Extended BPEL with heterogeneous authentication mechanisms in service ecosystems

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Extended BPEL with heterogeneous authentication mechanisms in service ecosystems

Full text

Pdf (819 KB)

Source

International Conference on Management of Emergent Digital EcoSystems archive
Proceedings of the International Conference on Management of Emergent Digital EcoSystems table of contents

France

SESSION: Modelling languages and systems (MLS) table of contents

Article No. 19

Year of Publication: 2009

ISBN:978-1-60558-829-2

Authors

Pascal Bou Nassar	INSA-Lyon, Université de Lyon, Lyon
Youakim Badr	INSA-Lyon, Université de Lyon, Lyon
Frederique Biennier	INSA-Lyon, Université de Lyon, Lyon
Kablan Barbar	Lebanese University, Fanar, Lebanon

Sponsor

: The French Chapter of ACM Special Interest Group on Applied Computing

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 0, Downloads (12 Months): 0, Citation Count: 0

Additional Information:

abstract references index terms

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1643823.1643847 What is a DOI?

ABSTRACT

Service ecosystems provide distributed evolutionary capabilities allowing services to recombine and evolve in sustainable environments. Web services play a crucial role in service ecosystems since they support interoperable machine-to-machine interactions and help in developing new services from existing services by using a variety of composition languages. Business Process Execution Language (BPEL) has recently emerged as the de-facto standard for Web service composition. From the security perspective, Web service providers may require different authentication mechanisms to securely invoke their services. The integration of different authentication mechanisms complicates the global authentication scheme of BPEL-based processes and raises a challenge in adopting BPEL in service ecosystems. In this work, we propose the Security Service concept to define activity single sign-on (ASSO) for federated identify-based authentication. The Security Service allows the integration of heterogeneous authentication mechanisms in the context of multiple service providers. We also extend the <invoke> activity to ensure non-intrusive extension of BPEL language and implement the Security Service in a peer-to-peer network.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	P. Dini, N. Rathbone, M. Vidal, P. Hernandez, P. Ferronato, G. Briscoe and S. Hendryx. The Digital Ecosystems Research Vision: 2010 and Beyond. 2005, European Commission.
	2	G. Briscoe and P. De Wilde. Digital Ecosystems: Evolving Service-Oriented Qrchitectures. In Conference on Bio Inspired Models of Network, Information and Computing Systems. IEEE Press, 2006.
	3	Juric, M., Business Process Excecution Langage for Web Services, (2006, 2 ed, chap. 1)
	4	IBM, Microsoft, and BEA Systems. Business process execution language for web services. August 2002. http://www.ibm.com/developerworks/library/ws-bpel.
	5	OASIS. Web Services Business Process Execution Language (WSBPEL). http://www.oasis-open.org/committees/wsbpel
	6	G. Decker, H. Overdick and J. M. Zaha, "On the suitability of WSCDL for choreography modeling," in Proceedings of Methoden, Konzepte Und Technologien Fur Die Entwicklung Von Dienstebasierten Informationssystemen (EMISA), 2006.
	7	IBM Corporation, Business Process Execution Language for Web Services (BPEL4WS), Version 1.0, 2002.
	8	A. Arkin. Business Process Modeling Language (BPML), Version 1.0. BPMI.org, 2002.
	9	Security in a Web Services World: A Proposed Architecture and Roadmap, A Joint Security Whitepaper from IBM Corporation and Microsoft Corporation, Version 1.0, 2002
	10	A. Naladin, M. Goodner, M. Gudgin, A. Barbir, and H. Granqvist, OASIS Standard Specification WS-SecurityPolicy, OASIS Standard Specification, July 2007
	11	Carminati, B., Ferrari, E., Hung, P., Security Conscious Web Service Composition, in Proceedings of the IEEE International Conference on Web Services, ICWS, 2006
	12	Rouached, M., Godard, C., Specification and Verification of Authorization Policies for Web Services Composition in CAISE Forum, CEUR Workshop Proc, 2007
	13	Chevalier, Y.; Mekki, M. A.; Rusinowitch, M., Automatic Composition of Services with Security Policies, IEEE congress on Services, July 2008
	14	Java Authentication and Authorization Service (JAAS http://www.j2ee.me/javase/technologies/security/
	15	Nadalin, A., Kaler, C., Hallam-Baker, P., Monzillo, R.: OASIS Web Services Security: SOAP Message Security 1.0. (WS-Security)
	16	Erl, T. An Overview of the WS-Security Framework. In (2004 1 ed., Vol. 1, chap. 4).
	17	SAML (Security Assertion Markup Language) http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
	18	Parker, T. A. "Single sign-on systems-the technologies and the products" in Security and Detection, IEEE 1995.
	19	Daniel L. McDonald, Randall J. Atkinson, Craig Metz, One time passwords in everything (OPIE): experiences with building and using stronger authentication, in proceedings of the 5th conference on USENIX UNIX Security Symposium, 1995
	20	Shibboleth. A project of the Internet2 Middleware Initiative http://shibboleth.internet2.edu/
	21	Apache ODE (Orchestration Director Engine) http://ode.apache.org/2008
	22	OpenSAML (Open Security Assertion Markup Language) http://www.opensaml.org/2009
	23	Apache. Axis engine. http://ws.apache.org/axis/2005