Secure and Trustworthy Service Composition

The characteristics of dynamic composite services opens up to new possibilities as well as potential dangers. We need to be aware of both sides of this coin when designing and providing such services, as well as when we are consuming them. This chapter explains the characteristics of composite services, and gives a brief overview of related literature, projects, tools and standards as a backdrop to the Aniketos project.

[1]  Úlfar Erlingsson,et al.  The Inlined Reference Monitor Approach to Security Policy Enforcement , 2004 .

[2]  Pierluigi Roberti,et al.  STS-Tool: Specifying and Reasoning over Socio-Technical Security Requirements , 2013, iStar.

[3]  Eric Mayer Service Oriented Computing Semantics Processes Agents , 2016 .

[4]  Klemens Böhm,et al.  A Security Language for BPMN Process Models , 2011 .

[5]  Paolo Giorgini,et al.  Aligning Service-Oriented Architectures with Security Requirements , 2012, OTM Conferences.

[6]  A. Noguero,et al.  A generic executable framework for model-driven engineering , 2012, 7th Iberian Conference on Information Systems and Technologies (CISTI 2012).

[7]  John Mylopoulos,et al.  Modeling security requirements through ownership, permission and delegation , 2005, 13th IEEE International Conference on Requirements Engineering (RE'05).

[8]  Christoph Meinel,et al.  Modelling Security Goals in Business Processes , 2008, Modellierung.

[9]  Georg Gottlob,et al.  Disjunctive datalog , 1997, TODS.

[10]  Eric S. K. Yu,et al.  A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs , 2007, ER.

[11]  Christoph Meinel,et al.  Security Requirements Specification in Service-Oriented Business Process Management , 2009, 2009 International Conference on Availability, Reliability and Security.

[12]  John Mylopoulos,et al.  Adaptation in Open Systems: Giving Interaction Its Rightful Place , 2010, ER.

[13]  Mario Piattini,et al.  A BPMN Extension for the Modeling of Security Requirements in Business Processes , 2007, IEICE Trans. Inf. Syst..

[14]  Manfred Tscheligi,et al.  Formative User-Centered Evaluation of Security Modeling: Results from a Case Study , 2012, Int. J. Secur. Softw. Eng..

[15]  Farookh Khadeer Hussain,et al.  Towards Multi-criteria Cloud Service Selection , 2011, 2011 Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[16]  Haralambos Mouratidis,et al.  Secure Tropos: a Security-Oriented Extension of the Tropos Methodology , 2007, Int. J. Softw. Eng. Knowl. Eng..

[17]  Munindar P. Singh An ontology for commitments in multiagent systems: , 1999, Artificial Intelligence and Law.

[18]  Eric L. Trist Socio-technical Systems , 1978, Encyclopedia of Social Network Analysis and Mining. 2nd Ed..

[19]  Paolo Giorgini,et al.  Identifying Conflicts in Security Requirements with STS-ml , 2012 .

[20]  Paolo Giorgini,et al.  Security requirements engineering via commitments , 2011, 2011 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST).

[21]  Munindar P. Singh An ontology for commitments in multiagent systems: , 1999, Artificial Intelligence and Law.