A widespread design approach in distributed applications based on the service-oriented paradigm, such as web-services, consists of clearly separating the enforcement of authorization policies and the workflow of the applications, so that the interplay between the policy level and the workflow level is abstracted away. While such an approach is attractive because it is quite simple and permits one to reason about crucial properties of the policies under consideration, it does not provide the right level of abstraction to specify and reason about the way the workflow may interfere with the policies, and vice versa. In this paper, we present a two-level formal verification framework to overcome these problems and formally reason about the interplay of authorization policies and workflow in serviceoriented architectures. This allows us to define and investigate some verification problems for SO applications and give sufficient conditions for their decidability. © 2009 IEEE.

Verifying the interplay of authorization policies and workflow in service-oriented architectures / Barletta, M.; Ranise, S.; Vigano, L.. - 3:(2009), pp. 289-296. (Intervento presentato al convegno 2009 IEEE International Conference on Privacy, Security, Risk, and Trust, PASSAT 2009 tenutosi a Vancouver, BC, can nel 2009) [10.1109/CSE.2009.172].

Verifying the interplay of authorization policies and workflow in service-oriented architectures

Ranise S.;
2009-01-01

Abstract

A widespread design approach in distributed applications based on the service-oriented paradigm, such as web-services, consists of clearly separating the enforcement of authorization policies and the workflow of the applications, so that the interplay between the policy level and the workflow level is abstracted away. While such an approach is attractive because it is quite simple and permits one to reason about crucial properties of the policies under consideration, it does not provide the right level of abstraction to specify and reason about the way the workflow may interfere with the policies, and vice versa. In this paper, we present a two-level formal verification framework to overcome these problems and formally reason about the interplay of authorization policies and workflow in serviceoriented architectures. This allows us to define and investigate some verification problems for SO applications and give sufficient conditions for their decidability. © 2009 IEEE.
2009
Proceedings - 12th IEEE International Conference on Computational Science and Engineering, CSE 2009
United States
IEEE
978-1-4244-5334-4
Barletta, M.; Ranise, S.; Vigano, L.
Verifying the interplay of authorization policies and workflow in service-oriented architectures / Barletta, M.; Ranise, S.; Vigano, L.. - 3:(2009), pp. 289-296. (Intervento presentato al convegno 2009 IEEE International Conference on Privacy, Security, Risk, and Trust, PASSAT 2009 tenutosi a Vancouver, BC, can nel 2009) [10.1109/CSE.2009.172].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333328
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 14
  • ???jsp.display-item.citation.isi??? ND
social impact