Rule-Based Security Capabilities Matching for Web Services

A primary problem for security aware Web service discovery is how to discover security capabilities of Web services and how these security capabilities can be matched with security requirements of various requesters. Presently, most approaches are based on syntactic matching, which is prone to result in false negative because of lacking of semantics. In this paper, we propose a rule-based approach to decide whether security capabilities match security requirements. Based on a semantic model of security policy, security capabilities are inferred from security policy of Web services. General Web service security ontology is proposed to semantically model security requirements of various service requesters. The architecture of rule-based matching engine is also presented to describe the whole matching process. The prototype system and case study show that the proposed approach is flexible and feasible.

[1]  Jian Yang,et al.  Access control: what is required in business collaboration? , 2009, ADC 2009.

[2]  Deborah L. McGuinness,et al.  OWL Web ontology language overview , 2004 .

[3]  Timothy W. Finin,et al.  Security in the Semantic Web using OWL , 2005, Inf. Secur. Tech. Rep..

[4]  Maria Beatriz Felgar de Toledo,et al.  Ontology-Based Security Policies for Supporting the Management of Web Service Business Processes , 2008, 2008 IEEE International Conference on Semantic Computing.

[5]  Yarden Katz,et al.  Representing Web Service Policies in OWL-DL , 2005, SEMWEB.

[6]  Christoph Meinel,et al.  A Security Meta-model for Service-Oriented Architectures , 2009, 2009 IEEE International Conference on Services Computing.

[7]  Christoph Meinel,et al.  Security Requirements Specification in Service-Oriented Business Process Management , 2009, 2009 International Conference on Availability, Reliability and Security.

[8]  Ernesto Pimentel,et al.  Contracts for security adaptation , 2011, J. Log. Algebraic Methods Program..

[9]  Timothy W. Finin,et al.  Authorization and privacy for semantic Web services , 2004, IEEE Intelligent Systems.

[10]  Miroslaw Malek,et al.  Current solutions for Web service composition , 2004, IEEE Internet Computing.

[11]  Nicola Mazzocca,et al.  Self-optimization of secure web services , 2008, Comput. Commun..

[12]  H. Lan,et al.  SWRL : A semantic Web rule language combining OWL and ruleML , 2004 .

[13]  Myong H. Kang,et al.  Security Ontology for Annotating Resources , 2005, OTM Conferences.

[14]  Jorge Lobo,et al.  Policy framework for security and privacy management , 2009, IBM J. Res. Dev..

[15]  Jiankun Hu,et al.  Seamless integration of dependability and security concepts in SOA: A feedback control system based framework and taxonomy , 2011, J. Netw. Comput. Appl..

[16]  Yingwei Luo,et al.  A Think on Security and Trusty Measurement for Virtualized Environment , 2011 .

[17]  Philip Robinson,et al.  From Business Process Choreography to Authorization Policies , 2006, DBSec.

[18]  Timothy W. Finin,et al.  Security for DAML Web Services: Annotation and Matchmaking , 2003, SEMWEB.

[19]  Mohamed Shalaby,et al.  Applying Scrum Framework in the IT Service Support Domain , 2011, 2011 IEEE Asia-Pacific Services Computing Conference.

[20]  Christoph Meinel,et al.  Transformation and Aggregation of Web Service Security Requirements , 2010, 2010 Eighth IEEE European Conference on Web Services.

[21]  Barbara Carminati,et al.  Security Conscious Web Service Composition with Semantic Web Support , 2007, 2007 IEEE 23rd International Conference on Data Engineering Workshop.

[22]  Jerry R. Hobbs,et al.  DAML-S: Semantic Markup for Web Services , 2001, SWWS.

[23]  Elijah Blessing Rajsingh,et al.  A novel fault tolerant service selection framework for pervasive computing , 2012, Human-centric Computing and Information Sciences.

[24]  Jorge Lobo,et al.  EXAM: a comprehensive environment for the analysis of access control policies , 2010, International Journal of Information Security.

[25]  Barbara Carminati,et al.  Security Conscious Web Service Composition , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[26]  Mei-Ling Shyu,et al.  Quality of service provision in mobile multimedia - a survey , 2011, Human-centric Computing and Information Sciences.