This paper presents a concept of incorporating information flow control (IFC) mechanisms into service-oriented systems. As opposed to existing IFC proposals, commonly imposing requirements hard or impossible to achieve in service-oriented environments (such as analysis of the application code), our solution fully complies with the Service Oriented Architecture (SOA) model. We present how IFC can be managed in an SOA system by using ORCA security policy language. We also describe two possible implementations of such SOA-specific IFC mechanisms using cryptographic keys and poly-instantiated web services. © 2012 Springer-Verlag.
CITATION STYLE
Brodecki, B., Kalewski, M., Sasak, P., & Szychowiak, M. (2012). Lightweight information flow control for web services. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7204 LNCS, pp. 608–617). https://doi.org/10.1007/978-3-642-31500-8_63
Mendeley helps you to discover research relevant for your work.