. In: Wang, Q., Garousi, V., Madachy, R., Pfahl, D. (eds.) ICSP 2009. LNCS, vol. 5543, pp. 75–86. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  22. Peltz, C.: Web Services Orchestration, HP white paper (2003)

    Google Scholar 

  23. Peltz, C.: Web services orchestration and choreography. Computer 36, 46–52 (2003)

    Article  Google Scholar 

  24. Quinton, S., Ben-Hafaiedh, I., Graf, S.: From orchestration to choreography: Memoryless and distributed orchestrators. In: Proc. of FLACOS 2009 (2009)

    Google Scholar 

  25. ter Beek, M., Bucchiarone, A., Gnesi, S.: Web service composition approaches: From industrial standards to formal methods. In: Second International Conference on Internet and Web Applications and Services, ICIW 2007, page 15 (2007)

    Google Scholar 

  26. The AVISPA Project, http://www.avispa-project.org/

  27. Trainotti, M., Pistore, M., Calabrese, G., Zacco, G., Lucchese, G., Barbon, F., Bertoli, P.G., Traverso, P.: ASTRO: Supporting Composition and Execution of Web Services. In: Benatallah, B., Casati, F., Traverso, P. (eds.) ICSOC 2005. LNCS, vol. 3826, pp. 495–501. Springer, Heidelberg (2005), http://sra.itc.it/projects/astro/

    Chapter  Google Scholar 

  28. Turuani, M.: The CL-Atse Protocol Analyser. In: Pfenning, F. (ed.) RTA 2006. LNCS, vol. 4098, pp. 277–286. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. INRIA Nancy Grand Est, 615 allée du jardin botanique, 54000, Vandœuvre-lès-Nancy, France

    Tigran Avanesov, Mohammed Anis Mekki, Michaël Rusinowitch & Mathieu Turuani

  2. Université de Toulouse, 118 Route de Narbonne, F-31062, Toulouse, France

    Yannick Chevalier

Authors
  1. Tigran Avanesov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yannick Chevalier
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mohammed Anis Mekki
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Michaël Rusinowitch
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mathieu Turuani
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. TELECOM-Bretagne, Campus de Rennes, 2, rue de la Châtaigneraie, 35512, Cesson Sévigné Cedex, France

    Joaquin Garcia-Alfaro

  2. Universitat Autonoma de Barcelona, Edifici-Q, Campus UAB, 08193, Bellaterra, Spain

    Guillermo Navarro-Arribas

  3. Institut Télécom, Télécom Bretagne, CS 17607, 35576, Cesson-Sévigné, France

    Nora Cuppens-Boulahia

  4. Dipartimento di Tecnologie dell’Informazione, Università degli Studi di Milano, Via Bramante 65, 26013, Crema, Italy

    Sabrina de Capitani di Vimercati

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Avanesov, T., Chevalier, Y., Anis Mekki, M., Rusinowitch, M., Turuani, M. (2012). Distributed Orchestration of Web Services under Security Constraints. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds) Data Privacy Management and Autonomous Spontaneus Security. DPM SETOP 2011 2011. Lecture Notes in Computer Science, vol 7122. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28879-1_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28879-1_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28878-4

  • Online ISBN: 978-3-642-28879-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation