Abstract:Although web services aim to bring about seamless and effective communication in a wide variety of Internet applications, the interactions between them are currently limited to simple request-response exchanges. However, in the longer term we believe this is unsustainable. In particular, we believe that more complex protocols for web service conversations are necessary if the participants are to tailor their needs and offers to the prevailing context and they are to coordinate multiple services in open and rea… Show more
“…SCIFC [12] uses various mechanism (such as back-check procedure, carry-along policies, and transformation factors) and algorithms to make sure whether a service chain can be successfully invoked. The objectives of quite a few researches are also about negotiation [25][26][27][28][29][30]. A negotiation model generally fails to check information flows within software during execution.…”
Abstract-This paper presents the information flow control model NetIFC to prevent information leakage when a net service is being executed. NetIFC offers the following features: (1) it blocks at least statements as possible and (2) it reduces runtime overhead. To achieve the first feature, NetIFC strictly controls output statements because only output may leak information. To achieve the second feature, NetIFC is executed in parallel with a service in different sites to monitor the service. This monitoring style substantially reduce runtime overhead when comparing with embedding a model in a net service.Index Terms-Information flow, information flow control, information security, information leakage prevention, runtime overhead.
“…SCIFC [12] uses various mechanism (such as back-check procedure, carry-along policies, and transformation factors) and algorithms to make sure whether a service chain can be successfully invoked. The objectives of quite a few researches are also about negotiation [25][26][27][28][29][30]. A negotiation model generally fails to check information flows within software during execution.…”
Abstract-This paper presents the information flow control model NetIFC to prevent information leakage when a net service is being executed. NetIFC offers the following features: (1) it blocks at least statements as possible and (2) it reduces runtime overhead. To achieve the first feature, NetIFC strictly controls output statements because only output may leak information. To achieve the second feature, NetIFC is executed in parallel with a service in different sites to monitor the service. This monitoring style substantially reduce runtime overhead when comparing with embedding a model in a net service.Index Terms-Information flow, information flow control, information security, information leakage prevention, runtime overhead.
“…Recent papers [3,4,13] have argued that a Web service is more than a set of independent operations. In fact, during a Web service's invocation, a client interacts with the service performing a sequence of operations in a particular order.…”
Section: Related Workmentioning
confidence: 99%
“…Specifically, [3,4] adopt a model based on finite transition systems (aka finite state machines) for representing all possible conversations. The approach of [13] is based on the combined use of two Web service languages, WS-Conversation (WSCL) and WS-Agreement, that allows one to specify non-trivial conversations in which several messages have to be exchanged before the service is completed and/or the conversation may evolve in different ways depending on the state and the needs of the requesting agents and of the service provider.…”
Service Oriented Computing is emerging as the main approach to build distributed enterprise applications on the Web. The widespread use of Web services is hindered by the lack of adequate security and privacy support. In this paper, we present a novel framework for enforcing access control in conversation-based Web services. Our approach takes into account the conversational nature of Web services. This is in contrast with existing approaches to access control enforcement that assume a Web service as a set of independent operations. Furthermore, our approach achieves a tradeoff between the need to protect Web service's access control policies and the need to disclose to clients the portion of access control policies related to the conversations they are interested in. This is important to avoid situations where the client cannot progress in the conversation due to the lack of required security requirements. We introduce the concept of k-trustworthiness that defines the conversations for which a client can provide credentials maximizing the likelihood that it will eventually hit a final state.
“…We also discuss the beginning of an implementation for developing agent web service agreements over IBM's ETTK toolkit [4]. The work in this paper considers more pragmatic issues than our previous work in [7]. Compared to [7], here, 1) we ground our work with a scenario in the insurance sector, 2) since WSCL (Web Service Conversation Language) has become obsolete, we adapt our approach to only be compatible with WS-Agreement rather than propose a WSCL/WSAgreement extension as in [7] and, 3) we discuss our first attempts at implementing agent web service agreements.…”
Section: Introductionmentioning
confidence: 99%
“…The work in this paper considers more pragmatic issues than our previous work in [7]. Compared to [7], here, 1) we ground our work with a scenario in the insurance sector, 2) since WSCL (Web Service Conversation Language) has become obsolete, we adapt our approach to only be compatible with WS-Agreement rather than propose a WSCL/WSAgreement extension as in [7] and, 3) we discuss our first attempts at implementing agent web service agreements. This paper advances the state of the art through a framework that extends the conversational capabilities of web services by supporting non-trivial interactions in which several messages have to be exchanged before the service is completed and/or the conversation may evolve in different ways depending on the state and the needs of the participants.…”
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.