Web Service enterprise solutions are now one of the most important enablers of the new generation of applications supplying services on Internet. Web Services security standards and protocols are available to provide secure communication and conversation between service providers and consumers, but still it exists a gap in ensuring that a particular service hold, at execution time, specific security properties. In this paper we propose an architecture that will enable service consumers to specify the desired set of security properties the service must hold, providing a mechanism to re-check them when the execution context changes. In particular, we discuss the concept of context-aware certifificate, and a preliminary description of a dynamic, context-aware service certification approach.
A framework to support assurance-based service search / M. Anisetti, C.A. Ardagna, E. Damiani, F. Frati, A. Pahlevan, H.A. Müller - In: 1. International symposium on data-driven process discovery and analysis : SIMPDA 2011 : june 28- July 1, 2011, Campione d’Italia, Italy : [proceedings] / [a cura di] K. Aberer, E. Damiani, T. Dillon. - [s.l] : [IFIP], 2011. - ISBN 9788890312021. - pp. 147-162 (( Intervento presentato al 1. convegno International Symposium on Data-Driven Process Discovery and Analysis (SIMPDA) tenutosi a Campione d'Italia nel 2011.
A framework to support assurance-based service search
M. AnisettiPrimo
;C.A. ArdagnaSecondo
;E. Damiani;F. Frati;
2011
Abstract
Web Service enterprise solutions are now one of the most important enablers of the new generation of applications supplying services on Internet. Web Services security standards and protocols are available to provide secure communication and conversation between service providers and consumers, but still it exists a gap in ensuring that a particular service hold, at execution time, specific security properties. In this paper we propose an architecture that will enable service consumers to specify the desired set of security properties the service must hold, providing a mechanism to re-check them when the execution context changes. In particular, we discuss the concept of context-aware certifificate, and a preliminary description of a dynamic, context-aware service certification approach.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.