Towards a BPEL model-driven approach for web services security

LAUR Repository

Show simple item record

dc.contributor.author Tout, Hanine
dc.contributor.author Mourad, Azzam
dc.contributor.author Yahyaoui, Hamdi
dc.contributor.author Talhi, Chamseddine
dc.contributor.author Otrok, Hadi
dc.date.accessioned 2017-03-10T09:00:23Z
dc.date.available 2017-03-10T09:00:23Z
dc.date.issued 2017-03-10
dc.identifier.isbn 9781467323260 en_US
dc.identifier.uri http://hdl.handle.net/10725/5353
dc.description.abstract By handling the orchestration, composition and interaction of Web services, the Business Process Execution Language (BPEL) has gained tremendous interest. However, such process-based language does not assure a secure environment for Web services composition. The key solution cannot be seen as a simple embed of security properties in the source code of the business logic since the dynamism of the BPEL process will be affected when the security measures get updated. In this context, several approaches have emerged to tackle such issue by offering the ability to specify the security properties independently from the business logic based on policy languages. Nevertheless, these languages are complex, verbose and require programming expertise. Owing to these difficulties, specifying and the enforcing BPEL security policies become very tedious tasks. To mitigate these challenges, we propose in this paper, a novel approach that takes advantage of both the Unified Modeling Language (UML) and the Aspect Oriented Paradigm (AOP). By elaborating a UML extension mechanism, called UML Profile, our approach provides the users with model-based capabilities to specify aspects that enforce the required security policies. On the other hand, it offers a high level of flexibility when enforcing security hardening solutions in the BPEL process by exploiting the AOP approach. We illustrate our approach through an example of the dynamic generation and integration of model-based security aspects in a BPEL process. en_US
dc.language.iso en en_US
dc.publisher IEEE en_US
dc.title Towards a BPEL model-driven approach for web services security en_US
dc.type Conference Paper / Proceeding en_US
dc.author.school SAS en_US
dc.author.idnumber 200904853 en_US
dc.author.department Computer Science and Mathematics en_US
dc.description.embargo N/A en_US
dc.keywords Unified modeling language en_US
dc.keywords Web services en_US
dc.keywords Weaving en_US
dc.keywords Access control en_US
dc.keywords Process control en_US
dc.keywords Business en_US
dc.identifier.doi http://dx.doi.org/10.1109/PST.2012.6297928 en_US
dc.identifier.ctation Tout, H., Mourad, A., Yahyaoui, H., Talhi, C., & Otrok, H. (2012, July). Towards a BPEL model-driven approach for Web services security. In Privacy, Security and Trust (PST), 2012 Tenth Annual International Conference on (pp. 120-127). IEEE. en_US
dc.author.email azzam.mourad@lau.edu.lb en_US
dc.conference.date 16-18 July 2012 en_US
dc.conference.pages 120-127 en_US
dc.conference.place Paris, France en_US
dc.conference.title 2012 Tenth Annual International Conference on Privacy, Security and Trust en_US
dc.identifier.tou http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php en_US
dc.identifier.url http://ieeexplore.ieee.org/abstract/document/6297928/ en_US
dc.orcid.id https://orcid.org/0000-0001-9434-5322
dc.author.affiliation Lebanese American University en_US

Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record

Search LAUR

Advanced Search


My Account