A Logic Framework for Flexible and Security-Aware Service Composition

Automatic service composition finds applicability in many different domains. Composition comes into play when a user's request cannot be fulfilled by a single software module, but the composition of multiple modules can provide the requested services. In many application domains it is important to be able to express QoS and security attributes associated with services and take them into account in the composition process. In this paper, we propose a general framework for module composition that offers all the aforementioned capabilities. In addition, our framework allows users to express both hard and soft requirements for the QoS and security attributes that should come with the requested services. We address the problem of composing modules so that the requested services can be provided with the best attribute provision w.r.t. to the user's specifications. We show that the problem is NP-hard. Finally, we propose a logic programming approach to express and solve the module composition problem.

[1]  Joseph Sifakis,et al.  Composition for component-based modeling , 2002, Sci. Comput. Program..

[2]  Andrew W. Appel,et al.  MulVAL: A Logic-based Network Security Analyzer , 2005, USENIX Security Symposium.

[3]  Sushil Jajodia,et al.  QoP and QoS Policy Cognizant Module Composition , 2010, 2010 IEEE International Symposium on Policies for Distributed Systems and Networks.

[4]  Michael Eichberg,et al.  Component Composition Using Feature Models , 2010, CBSE.

[5]  Khaled M. Khan,et al.  Composing Security-Aware Software , 2002, IEEE Softw..

[6]  Khaled M. Khan,et al.  Constraint-enhanced role engineering via answer set programming , 2012, ASIACCS '12.

[7]  Jianwen Su,et al.  Tools for composite web services: a short overview , 2005, SGMD.

[8]  John DeTreville,et al.  Binder, a logic-based security language , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[9]  Francesco Buccafurri,et al.  Enhancing Disjunctive Datalog by Constraints , 2000, IEEE Trans. Knowl. Data Eng..

[10]  Sushil Jajodia,et al.  A logical language for expressing authorizations , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[11]  Philip S. Yu,et al.  Optimal Component Composition for Scalable Stream Processing , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[12]  Sushil Jajodia,et al.  Flexible support for multiple access control policies , 2001, TODS.

[13]  Stavros Tripakis Automated Module Composition , 2003, TACAS.

[14]  Maude Manouvrier,et al.  TQoS: Transactional and QoS-Aware Selection Algorithm for Automatic Web Service Composition , 2010, IEEE Transactions on Services Computing.

[15]  Elisa Bertino,et al.  A unified framework for enforcing multiple access control policies , 1997, SIGMOD '97.