Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures (Full version)

Details Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures (Full version) Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures (Full version)

2009-06-25

arxiv.org/abs/0906.4570v1

Computer Science

Cryptography and Security

16 pages, 4 figures, full version of paper at Symposium on Secure Computing (SecureCom09)

Scientific paper

A widespread design approach in distributed applications based on the service-oriented paradigm, such as web-services, consists of clearly separating the enforcement of authorization policies and the workflow of the applications, so that the interplay between the policy level and the workflow level is abstracted away. While such an approach is attractive because it is quite simple and permits one to reason about crucial properties of the policies under consideration, it does not provide the right level of abstraction to specify and reason about the way the workflow may interfere with the policies, and vice versa. For example, the creation of a certificate as a side effect of a workflow operation may enable a policy rule to fire and grant access to a certain resource; without executing the operation, the policy rule should remain inactive. Similarly, policy queries may be used as guards for workflow transitions. In this paper, we present a two-level formal verification framework to overcome these problems and formally reason about the interplay of authorization policies and workflow in service-oriented architectures. This allows us to define and investigate some verification problems for SO applications and give sufficient conditions for their decidability.

Affiliated with

Also associated with

No associations

Rating

Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures (Full version) does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures (Full version), we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures (Full version) will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-536619