Ronan-Alexandre Cherrueau, Mario Südholt, O. Chebaro
{"title":"Adapting Workflows Using Generic Schemas: Application to the Security of Business Processes","authors":"Ronan-Alexandre Cherrueau, Mario Südholt, O. Chebaro","doi":"10.1109/CloudCom.2013.75","DOIUrl":null,"url":null,"abstract":"Existing approaches to the adaptation of workflows over Web services fall short in two respects. First, they only provide, if ever, limited means for taking into account the execution history of a workflow. Second, they do not support adaptations that require modifications not only at the service composition level but also at the levels of interceptors and service implementations. This is particular problematic for the enforcement of security properties over workflows: enforcing authorization properties, for instance, frequently requires execution contexts to be defined and modifications to be applied at all these abstraction levels of Web services. We present two main contributions in this context. First, we introduce workflow adaptation schemas (WAS), a new notion of generic protocol-based workflow adapters. WAS enable the declarative definition of adaptations involving complex service compositions and implementations. Second, we present two real-world security issues related to the use of OAuth 2.0, a recent and widely used framework for the authorization of resource accesses. As we motivate, these security issues require history-based adaptations over different abstraction levels of services. We then show how to resolve these issues using WAS.","PeriodicalId":198053,"journal":{"name":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE 5th International Conference on Cloud Computing Technology and Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CloudCom.2013.75","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Existing approaches to the adaptation of workflows over Web services fall short in two respects. First, they only provide, if ever, limited means for taking into account the execution history of a workflow. Second, they do not support adaptations that require modifications not only at the service composition level but also at the levels of interceptors and service implementations. This is particular problematic for the enforcement of security properties over workflows: enforcing authorization properties, for instance, frequently requires execution contexts to be defined and modifications to be applied at all these abstraction levels of Web services. We present two main contributions in this context. First, we introduce workflow adaptation schemas (WAS), a new notion of generic protocol-based workflow adapters. WAS enable the declarative definition of adaptations involving complex service compositions and implementations. Second, we present two real-world security issues related to the use of OAuth 2.0, a recent and widely used framework for the authorization of resource accesses. As we motivate, these security issues require history-based adaptations over different abstraction levels of services. We then show how to resolve these issues using WAS.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
