Victor Valls, Panagiotis Promponas, et al.
IEEE Communications Magazine
An application based on the Service-Oriented Architecture (SOA) consists of an assembly of services, which is referred to as a composite service. A composite service can be implemented from other composite services, and hence, the application could have a recursive structure. Securing an SOA application is an important nonfunctional requirement. However, specifying a security policy for a composite service is not easy because the policy should be consistent with the policies of the external services invoked in the composite process. Therefore, this paper proposes a security policy composition mechanism that uses the existing policies of the external services. Our contribution is defining the process-independent policy composition rules and providing a method for semiautomatically creating a security policy of the composite service. Our method supports two approaches of policy composition: top-down and bottom-up. Our study makes it possible to verify the consistency of the policies without increasing a developer's workload, even if the composite service has a recursive structure. © 2011 IEEE.
Victor Valls, Panagiotis Promponas, et al.
IEEE Communications Magazine
Yun Mao, Hani Jamjoom, et al.
CoNEXT 2006
Minkyong Kim, Zhen Liu, et al.
INFOCOM 2008
Frank R. Libsch, Takatoshi Tsujimura
Active Matrix Liquid Crystal Displays Technology and Applications 1997