A policy enforcement framework for verification and control of service collaboration

This paper proposes a policy enforcement framework to dynamically verify and control the collaboration process in Service-Oriented Architecture (SOA). Dynamic SOA collaboration is different from traditional service collaboration where the workflow is pre-defined at design time while the services used can be discovered at runtime. In dynamic collaboration, both the workflows and services can be determined at runtime. As they will be determined at runtime, many verification activities can be performed at runtime. This paper proposes a dynamic policy enforcement framework that follows the dynamic SOA collaboration process to ensure that various system constraints can be enforced at runtime. The framework includes a policy specification language, a policy completeness and consistency checking, and distributed policy enforcement. Finally, this paper presents the construction of a sample example to illustrate these features with quantitative performance data.

[1]  Yarden Katz,et al.  Representing Web Service Policies in OWL-DL , 2005, SEMWEB.

[2]  Wei-Tek Tsai,et al.  Service-oriented system engineering: a new paradigm , 2005, IEEE International Workshop on Service-Oriented System Engineering (SOSE'05).

[3]  Anne Anderson Web services policies , 2006, IEEE Security & Privacy.

[4]  Qian Huang,et al.  SOA Collaboration Modeling, Analysis, and Simulation in PSML-C , 2006, 2006 IEEE International Conference on e-Business Engineering (ICEBE'06).

[5]  Lalana Kagal,et al.  Using Semantic Web Technologies for Policy Management on the Web , 2006, AAAI.

[6]  清華大学 SOSE 2005 : IEEE International Workshop on Service-Oriented System Engineering : proceedings : Beijing, China, 20-21 October 2005 , 2005 .

[7]  Ramaswamy Chandramouli A policy validation framework for enterprise authorization specification , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[8]  Lalana Kagal,et al.  Self-describing delegation networks for the Web , 2006, Seventh IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'06).

[9]  Wei-Tek Tsai,et al.  Distributed policy specification and enforcement in service-oriented business systems , 2005, IEEE International Conference on e-Business Engineering (ICEBE'05).

[10]  Anne H. Anderson An introduction to the Web Services Policy Language (WSPL) , 2004, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004..

[11]  Atul Prakash,et al.  A flexible architecture for security policy enforcement , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[12]  Anupam Joshi,et al.  Declarative Policies for Describing Web Service Capabilities and Constraints , 2004 .

[13]  R. E. Smith Experimenting with security policy , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[14]  Raymond A. Paul,et al.  A software reliability model for web services , 2004, IASTED Conf. on Software Engineering and Applications.

[15]  Raymond A. Paul,et al.  Simulation Verification and Validation by Dynamic Policy Specification and Enforcement , 2006, Simul..

[16]  Emil C. Lupu,et al.  An Adaptive Policy-Based Framework for Network Services Management , 2003, Journal of Network and Systems Management.

[17]  Andrea Westerinen,et al.  Policy Core Information Model - Version 1 Specification , 2001, RFC.

[18]  Dakshi Agrawal,et al.  Policy-based validation of SAN configuration , 2004, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004..

[19]  Raymond A. Paul,et al.  A robust testing framework for verifying Web services by completeness and consistency analysis , 2005, IEEE International Workshop on Service-Oriented System Engineering (SOSE'05).

[20]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[21]  Emil C. Lupu,et al.  Conflicts in Policy-Based Distributed Systems Management , 1999, IEEE Trans. Software Eng..

[22]  Basit Shafiq,et al.  POLICY-BASED VERIFICATION OF DISTRIBUTED WORKFLOWS IN A MULTI-DOMAIN ENVIRONMENT , 2006 .