Abstract
Despite an increasing need for considering security requirements in service composition, the incorporation of security requirements into service composition is still a challenge for many reasons: no clear identification of security requirements for composition, absence of notations to express them, difficulty in integrating them into the business processes, complexity of mapping them into security mechanisms, and the complexity inherent to specify and enforce complex security requirements. We identify security requirements for service composition and define notations to express them at different levels of abstraction. We present a novel approach consisting of a methodology, called Sec-MoSC, to incorporate security requirements into service composition, map security requirements into enforceable mechanisms, and support execution. We have implemented this approach in a prototype tool by extending BPMN notation and building on an existing BPMN editor, BPEL engine and Apache Rampart. We showcase an illustrative application of the Sec-MoSC toolset. © 2009 Springer-Verlag Berlin Heidelberg.
Cite
CITATION STYLE
Souza, A. R. R., Silva, B. L. B., Lins, F. A. A., Damasceno, J. C., Rosa, N. S., MacIel, P. R. M., … Northfleet, C. (2009). Incorporating security requirements into service composition: From modelling to execution. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5900 LNCS, pp. 373–388). https://doi.org/10.1007/978-3-642-10383-4_27
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
