Bartoletti, Massimo and Degano, Pierpaolo and Ferrari, Gianluigi (2007) Planning and Verifying Service Composition. Technical Report del Dipartimento di Informatica . Università di Pisa, Pisa, IT.
PDF (GZip) - Published Version Available under License Creative Commons Attribution No Derivatives. Download (453Kb) |
Abstract
A static approach is proposed to study secure composition of services. We extend the lambda-calculus with primitives for selecting and invoking services that respect given security requirements. Security-critical code is enclosed in policy framings with a possibly nested, local scope. Policy framings enforce safety and liveness properties. The actual run-time behaviour of services is over-approximated by a type and effect system. Types are standard, and effects include the actions with possible security concerns - as well as information about which services may be invoked at run-time. An approximation is model-checked to verify policy framings within their scopes. This allows for removing any run-time execution monitor, and for determining the plans driving the selection of those services that match the security requirements on demand.
Item Type: | Book |
---|---|
Uncontrolled Keywords: | web services, security, static analysis |
Subjects: | Area01 - Scienze matematiche e informatiche > INF/01 - Informatica |
Divisions: | Dipartimenti (until 2012) > DIPARTIMENTO DI INFORMATICA |
Depositing User: | dott.ssa Sandra Faita |
Date Deposited: | 09 Dec 2014 13:11 |
Last Modified: | 09 Dec 2014 13:11 |
URI: | http://eprints.adm.unipi.it/id/eprint/2175 |
Repository staff only actions
View Item |