Semantic matching of web services security policies

The lack of semantics in WS-SecurityPolicy (WS-SP) hampers the effectiveness of matching security policies. To resolve this problem, we present a semantic approach for specifying and matching web service security policies. The approach consists in the transformation of WS-SP into an OWL-DL ontology and the definition of a set of rules which automatically generate semantic relations that can exist between the provider and requestor security requirements. We show how these relations lead to more correct and accurate matching of security policies. At the end of this paper, we present the implementation of our approach and its validation through a real-world use case.

[1]  He Zheng-qiu,et al.  Semantic Security Policy for Web Service , 2009, 2009 IEEE International Symposium on Parallel and Distributed Processing with Applications.

[2]  Kunal Verma,et al.  Semantic Matching of Web Service Policies , 2005, SDWP@ICWS.

[3]  Myong H. Kang,et al.  Security Ontology for Annotating Resources , 2005, OTM Conferences.

[4]  Maria Beatriz Felgar de Toledo,et al.  Ontology-Based Security Policies for Supporting the Management of Web Service Business Processes , 2008, 2008 IEEE International Conference on Semantic Computing.

[5]  Kouichi Ono,et al.  Verifying the Consistency of Security Policies by Abstracting into Security Types , 2007, IEEE International Conference on Web Services (ICWS 2007).

[6]  Sebastian Speiser Semantic Annotations for WS-Policy , 2010, 2010 IEEE International Conference on Web Services.

[7]  Timothy W. Finin,et al.  Security for DAML Web Services: Annotation and Matchmaking , 2003, SEMWEB.

[8]  Bernhard Hollunder Domain-Specific Processing of Policies or: WS-Policy Intersection Revisited , 2009, 2009 IEEE International Conference on Web Services.

[9]  H. Lan,et al.  SWRL : A semantic Web rule language combining OWL and ruleML , 2004 .