IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

We present a solution for test-based security certification of services that models the service under certification using a Symbolic Transition System (STS). The STS-based model is readily derivable from the Web Service Description Language (WSDL) and Web Service Conversation Language (WSCL) of the service, and can be enriched with details about test-based conditions on inputs and outputs, implementation details, and security specifications. In addition, we show how such fine-grained modeling can be included in a test-based security certification process. Finally, we discuss how this process can be integrated within the Web service life-cycle and used for matching users’ preferences and comparing certificates of different services.

Fine-grained modeling of web services for test-based security certification / M. Anisetti, C.A. Ardagna, E. Damiani - In: 2011 IEEE international conference on services computing : SCC 2011 : 4–9 july 2011, Washington DC, USA : proceedings / [a cura di] H.- A. Jacobsen, Y. Wang, P. Hung. - Los Alamitos : Institute of electrical and electronics engineers, 2011. - ISBN 9781457708633. - pp. 456-463 (( convegno IEEE International Conference on Services Computing (SCC) tenutosi a Washington nel 2011 [10.1109/SCC.2011.27].

Fine-grained modeling of web services for test-based security certification

M. Anisetti
Primo
;C.A. Ardagna
Secondo
;E. Damiani
Ultimo
2011

Abstract

We present a solution for test-based security certification of services that models the service under certification using a Symbolic Transition System (STS). The STS-based model is readily derivable from the Web Service Description Language (WSDL) and Web Service Conversation Language (WSCL) of the service, and can be enriched with details about test-based conditions on inputs and outputs, implementation details, and security specifications. In addition, we show how such fine-grained modeling can be included in a test-based security certification process. Finally, we discuss how this process can be integrated within the Web service life-cycle and used for matching users’ preferences and comparing certificates of different services.
English
Web services ; SOA ; Testing ; WSDL ; WSCL
Settore INF/01 - Informatica
Intervento a convegno
   Advanced Security Service cERTificate for SOA
   ASSERT4SOA
   EUROPEAN COMMISSION
   FP7
   257351
2011 IEEE international conference on services computing : SCC 2011 : 4–9 july 2011, Washington DC, USA : proceedings
H.- A. Jacobsen, Y. Wang, P. Hung
Los Alamitos
Institute of electrical and electronics engineers
2011
456
463
9781457708633
Volume a diffusione internazionale
IEEE International Conference on Services Computing (SCC)
Washington
2011
Convegno internazionale
Intervento inviato
2-s2.0-80053168801
M. Anisetti, C.A. Ardagna, E. Damiani
Book Part (author)
none
273
Fine-grained modeling of web services for test-based security certification / M. Anisetti, C.A. Ardagna, E. Damiani - In: 2011 IEEE international conference on services computing : SCC 2011 : 4–9 july 2011, Washington DC, USA : proceedings / [a cura di] H.- A. Jacobsen, Y. Wang, P. Hung. - Los Alamitos : Institute of electrical and electronics engineers, 2011. - ISBN 9781457708633. - pp. 456-463 (( convegno IEEE International Conference on Services Computing (SCC) tenutosi a Washington nel 2011 [10.1109/SCC.2011.27].
info:eu-repo/semantics/conferenceObject
3
Prodotti della ricerca::03 - Contributo in volume
03 - Contributo in volume
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/161209
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 19
  • ???jsp.display-item.citation.isi??? ND
social impact