EFSOC: A Layered Framework for Developing Secure Interactions between Web-Services

Heuvel, Willem‐Jan van den; Leune, Kees; Papazoglou, Michael P.

doi:10.1007/s10619-005-1400-1

Cited by 10 publications

(5 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The correlation between two different secure levels depends on the corresponding events, which trigger the interaction between layers. We extend the Role-Based Access Control (RBAC) model [16,21] to securely access Web services. The RBAC model include two basic elements: role and permission.…”

Section: A Two Layer Access Control Modelmentioning

confidence: 99%

Efficiently supporting secure and reliable collaboration in scientific workflows

Cao

Zhang

2010

Journal of Computer and System Sciences

View full text Add to dashboard Cite

Recently, workflow technologies have been increasingly used in scientific communities. Scientists carry out research by employing scientific workflows to automate computing steps, analyze large data sets and integrate distributed computing processes. This is a challenging task because of insecure procedures in a distributed environment. In this paper, we present an access control framework and models for supporting secure and reliable collaboration. The proposed approaches combine control flows and data flow models to describe scientific workflows, and extend the atomicity sphere concept by considering two levels of atomicity abstraction at the level of process as well as at the level of data, in order to maintain the process consistency and the data consistency in the presence of failures. We also present a case study in a scientific research scenario to show the effectiveness of our approaches.

show abstract

Section: A Two Layer Access Control Modelmentioning

confidence: 99%

Efficiently supporting secure and reliable collaboration in scientific workflows

Cao

Zhang

2010

Journal of Computer and System Sciences

View full text Add to dashboard Cite

show abstract

“…Some of the most pertinent, and noteworthy proposals focusing on these higher layers are: [2], which builds on existing technologies and the theory of Aspect-Oriented Programming, to provide a framework for securing WS compositions (necessary in collaborative e-business) using the WS-Security and WS-Policy standards; [8] aims to provide a methodical development approach for constructing security architectures for WS-based systems; [14] which provides integrated WS design strategies and best practices for end-to-end security; [17] -a method that uses fuzzy logic to measure the risk associated with WS, with full appreciation of the fact that due to WS' volatility, information on threats is usually incomplete or imprecise; and lastly the Eventdriven Framework for Service Oriented Computing in [16] -a standard agnostic, multilayered framework that aims to address the problem of defining and enforcing access control rules for securing services use at the level of business processes. In their work, authors particularly focus on dynamic authorization, independent of specific standards [16].…”

Section: State Of the Artmentioning

confidence: 99%

“…This highly isolated perspective is inadequate due to the very nature of WS, and the high degrees of interconnection between businesses-spanning exposure of legacy systems to purpose-built Web applications-that WS readily facilitates. In [16], even though this allows for a layered, and more comprehensive model for WS security during business process execution, its predominant focus is towards access control, and particularly for highly dynamic environments. Both these aspects act to make it too specific a framework for our purposes as mentioned in subsequent sections.…”

Section: Outstanding Security Issuesmentioning

confidence: 99%

BOF4WSS: A Business-Oriented Framework for Enhancing Web Services Security for e-Business

Nurse

Sinclair

2009

2009 Fourth International Conference on Internet and Web Applications and Services

View full text Add to dashboard Cite

When considering Web services' (WS) use for online business-to-business (B2B) collaboration between companies, security is a complicated and very topical issue. This is especially true with regard to reaching a level of security beyond the technological layer, that is supported and trusted by all businesses involved. With appreciation of this fact, our research draws from established development methodologies to develop a new, business-oriented framework (BOF4WSS) to guide e-businesses in defining, and achieving agreed security levels across these collaborating enterprises. The approach envisioned is such that it can be used by businesses-in a joint manner-to manage the comprehensive concern that security in the WS environment has become.

show abstract

“…In [21], van den Heuvel et al report on EFSOC, which is a layer-based framework for securing interactions between Web services. Although the framework does not emphasize how Web services interact together, its layer architecture drew our attention in comparison to our 2 -layer framework.…”

Section: Related Workmentioning

confidence: 99%

Web Services Interactions: Analysis, Modeling, and Management

Maamar

Sheng

Benslimane

et al. 2008

Int. J. Soft. Eng. Knowl. Eng.

View full text Add to dashboard Cite

This paper discusses how interactions between Web services engaged in composition scenarios are analyzed, modeled, and finally managed. Interactions are primarily considered as a means for conveying messages of different natures between separate components, for instance, Web services. To achieve better coordination and hence, avoid conflicts between Web services, in this paper interactions are handled by two layers known as business logic and support. The business-logic layer is the host of two flows known as control and transactional, whereas the support layer is the host of two additional flows namely exception and message. On top of the proposed layers and flows, context and policies are used to oversee the progress of interactions between Web services and to constrain the behavior of these Web services, respectively. Int. J. Soft. Eng. Knowl. Eng. 2008.18:179-198. Downloaded from www.worldscientific.com by WAYNE STATE UNIVERSITY on 03/23/15. For personal use only.

show abstract

EFSOC: A Layered Framework for Developing Secure Interactions between Web-Services

Cited by 10 publications

References 10 publications

Efficiently supporting secure and reliable collaboration in scientific workflows

Efficiently supporting secure and reliable collaboration in scientific workflows

BOF4WSS: A Business-Oriented Framework for Enhancing Web Services Security for e-Business

Web Services Interactions: Analysis, Modeling, and Management

Contact Info

Product

Resources

About