IIT Home Page CNR Home Page

Contract-based Approaches for Securing Web Services

The pervasiveness of web services increases the necessity for consumers to access and use them in a secure way. Consumers should require strong guarantees that their security policies are satised. Unfortunately, Service Oriented Computing (SOC) is adverse to most techniques of control and analysis which, usually, require the direct access to either execution or implementation.

Here, we classify dierent service execution paradigms and their participants. According to the amount of available information about the service we identify the existing threats and the security supports the service consumers can rely on for obtaining actual guarantees. Following our classication, we considered the possibility of applying the Security-by-Contract-with-Trust framework. If correctly implemented, it can mitigate the security risks in the most service composition paradigms.

 


IGI Global, 2013

External authors: Gabriele Costa (Dipartimento di Informatiche, Bioingegneria, Robotica e Ingegneria dei Sistemi Genova)
IIT authors:

Roberto Mandati

Foto di Roberto Mandati

Type: Article in non-ISI Journal with international referees
Field of reference: Computer Science & Engineering