Ensuring trustworthiness and security in service compositions

Abstract

Future Internet applications can be dynamically composed of atomic services, which exhibit different trustworthiness and security requirements, when being integrated into complex service chains. In that respect, research in the security field works around solutions that can ensure that security characteristics are well addressed in modern, Web-based, ICT environments, aiming to establish a level of trust and confidence on the service consumers. Towards this direction, this paper showcases the results of the EU-funded FP7 Aniketos project, in order to support the secure development life cycle of Web-based service compositions. It elaborates on the design time and runtime capabilities of the Aniketos platform to support security and trust in the specification of composite service processes, by offering service developers the ability to efficiently express their security requirements and service providers the capability to track security breaches and threats and support decisions on the appropriate mitigation actions.