 Enforcing ASTD Access-Control Policies with WS-BPEL Processes in SOA EnvironmentsMichel Embe Jiague,
Marc Frappier,
Frédéric Gervais,
Régine Laleau and
Richard St-Denis
International Journal of Systems and Service-Oriented Engineering (IJSSOE), 2011, vol. 2, issue 2, 37-59 Abstract: Controlling access to the Web services of public agencies and private corporations depends primarily on specifying and deploying functional security rules to satisfy strict regulations imposed by governments, particularly in the financial and health sectors. This paper focuses on one aspect of the SELKIS and EB3SEC projects related to the security of Web-based information systems, namely, the automatic transformation of security rules into WS-BPEL (or BPEL, for short) processes. The former are instantiated from security-rule patterns written in a graphical notation, called ASTD that is close to statecharts. The latter are executed by a BPEL engine integrated into a policy decision point, which is a component of a policy enforcement manager similar to that proposed in the XACML standard. Date: 2011 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:igg:jssoe0:v:2:y:2011:i:2:p:37-59 Access Statistics for this article International Journal of Systems and Service-Oriented Engineering (IJSSOE) is currently edited by Wuhui Chen More articles in International Journal of Systems and Service-Oriented Engineering (IJSSOE) from IGI Global |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.