Towards a BPEL model-driven approach for web services security
By handling the orchestration, composition and interaction of Web services, the Business Process Execution Language (BPEL) has gained tremendous interest. However, such process-based language does not assure a secure environment for Web services composition. The key solution cannot be seen as a simp...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | , , , |
| Format: | conferenceObject |
| Published: |
2017
|
| Online Access: | http://hdl.handle.net/10725/5353 http://dx.doi.org/10.1109/PST.2012.6297928 http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://ieeexplore.ieee.org/abstract/document/6297928/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1864513465825099776 |
|---|---|
| author | Tout, Hanine |
| author2 | Mourad, Azzam Yahyaoui, Hamdi Talhi, Chamseddine Otrok, Hadi |
| author2_role | author author author author |
| author_facet | Tout, Hanine Mourad, Azzam Yahyaoui, Hamdi Talhi, Chamseddine Otrok, Hadi |
| author_role | author |
| dc.creator.none.fl_str_mv | Tout, Hanine Mourad, Azzam Yahyaoui, Hamdi Talhi, Chamseddine Otrok, Hadi |
| dc.date.none.fl_str_mv | 2017-03-10T09:00:23Z 2017-03-10T09:00:23Z 2017-03-10 |
| dc.identifier.none.fl_str_mv | 9781467323260 http://hdl.handle.net/10725/5353 http://dx.doi.org/10.1109/PST.2012.6297928 Tout, H., Mourad, A., Yahyaoui, H., Talhi, C., & Otrok, H. (2012, July). Towards a BPEL model-driven approach for Web services security. In Privacy, Security and Trust (PST), 2012 Tenth Annual International Conference on (pp. 120-127). IEEE. http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://ieeexplore.ieee.org/abstract/document/6297928/ |
| dc.language.none.fl_str_mv | en |
| dc.publisher.none.fl_str_mv | IEEE |
| dc.rights.*.fl_str_mv | info:eu-repo/semantics/openAccess |
| dc.title.none.fl_str_mv | Towards a BPEL model-driven approach for web services security |
| dc.type.none.fl_str_mv | Conference Paper / Proceeding info:eu-repo/semantics/publishedVersion info:eu-repo/semantics/conferenceObject |
| description | By handling the orchestration, composition and interaction of Web services, the Business Process Execution Language (BPEL) has gained tremendous interest. However, such process-based language does not assure a secure environment for Web services composition. The key solution cannot be seen as a simple embed of security properties in the source code of the business logic since the dynamism of the BPEL process will be affected when the security measures get updated. In this context, several approaches have emerged to tackle such issue by offering the ability to specify the security properties independently from the business logic based on policy languages. Nevertheless, these languages are complex, verbose and require programming expertise. Owing to these difficulties, specifying and the enforcing BPEL security policies become very tedious tasks. To mitigate these challenges, we propose in this paper, a novel approach that takes advantage of both the Unified Modeling Language (UML) and the Aspect Oriented Paradigm (AOP). By elaborating a UML extension mechanism, called UML Profile, our approach provides the users with model-based capabilities to specify aspects that enforce the required security policies. On the other hand, it offers a high level of flexibility when enforcing security hardening solutions in the BPEL process by exploiting the AOP approach. We illustrate our approach through an example of the dynamic generation and integration of model-based security aspects in a BPEL process. |
| eu_rights_str_mv | openAccess |
| format | conferenceObject |
| id | LAURepo_5ddb88fd5346b2127b5bc9a1baefda38 |
| identifier_str_mv | 9781467323260 Tout, H., Mourad, A., Yahyaoui, H., Talhi, C., & Otrok, H. (2012, July). Towards a BPEL model-driven approach for Web services security. In Privacy, Security and Trust (PST), 2012 Tenth Annual International Conference on (pp. 120-127). IEEE. |
| language_invalid_str_mv | en |
| network_acronym_str | LAURepo |
| network_name_str | Lebanese American University repository |
| oai_identifier_str | oai:laur.lau.edu.lb:10725/5353 |
| publishDate | 2017 |
| publisher.none.fl_str_mv | IEEE |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| spelling | Towards a BPEL model-driven approach for web services securityTout, HanineMourad, AzzamYahyaoui, HamdiTalhi, ChamseddineOtrok, HadiBy handling the orchestration, composition and interaction of Web services, the Business Process Execution Language (BPEL) has gained tremendous interest. However, such process-based language does not assure a secure environment for Web services composition. The key solution cannot be seen as a simple embed of security properties in the source code of the business logic since the dynamism of the BPEL process will be affected when the security measures get updated. In this context, several approaches have emerged to tackle such issue by offering the ability to specify the security properties independently from the business logic based on policy languages. Nevertheless, these languages are complex, verbose and require programming expertise. Owing to these difficulties, specifying and the enforcing BPEL security policies become very tedious tasks. To mitigate these challenges, we propose in this paper, a novel approach that takes advantage of both the Unified Modeling Language (UML) and the Aspect Oriented Paradigm (AOP). By elaborating a UML extension mechanism, called UML Profile, our approach provides the users with model-based capabilities to specify aspects that enforce the required security policies. On the other hand, it offers a high level of flexibility when enforcing security hardening solutions in the BPEL process by exploiting the AOP approach. We illustrate our approach through an example of the dynamic generation and integration of model-based security aspects in a BPEL process.N/AIEEE2017-03-10T09:00:23Z2017-03-10T09:00:23Z2017-03-10Conference Paper / Proceedinginfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObject9781467323260http://hdl.handle.net/10725/5353http://dx.doi.org/10.1109/PST.2012.6297928Tout, H., Mourad, A., Yahyaoui, H., Talhi, C., & Otrok, H. (2012, July). Towards a BPEL model-driven approach for Web services security. In Privacy, Security and Trust (PST), 2012 Tenth Annual International Conference on (pp. 120-127). IEEE.http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.phphttp://ieeexplore.ieee.org/abstract/document/6297928/eninfo:eu-repo/semantics/openAccessoai:laur.lau.edu.lb:10725/53532021-04-06T13:32:16Z |
| spellingShingle | Towards a BPEL model-driven approach for web services security Tout, Hanine |
| status_str | publishedVersion |
| title | Towards a BPEL model-driven approach for web services security |
| title_full | Towards a BPEL model-driven approach for web services security |
| title_fullStr | Towards a BPEL model-driven approach for web services security |
| title_full_unstemmed | Towards a BPEL model-driven approach for web services security |
| title_short | Towards a BPEL model-driven approach for web services security |
| title_sort | Towards a BPEL model-driven approach for web services security |
| url | http://hdl.handle.net/10725/5353 http://dx.doi.org/10.1109/PST.2012.6297928 http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://ieeexplore.ieee.org/abstract/document/6297928/ |