{"title":"面向服务体系结构中的语义安全策略匹配","authors":"G. Modica, O. Tomarchio","doi":"10.1109/SERVICES.2011.110","DOIUrl":null,"url":null,"abstract":"Cloud computing poses several new security andprivacy challenges, mainly related to resource sharing, interoperabilityand dinamicity among different providers. Althoughpolicy specification languages address some of these challenges,many issues still have to be faced with. Policy matching is todayperformed by way of syntactical approaches, which may limitthe selection of suitable services on the one hand, and theflexibility and the dinamicity of the matching process on theother one. In this work we propose a semantic approach that,by means of semantic annotations to WS-Policy documents,allows for an improved matching of security requirementsand capabilities based on their actual meaning. The proposedapproach has been validated through a case study that showshow a pure syntactic-based mechanism of WS-Policy wouldhave failed in matching two actually compatible policies.","PeriodicalId":429726,"journal":{"name":"2011 IEEE World Congress on Services","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Semantic Security Policy Matching in Service Oriented Architectures\",\"authors\":\"G. Modica, O. Tomarchio\",\"doi\":\"10.1109/SERVICES.2011.110\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing poses several new security andprivacy challenges, mainly related to resource sharing, interoperabilityand dinamicity among different providers. Althoughpolicy specification languages address some of these challenges,many issues still have to be faced with. Policy matching is todayperformed by way of syntactical approaches, which may limitthe selection of suitable services on the one hand, and theflexibility and the dinamicity of the matching process on theother one. In this work we propose a semantic approach that,by means of semantic annotations to WS-Policy documents,allows for an improved matching of security requirementsand capabilities based on their actual meaning. The proposedapproach has been validated through a case study that showshow a pure syntactic-based mechanism of WS-Policy wouldhave failed in matching two actually compatible policies.\",\"PeriodicalId\":429726,\"journal\":{\"name\":\"2011 IEEE World Congress on Services\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-07-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 IEEE World Congress on Services\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERVICES.2011.110\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE World Congress on Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERVICES.2011.110","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Semantic Security Policy Matching in Service Oriented Architectures
Cloud computing poses several new security andprivacy challenges, mainly related to resource sharing, interoperabilityand dinamicity among different providers. Althoughpolicy specification languages address some of these challenges,many issues still have to be faced with. Policy matching is todayperformed by way of syntactical approaches, which may limitthe selection of suitable services on the one hand, and theflexibility and the dinamicity of the matching process on theother one. In this work we propose a semantic approach that,by means of semantic annotations to WS-Policy documents,allows for an improved matching of security requirementsand capabilities based on their actual meaning. The proposedapproach has been validated through a case study that showshow a pure syntactic-based mechanism of WS-Policy wouldhave failed in matching two actually compatible policies.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
