XPath translation to enhance the semantic matching of fine-grained Web service security policies

Fine-grained Web service security policies contain protection assertions that include XPath expressions pointing to the message data to be secured. However, existing security policy (SP) matching approaches don't take into account the structural heterogeneities that may exist between the requestor and provider data. In this paper, we show how this can lead to wrong SP matching results and propose an XPath translation approach that makes the XPath expressions in a requestor and provider SPs refer to the same XML schema so that they may be correctly compared. We also implement our XPath translator, integrate it into our previous SP matcher, and validate the correctness of matching fine-grained protection assertions through several tests and a real-world use case.

[1]  Gunter Saake,et al.  Improving XML schema matching performance using Prüfer sequences , 2009, Data Knowl. Eng..

[2]  Mohamed Jmaiel,et al.  Semantic matching of web services security policies , 2012, 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS).

[3]  Freddy Lécué,et al.  Semantic and Syntactic Data Flow in Web Service Composition , 2008, 2008 IEEE International Conference on Web Services.

[4]  Bofeng Zhang,et al.  Rule-Based Security Capabilities Matching for Web Services , 2013, Wirel. Pers. Commun..

[5]  Evan Lenz XSLT 1.0 pocket reference - a quick guide to XML transformations , 2005 .

[6]  Maria Beatriz Felgar de Toledo,et al.  Web service security management using semantic web techniques , 2008, SAC '08.

[7]  Giuseppe Di Modica,et al.  Semantic Security Policy Matching in Service Oriented Architectures , 2011, 2011 IEEE World Congress on Services.

[8]  Fausto Giunchiglia,et al.  Semantic Schema Matching , 2005, OTM Conferences.

[9]  Aida Boukottaya,et al.  Schema matching for transforming structured documents , 2005, DocEng '05.