Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/node/10311' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/node/10311' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Modular Plans for Secure Service Composition | IIT - CNR - Istituto di Informatica e Telematica
IIT Home Page CNR Home Page

Modular Plans for Secure Service Composition

Service Oriented Computing (SOC) is a programming paradigm aim-ing at characterising Service Networks. Services are entities waiting for clients requests and they often result from the composition of many services. We address here the problem of statically guaranteeing security of open services, i.e. services with unknown components. Security constraints are expressed by local policies that service components must obey. We present here a type and effect system that safely over-approximates, in the form of history expressions, the possible run-time behaviour of open services, collecting partial information on the behaviours of their components. From a history expression, we then extract a plan that drives executions that never rise security violations. Finally, we show how partial plans satisfying security requirements can be put together to obtain a safe orchestration plan.


LECTURE NOTES IN COMPUTER SCIENCE, 2010

Autori IIT:

Gabriele Costa

Foto di Gabriele Costa

Pierpaolo Degano

Foto di Pierpaolo Degano

Tipo: Articoli su riviste non ISI con referee internazionali
Area di disciplina: Information Technology and Communication Systems
In: Joint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security (Cyprus, 27-28 March 2010). Proceedings, pp. 41 - 58. (Lecture Notes in Computer Science, vol. 6186). Springer, 2010.
Attività: Sicurezza di dispositivi mobili