A BPEL-based framework for the enforcement of web services security. (c2012)

LAUR Repository

Show simple item record

dc.contributor.author Ayoubi, Sara Nabil El-
dc.date.accessioned 2012-07-04T07:26:36Z
dc.date.available 2012-07-04T07:26:36Z
dc.date.copyright 2012 en_US
dc.date.issued 2012-07-04
dc.date.submitted 2012-03-29
dc.identifier.uri http://hdl.handle.net/10725/1186
dc.description Includes bibliographical references (leaves 83-87). en_US
dc.description.abstract In this this thesis, we address the problem related to security in a composition of web services, mainly in a BPEL process. This problem emerges due to the monopolization of security at the web service side which causes an enormous overhead when running a process that orchestrates between multiple services. Furthermore, BPEL suffers from a lack of modularity for modeling cross-cutting concerns, thus any changes or modication to the process is a tedious and cumbersome, not to mention the need to deactivate the process throughout the modication phase. Thus, our thesis is dedicated to the introduction of a mutli-layer framework for the enforcement of security for web services. This approach is based on a synergy between XACML (eXtensible Access Control Markup Language) security policies, Aspect-Oriented Programming (AOP) and composition of web services (BPEL). This synergy is achieved through the elaboration of a dedicated language called AspectBPEL. The elaborated AspectBPEL language allows specifying security policies as separate components, namely, aspects. These aspects are weaved systematically in the BPEL (Business Process Execution Language) process for the sake of activating the security policies at runtime on specic join points. In addition, our approach allows specifying the XACML security policies that are used to determine pointcuts in a BPEL process where security is needed. Subsequently, a BPEL ow with the needed security is generated into security AspectBPEL aspects to be weaved in the aforementioned process. The centralization of security at the process level consists on the use of a separate trust authority that adopts an XACML infrastructure. The main contributions of our approach are: (1) Describing dynamic security policies using a standard language XACML, (2) generating automatically the BPEL aspects of the XACML policies, (3) separating the business and security concerns of composite web services, and hence developing them separately (4) allowing the modication of the dynamic security features and web services composition at run time to integrate, remove and/or update security mechanisms, (5) providing modularity for modeling cross-cutting concerns between web services. (6) centralizing and updating the security measurements at the BPEL side and (7) providing a language and a framework that is fully operational and compatible with any BPEL process regardless of the adopted development environment. The feasibility and usability of the proposed framework have been veried using two real life case studies: an Online Purchase System (OPS) and a Flight Reservation System (FS). Finally, experimental results and performance analysis are presented to evaluate the proposed framework. en_US
dc.language.iso en en_US
dc.subject BPEL (Computer program language) en_US
dc.subject Web services -- Security measures en_US
dc.title A BPEL-based framework for the enforcement of web services security. (c2012) en_US
dc.type Thesis en_US
dc.term.submitted Spring en_US
dc.author.degree MS in Computer Science en_US
dc.author.school Arts and Sciences en_US
dc.author.idnumber 201000374 en_US
dc.author.commembers Dr.Hadi Otrok
dc.author.commembers Dr.Ramzi Haraty
dc.author.woa OA en_US
dc.description.physdesc 1 bound copy: xvi, 87 leaves; col. ill.; 31 cm. available at RNL. en_US
dc.author.division Computer Science en_US
dc.author.advisor Dr.Azzam Mourad
dc.keywords Web Services en_US
dc.keywords BPEL en_US
dc.keywords Security en_US
dc.keywords XACML en_US
dc.keywords Aspects Oriented Programming en_US
dc.identifier.doi https://doi.org/10.26756/th.2012.13 en_US
dc.publisher.institution Lebanese American University en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search LAUR

Advanced Search


My Account