A framework and language support for dynamic security policy in service-oriented architecture

W. U.Lee Chi, Gwan Hwan Hwang*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)


In today's global network-based environment, where mission-critical applications typically run on highly distributed systems, customers expect reliable, available, and secure services. Supporting security becomes an important issue in service-oriented architecture (SOA). This paper describes how to simultaneously support both dynamic security policies and separation of concerns when developing an SOA application. We propose the DPSL (dynamic policy specification language) for managing and controlling the security according to the dynamic behavior of the workflow in SOA. The operation model is compatible with existing SOA standards, such as the WSDL, WS-Policy, WS-Security-Policy, WS-ReliableMessaging, and the BPEL. As a result, existing standard Web-services engines and BPEL engines can be employed directly to support dynamic policies in SOA. The implementation and experimental results demonstrate the feasibility of the proposed architecture.

Original languageEnglish
Pages (from-to)1887-1903
Number of pages17
JournalJournal of Information Science and Engineering
Issue number6
Publication statusPublished - 2014 Nov 1


  • BPEL
  • SOA
  • Security policy
  • Web services
  • Workflow

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Hardware and Architecture
  • Library and Information Sciences
  • Computational Theory and Mathematics


Dive into the research topics of 'A framework and language support for dynamic security policy in service-oriented architecture'. Together they form a unique fingerprint.

Cite this