article

A novel aspect-oriented BPEL framework for the dynamic enforcement of web services security

Authors:

Hamdi Yahyaoui,

Hadi OtrokAuthors Info & Claims

International Journal of Web and Grid Services, Volume 8, Issue 4

Pages 361 - 385

https://doi.org/10.1504/IJWGS.2012.051526

Published: 01 January 2012 Publication History

Abstract

In this paper, we propose a new framework for the dynamic enforcement of composite Web services security, which is based on a synergy between Aspect-Oriented Programming (AOP) and BPEL (Business Process Execution Language). This synergy is achieved through the elaboration of a new language called AspectBPEL, which is used to specify security policies as separate components, referred to as aspects, to be weaved systematically in a BPEL process. The injected aspects activate the security policies at runtime on specific join points. Our approach enjoys several additional features such as (1) separating the business and security concerns of composite Web services (2) allowing the update of security mechanisms of composite Web services at run time, (3) providing modularity for modelling cross-cutting concerns between Web services, (4) centralising some security measurements at the BPEL side and (5) providing a framework fully compatible with any BPEL engine regardless of the adopted development environment.

References

[1]

Agostino Ardagna, C., Damiani, E., De Capitani di Vimercati, S. and Samarati, P. (2006) 'A web service architecture for enforcing access control policies', Electronic Notes Theoretical Computer Science, Vol. 142, p.4762.

[2]

Atkinson, B. (2006) Web services security (WS-Security). Available online at: http://www.oasisopen.org/committees/tc_home.php?wg_abbrev=wss

[3]

Bhatti, R., Joshi, J., Bertino, E. and Ghafoor, A. (2003) 'Access control in dynamic XML-based web-services with X-RBAC', Proceedings of the International Conference on Web Services (ICWS 03).

[4]

Bodkin, R. (2004) 'Enterprise security aspects', Proceedings of the AOSD 04 Workshop on AOSD Technology for Application-level Security.

[5]

Charfi, A. and Mezini, M. (2004) 'Aspect-oriented web service composition with AO4BPEL', ECOWS 04.

[6]

DeWin, B. (2004) Engineering Application Level Security through Aspect Oriented Software Development, PhD Thesis, Katholieke Universiteit Leuven.

[7]

Di Francescomarino, C and Tonella, P. (2009) 'Cooperative aspect oriented programming for executable business processes', Proceedings of the 2009 ICSE Workshop on Principles of Engineering Service Oriented Systems, Vancouver, Canada.

[8]

Evermann, J. (2007) 'A meta-level specification and profile for AspectJ in UML', Journal of Object Technology, Vol. 6, No. 7, pp. 27-49.

[9]

Fuentes, L. and Sanchez, P. (2006) 'Elaborating UML 2.0 Profiles for AO Design', Proceedings of the International Workshop on Aspect-Oriented Modeling.

[10]

Huang, M., Wang, C. and Zhang, L. (2004) 'Toward a reusable and generic security aspect library', Proceedings of the AOSD'04 Workshop on AOSD Technology for Application level Security.

[11]

Hummer, W., Gaubatz, P., Strembeck, M., Zdun, U. and Dustdar, S. (2011) 'An integrated approach for identity and access management in a SOA context', Proceedings of the 16th ACM symposium on Access Control Models and Technologies (SACMAT 11), New York, USA.

Digital Library

[12]

Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J. and Griswold, W.G. (2001) 'An overview of AspectJ', Proceedings of the 15th European Conference on Object-Oriented Programming (ECOOP 01), Springer-Verlag, London, UK.

Digital Library

[13]

Kiczales, G., Lamping, J., Menhdhekar, A., Maeda, Ch., Lopes, C., Loingtier, J-M. and Irwin, J. (1997) 'Aspect-oriented programming', in Aksit, M. and Matsuoka, S. (Eds): Proceedings European Conference on Object-Oriented Programming, Springer-Verlag, Berlin, Heidelberg.

[14]

Lockhart, B. (2008) OASIS Security Services TC (SAML). Available online at: http://www.oasisopen.org/committees/tc_home.php?wg_abbrev=security

[15]

Moses, T. (2011) OASIS eXtensible Access Control Markup Languag e(XACML), OASIS Standard 2.0. Available online at: http://www.oasis-open.org/committees/xacml/

[16]

Nolan, P. (2004) Understand WS-Policy processing, Technical report, IBM Corporation.

[17]

Paci, F., Bertino, E. and Crampton, J. (2008) 'An access-control framework for WS-BPEL', International Journal of Web Services Research, Vol. 5, No. 3, pp. 20-43.

[18]

Pavlich-Mariscal, J., Michel, L. and Demurjian, S. (2007) 'Enhancing UML to model custom security aspects', Proceedings of the 11th International Workshop on Aspect-Oriented Modeling.

[19]

Schlimmer, J. (2004) Web Services Policy Framework (WS-Policy). Available online at: http://www-128. ibm.com/developerworks/Webservices/library/specification/ws-polfram/

[20]

Shah, V. (2003) An Aspect-Oriented Security Assurance Solution, Technical Report AFRL-IF-RS-TR-2003-254, Cigital Labs.

[21]

Slowikowski, P. and Zielinski, K. (2003) 'Comparison study of aspect-oriented and container managed security', Proceedings of the ECCOP Workshop on Analysis of Aspect-Oriented Software.

[22]

Sun, M., Li, B. and Zhang, P. (2009) 'Monitoring BPEL-based web service composition using AOP', Proceedings of The 8th IEEE/ACIS International Conference on Computer and Information Science, Washington, DC, USA.

Digital Library

[23]

Wu-Lee, C. and Hwang, G. (2010) 'Dynamic policies for supporting quality of service in service-oriented architecture', Proceedings of the International Conference on Electronics and Information Engineering, Washington, DC, USA.

Cited By

Mourad ATout HTalhi COtrok HYahyaoui H(2016)From model-driven specification to design-level set-based analysis of XACML policiesComputers and Electrical Engineering10.1016/j.compeleceng.2015.09.02152:C(65-79)Online publication date: 1-May-2016
https://dl.acm.org/doi/10.1016/j.compeleceng.2015.09.021
Mourad AJebbaoui H(2015)SBA-XACMLExpert Systems with Applications: An International Journal10.1016/j.eswa.2014.07.03142:1(165-178)Online publication date: 1-Jan-2015
https://dl.acm.org/doi/10.1016/j.eswa.2014.07.031
Tout HMourad ATalhi COtrok H(2015)AOMD approach for context-adaptable and conflict-free Web services compositionComputers and Electrical Engineering10.1016/j.compeleceng.2015.04.00444:C(200-217)Online publication date: 1-May-2015
https://dl.acm.org/doi/10.1016/j.compeleceng.2015.04.004
Show More Cited By

A novel aspect-oriented BPEL framework for the dynamic enforcement of web services security
1. Information systems
  1. World Wide Web

Recommendations

Aspect-Oriented Web Service Composition: A Petri Net Based Approach
CYBERC '11: Proceedings of the 2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery

In the various approaches of web service compositions proposed by the researcher, Aspect Oriented Web Service Composition (AOWSC) is the most formal way of composition. Composition is a set of relevant candidate web service, synchronously tied up with ...
Aspect-oriented requirements engineering: approaches and techniques
DATA '18: Proceedings of the First International Conference on Data Science, E-learning and Information Systems

Aspect Oriented Software Development (AOSD) builds on the concept of Separation of Concerns (SoC). It improves software modularity by encapsulating crosscutting concerns into new units called aspects. Aspect Oriented Requirements Engineering (AORE) is ...
Can Graph Transformation Make Aspect Languages for BPEL Redundant?
EDOC '10: Proceedings of the 2010 14th IEEE International Enterprise Distributed Object Computing Conference

The aspect language AO4BPEL has been introduced as a way to modularize cross-cutting concerns in Web service compositions that are specified in BPEL. AO4BPEL can be difficult to understand and to write for non-XML experts. This paper explores if ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image International Journal of Web and Grid Services

International Journal of Web and Grid Services Volume 8, Issue 4

January 2012

104 pages

ISSN:1741-1106

EISSN:1741-1114

Issue’s Table of Contents

Publisher

Inderscience Publishers

Geneva 15, Switzerland

Publication History

Published: 01 January 2012

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 18 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Mourad ATout HTalhi COtrok HYahyaoui H(2016)From model-driven specification to design-level set-based analysis of XACML policiesComputers and Electrical Engineering10.1016/j.compeleceng.2015.09.02152:C(65-79)Online publication date: 1-May-2016
https://dl.acm.org/doi/10.1016/j.compeleceng.2015.09.021
Mourad AJebbaoui H(2015)SBA-XACMLExpert Systems with Applications: An International Journal10.1016/j.eswa.2014.07.03142:1(165-178)Online publication date: 1-Jan-2015
https://dl.acm.org/doi/10.1016/j.eswa.2014.07.031
Tout HMourad ATalhi COtrok H(2015)AOMD approach for context-adaptable and conflict-free Web services compositionComputers and Electrical Engineering10.1016/j.compeleceng.2015.04.00444:C(200-217)Online publication date: 1-May-2015
https://dl.acm.org/doi/10.1016/j.compeleceng.2015.04.004
Jebbaoui HMourad AOtrok HHaraty R(2015)Semantics-based approach for detecting flaws, conflicts and redundancies in XACML policiesComputers and Electrical Engineering10.1016/j.compeleceng.2014.12.01244:C(91-103)Online publication date: 1-May-2015
https://dl.acm.org/doi/10.1016/j.compeleceng.2014.12.012
Alqahtani HMostefaoui GMaamar Z(2014)A Context-Based Security Framework for Cloud ServicesProceedings of the 3rd International Conference on Context-Aware Systems and Applications10.5555/2762722.2762748(130-137)Online publication date: 7-Oct-2014
https://dl.acm.org/doi/10.5555/2762722.2762748
Mostefaoui GMaamar ZNarendra N(2014)SC-WSInternational Journal of Organizational and Collective Intelligence10.4018/ijoci.20140401024:2(31-44)Online publication date: 1-Apr-2014
https://dl.acm.org/doi/10.4018/ijoci.2014040102
Ayoubi SMourad AOtrok HShahin A(2013)New XACML-AspectBPEL approach for composite web services securityInternational Journal of Web and Grid Services10.1504/IJWGS.2013.0541099:2(127-145)Online publication date: 1-May-2013
https://dl.acm.org/doi/10.1504/IJWGS.2013.054109

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents