Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CSE
2009
IEEE
2009
IEEE
Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures
Abstract--A widespread design approach in distributed applications based on the service-oriented paradigm, such as web-services, consists of clearly separating the enforcement of authorization policies and the workflow of the applications, so that the interplay between the policy level and the workflow abstracted away. While such an approach is attractive because it is quite simple and permits one to reason about crucial properties of the policies under consideration, it does not provide t level of abstraction to specify and reason about the way the workflow may interfere with the policies, and vice versa. For example, the creation of a certificate as a side effect of a workflow operation may enable a policy rule to fire and grant access to a certain resource; without executing the operation, the policy rule should remain inactive. Similarly, policy queries may be used as guards for workflow transitions. In this paper, we present a two-level formal verification framework to overcome th...
Real-time Traffic| Added | 17 Feb 2011 |
| Updated | 17 Feb 2011 |
| Type | Journal |
| Year | 2009 |
| Where | CSE |
| Authors | Michele Barletta, Silvio Ranise, Luca Viganò |
Comments (0)
Researcher Info
|
