A framework and language support for dynamic security policy in service-oriented architecture

W. U.Lee Chi; Gwan Hwan Hwang

A framework and language support for dynamic security policy in service-oriented architecture

W. U.Lee Chi, Gwan Hwan Hwang^*

^*Corresponding author for this work

Department of Computer Science and Information Engineering

Research output: Contribution to journal › Article › peer-review

1 Citation (Scopus)

Abstract

In today's global network-based environment, where mission-critical applications typically run on highly distributed systems, customers expect reliable, available, and secure services. Supporting security becomes an important issue in service-oriented architecture (SOA). This paper describes how to simultaneously support both dynamic security policies and separation of concerns when developing an SOA application. We propose the DPSL (dynamic policy specification language) for managing and controlling the security according to the dynamic behavior of the workflow in SOA. The operation model is compatible with existing SOA standards, such as the WSDL, WS-Policy, WS-Security-Policy, WS-ReliableMessaging, and the BPEL. As a result, existing standard Web-services engines and BPEL engines can be employed directly to support dynamic policies in SOA. The implementation and experimental results demonstrate the feasibility of the proposed architecture.

Original language	English
Pages (from-to)	1887-1903
Number of pages	17
Journal	Journal of Information Science and Engineering
Volume	30
Issue number	6
Publication status	Published - 2014 Nov 1

Keywords

BPEL
Security policy
SOA
Web services
Workflow

ASJC Scopus subject areas

Software
Human-Computer Interaction
Hardware and Architecture
Library and Information Sciences
Computational Theory and Mathematics

Cite this

@article{df46f04f8c404e6184d570520406ce37,

title = "A framework and language support for dynamic security policy in service-oriented architecture",

abstract = "In today's global network-based environment, where mission-critical applications typically run on highly distributed systems, customers expect reliable, available, and secure services. Supporting security becomes an important issue in service-oriented architecture (SOA). This paper describes how to simultaneously support both dynamic security policies and separation of concerns when developing an SOA application. We propose the DPSL (dynamic policy specification language) for managing and controlling the security according to the dynamic behavior of the workflow in SOA. The operation model is compatible with existing SOA standards, such as the WSDL, WS-Policy, WS-Security-Policy, WS-ReliableMessaging, and the BPEL. As a result, existing standard Web-services engines and BPEL engines can be employed directly to support dynamic policies in SOA. The implementation and experimental results demonstrate the feasibility of the proposed architecture.",

keywords = "BPEL, Security policy, SOA, Web services, Workflow",

author = "Chi, {W. U.Lee} and Hwang, {Gwan Hwan}",

year = "2014",

month = nov,

day = "1",

language = "English",

volume = "30",

pages = "1887--1903",

journal = "Journal of Information Science and Engineering",

issn = "1016-2364",

publisher = "Institute of Information Science",

number = "6",

}

TY - JOUR

T1 - A framework and language support for dynamic security policy in service-oriented architecture

AU - Chi, W. U.Lee

AU - Hwang, Gwan Hwan

PY - 2014/11/1

Y1 - 2014/11/1

N2 - In today's global network-based environment, where mission-critical applications typically run on highly distributed systems, customers expect reliable, available, and secure services. Supporting security becomes an important issue in service-oriented architecture (SOA). This paper describes how to simultaneously support both dynamic security policies and separation of concerns when developing an SOA application. We propose the DPSL (dynamic policy specification language) for managing and controlling the security according to the dynamic behavior of the workflow in SOA. The operation model is compatible with existing SOA standards, such as the WSDL, WS-Policy, WS-Security-Policy, WS-ReliableMessaging, and the BPEL. As a result, existing standard Web-services engines and BPEL engines can be employed directly to support dynamic policies in SOA. The implementation and experimental results demonstrate the feasibility of the proposed architecture.

AB - In today's global network-based environment, where mission-critical applications typically run on highly distributed systems, customers expect reliable, available, and secure services. Supporting security becomes an important issue in service-oriented architecture (SOA). This paper describes how to simultaneously support both dynamic security policies and separation of concerns when developing an SOA application. We propose the DPSL (dynamic policy specification language) for managing and controlling the security according to the dynamic behavior of the workflow in SOA. The operation model is compatible with existing SOA standards, such as the WSDL, WS-Policy, WS-Security-Policy, WS-ReliableMessaging, and the BPEL. As a result, existing standard Web-services engines and BPEL engines can be employed directly to support dynamic policies in SOA. The implementation and experimental results demonstrate the feasibility of the proposed architecture.

KW - BPEL

KW - Security policy

KW - SOA

KW - Web services

KW - Workflow

UR - http://www.scopus.com/inward/record.url?scp=84911936710&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84911936710&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:84911936710

SN - 1016-2364

VL - 30

SP - 1887

EP - 1903

JO - Journal of Information Science and Engineering

JF - Journal of Information Science and Engineering

IS - 6

ER -

A framework and language support for dynamic security policy in service-oriented architecture

Abstract

Keywords

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this