Generating Secure Service Compositions

Pino, Luca; Spanoudakis, George; Fuchs, Andreas; Gürgens, Sigrid

doi:10.1007/978-3-319-25414-2_6

Cited by 5 publications

(8 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The work we present in this paper extends our previous work described in [24] [25][26] [28]. The work in [24] [25] presented an initial proof-of-concept realisation of our approach for pattern-driven generation of secure service compositions without, however, addressing verification.…”

Section: Introductionmentioning

confidence: 71%

“…In [26], we presented the initial version of the algorithm for inferring service level from workflow level security properties, and provided an overview of how it could support workflow verification/adaptation without any algorithmic details for these processes. In [28], we presented formal proofs of some SCO patterns (e.g., integrity) and an initial prototype of our approach focusing on security-driven service discovery.…”

Section: Introductionmentioning

confidence: 99%

“…The pattern proofs approach introduced in [28] was based on modelling patterns using the Security Modeling Framework SeMF [13]. SeMF provides an adequate formal framework for modelling basic service workflows (e.g., sequential, split-join, OR-orchestrations) in SBS systems and proving pattern properties [27].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Pattern-Based Design and Verification of Secure Service Compositions

Pino

Spanoudakis

Krotsiani

et al. 2020

IEEE Trans. Serv. Comput.

Self Cite

View full text Add to dashboard Cite

This is the accepted version of the paper.This version of the publication may differ from the final published version. Abstract-Ensuring the preservation of security is a key requirement and challenge for Service-Based Systems (SBS) due to the use of third party software services not operating under different security perimeters. In this paper, we present an approach for verifying the security properties of SBS workflows and adapting them if such properties are not preserved. Our approach uses secure service composition patterns. These patterns encode proven dependencies between service level and workflow level security properties. These dependencies are used in reasoning processes supporting the verification of SBS workflows with respect to workflow security properties and their adaptation in ways that guarantee the properties if necessary. Our approach has been implemented by extending the Eclipse BPEL Designer and validated experimentally. The experimental evaluation has produced positive results, indicating that even for complex workflows and large sets of secure service composition patterns verification can be performed efficiently. Permanent repository link

show abstract

Section: Introductionmentioning

confidence: 71%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Pattern-Based Design and Verification of Secure Service Compositions

Pino

Spanoudakis

Krotsiani

et al. 2020

IEEE Trans. Serv. Comput.

Self Cite

View full text Add to dashboard Cite

show abstract

“…The encoding of such dependencies enables: (i) the verification that a smart object orchestration satisfies certain SPDI properties, and (ii) the generation (and adaptation) of orchestrations in ways that are guaranteed to satisfy required SPDI properties. The SEMIoTICS approach to patterns is inspired from similar pattern-based approaches used in service-oriented systems [52,53], cyber physical systems [54] and networks [55,56]. • Multi-layered Embedded Intelligence: Effective adaptation and autonomic behaviour at field (edge) and infrastructure (backend) layers depends critically on intelligent analysis and learning the circumstances where adaptation actions did not work as expected.…”

Section: Visionmentioning

confidence: 99%

Next Generation Internet of Things

Vermesan

Bacquet

2018

Next Generation Internet of Things

View full text Add to dashboard Cite

The chapter presents an overview of the eight that are part of the European IoT Security and Privacy Projects initiative (IoT-ESP) addressing advanced concepts for end-to-end security in highly distributed, heterogeneous and dynamic IoT environments. The approaches presented are holistic and include identification and authentication, data protection and prevention against cyber-attacks at the device and system levels. The projects present architectures, concepts, methods and tools for open IoT platforms integrating evolving sensing, actuating, energy harvesting, networking and interface technologies. Platforms should provide connectivity and intelligence, actuation and control features, linkage to modular and ad-hoc cloud services, The IoT platforms used are compatible with existing international developments addressing object identity management, discovery services, virtualisation of objects, devices and infrastructures and trusted IoT approaches.

show abstract

“…Even though patterns have been mainly applied on software development, the method can be used satisfactorily for the component composition of systems such as CPS [14]. Security patterns, for service compositions based on enabling reasoning engines such as Drools, are described in [15], [16]. In our approach instead of service composition, the concept of component compositions is proposed.…”

Section: Related Workmentioning

confidence: 99%

A Pattern-Based Approach for Designing Reliable Cyber-Physical Systems

Petroulakis

Spanoudakis

Askoxylakis

et al. 2015

2015 IEEE Global Communications Conference (GLOBECOM)

Self Cite

View full text Add to dashboard Cite

Abstract-Cyber-Physical Systems (CPS) appear to be of paramount importance due to their increasing use on critical infrastructure. New challenges have occurred because of the nature and the complexity of such systems in supporting heterogeneous physical and cyber components simultaneously. Failures or attacks on system components decrease system reliability creating severe consequences to CPS and the attached applications. The construction of complex CPS with respect to security and dependability (S&D) properties is necessary to avoid system vulnerabilities at design level. Design patterns are solutions for reusable designs and interactions of objects. In this work we present a pattern-based language for designing CPS able to guarantee S&D properties. The first set of S&D patterns includes the Reliability Component Composition (RCC) Patterns for designing reliable CPS. RCC patterns are encoded in Drools, which is a rule-based reasoning system. To evaluate our approach, we use RCC patterns as a methodology for designing a reliable wireless sensor network attached to a physical architecture to send monitored data to a central controller through relay nodes and paths.

show abstract

Generating Secure Service Compositions

Cited by 5 publications

References 22 publications

Pattern-Based Design and Verification of Secure Service Compositions

Pattern-Based Design and Verification of Secure Service Compositions

Next Generation Internet of Things

A Pattern-Based Approach for Designing Reliable Cyber-Physical Systems

Contact Info

Product

Resources

About