IIT Home Page CNR Home Page

Contract-based Approaches for Securing Web Services

The pervasiveness of web services increases the necessity for consumers to access and use them in a secure way. Consumers should require strong guarantees that their security policies are satised. Unfortunately, Service Oriented Computing (SOC) is adverse to most techniques of control and analysis which, usually, require the direct access to either execution or implementation.

Here, we classify dierent service execution paradigms and their participants. According to the amount of available information about the service we identify the existing threats and the security supports the service consumers can rely on for obtaining actual guarantees. Following our classication, we considered the possibility of applying the Security-by-Contract-with-Trust framework. If correctly implemented, it can mitigate the security risks in the most service composition paradigms.

 


IGI Global, 2013

Autori esterni: Gabriele Costa (Dipartimento di Informatiche, Bioingegneria, Robotica e Ingegneria dei Sistemi Genova)
Autori IIT:

Roberto Mandati

Foto di Roberto Mandati

Tipo: Articoli su riviste non ISI con referee internazionali
Area di disciplina: Computer Science & Engineering