Filters








54,769 Hits in 3.5 sec

Implementing a Secure Annotation Service [chapter]

Imran Khan, Ronald Schroeter, Jane Hunter
2006 Lecture Notes in Computer Science  
This paper describes a secure, open source annotation system that we have developed that uses Shibboleth and XACML to identify and authenticate users and restrict their access to annotations stored on  ...  However within many applications, there is a need to restrict access to the annotations to a particular group of trusted users -in order to protect intellectual property rights or personal privacy.  ...  Within this paper we describe an open source implementation of a secure annotation service that we have developed.  ... 
doi:10.1007/11890850_22 fatcat:g25ygowygzdq5nzkagicelehki

Service Oriented Security Architecture

Cristian Opincaru, Gabriela Gheorghe
2015 Enterprise Modelling and Information Systems Architectures - An International Journal  
Next, we will present a prototypical implementation of this framework and describe our experiences so far.  ...  We show that by distributing the security functions, a more flexible architecture can be designed that would lower the costs associated with implementation, administration and maintenance.  ...  [Bro03] describes an architecture where security functions are implemented into proxies. A single security proxy acting as a gateway is used to secure several Web services deployed in a network.  ... 
doi:10.18417/emisa.4.1.4 dblp:journals/emisaij/OpincaruG09 fatcat:q2t6qqu2e5canb6kayiw5kizc4

Securing Collaborative Business Processes: A Methodology for Security Management in Service-Based Infrastructure [chapter]

Pascal Bou Nassar, Youakim Badr, Frédérique Biennier, Kablan Barbar
2012 IFIP Advances in Information and Communication Technology  
Finally, we annotate services with security parameters that could be used to improve the selection of secure services in run-time.  ...  In order to secure collaborative business processes, we present a methodological approach that early integrates security and risk management throughout the design process of service-oriented architectures  ...  Security protocols, security mechanisms, security policies, security services are different types of measures that could be implemented or improved.  ... 
doi:10.1007/978-3-642-33980-6_52 fatcat:uxrv7i74yrghzfh3b2zu3po5wi

Incorporating Security Requirements into Service Composition: From Modelling to Execution [chapter]

Andre R. R. Souza, Bruno L. B. Silva, Fernando A. A. Lins, Julio C. Damasceno, Nelson S. Rosa, Paulo R. M. Maciel, Robson W. A. Medeiros, Bryan Stephenson, Hamid R. Motahari-Nezhad, Jun Li, Caio Northfleet
2009 Lecture Notes in Computer Science  
Despite an increasing need for considering security requirements in service composition, the incorporation of security requirements into service composition is still a challenge for many reasons: no clear  ...  We present a novel approach consisting of a methodology, called Sec-MoSC, to incorporate security requirements into service composition, map security requirements into enforceable mechanisms, and support  ...  The Auxiliary Engine has been implemented in Java and it is able to generate both a Platform-Specific WS-BPEL (from the Generic WS-BPEL and service annotations) and a Platform-Specific Security Configuration  ... 
doi:10.1007/978-3-642-10383-4_27 fatcat:qlr4r5puo5ftnc6odgjywwdkgq

Understanding the implemented access control policy of Android system services with slicing and extended static checking

Tanveer Mustafa, Karsten Sohr
2014 International Journal of Information Security  
As a first step in this direction, we propose to extract the implemented access control policy from the code for Android system services with the help of program slicing.  ...  We applied this approach to core system services of Android 4.0.3 and identified some inconsistencies between the documentation and the implementation.  ...  From a security point of view, this facade is not relevant because it only implements the proxy for the remote system service.  ... 
doi:10.1007/s10207-014-0260-y fatcat:kmx5c4o6bnev3lccbvw7yjsbzm

Secure scripting based composite application development: Framework, architecture, and implementation

Tom Dinkelaker, Alisdair Johnstone, Yuecel Karabulut, Ike Nassi
2007 2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2007)  
The framework supports the automatic generation of security configuration and enforcement. As a proof-of-concept, we present an architecture and report the implementation status.  ...  To fill this gap, we developed a framework for the design and facilitation of security.  ...  The implementation comes with a security infrastructure that provides security services that follow established Web service standard specifications. We implemented the container in Ruby.  ... 
doi:10.1109/colcom.2007.4553815 dblp:conf/colcom/DinkelakerJKN07 fatcat:cbdeaw424fb33f3xmog6ws44de

Intermediary Architecture: interposing middleware object services between Web client and server

Craig Thompson, Paul Pazandak, Venu Vasudevan, Frank Manola, Mark Palmer, Gil Hansen, Tom Bannon
1999 ACM Computing Surveys  
Example services including Web annotations and Web performance monitoring are described. .  ...  This paper describes the Intermediary Architecture, a middleware architecture which interposes distributed object services between Web client and server.  ...  If the annotation repository is local to a user or a workgroup, the user would see only local annotations; if it is public (for instance, implemented via a commonly available Web search engine), the user  ... 
doi:10.1145/323216.323361 fatcat:pgjztbpvrjfirb65gl6jolz4k4

Towards Trust for Semantic Web Annotations

Wolfgang Woerndl
2006 International Semantic Web Conference  
One problem is the trustworthiness of these annotations. This paper identifies two main steps towards a Semantic Web trust framework and provides possible solutions.  ...  ACKNOWLEDGMENTS The author would like to thank his diploma/master students Markus Geiger and Werner Jansen, who worked out the details and designed and partly implemented the two parts of the system, and  ...  A user wants to access a service (making an annotation) and selects an identity provider and identity (step 3 in Fig. ) 2.  ... 
dblp:conf/semweb/Woerndl06 fatcat:p6yglij5lndnza5hebojli3pf4

Extracting and Analyzing the Implemented Security Architecture of Business Applications

B. J. Berger, K. Sohr, R. Koschke
2013 2013 17th European Conference on Software Maintenance and Reengineering  
However, there is still a lack of tools that allow an analyst to assess the implemented security architecture of an application.  ...  In this paper, we propose a technique that automatically extracts the implemented security architecture of Java-based business applications from the source code.  ...  A special kind of Servlet are web services, which are discussed below. Beside this structural information, JEE offers a number of security-related services.  ... 
doi:10.1109/csmr.2013.37 dblp:conf/csmr/BergerSK13 fatcat:2pqazywmovcslitv7wy7lahzz4

Sec-MoSC Tooling - Incorporating Security Requirements into Service Composition [chapter]

Andre R. R. Souza, Bruno L. B. Silva, Fernando A. A. Lins, Julio C. Damasceno, Nelson S. Rosa, Paulo R. M. Maciel, Robson W. A. Medeiros, Bryan Stephenson, Hamid R. Motahari-Nezhad, Jun Li, Caio Northfleet
2009 Lecture Notes in Computer Science  
It offers a novel approach consisting of abstractions and methods for capturing and enforcing security requirements in service composition.  ...  The Sec-MoSC Tooling supports modelling and enforcement of security abstractions in business processes and service composition.  ...  Our demonstration starts with a BPMN model of the VTA. We show how a business person can annotate a BPMN model using the provided security annotations.  ... 
doi:10.1007/978-3-642-10383-4_52 fatcat:s2z3solejzftnogsib677okwxy

Modeling and Verifying Security Policies in Business Processes [chapter]

Mattia Salnitri, Fabiano Dalpiaz, Paolo Giorgini
2014 Lecture Notes in Business Information Processing  
We extend BPMN-Q with a number of annotations for expressing security policies. We make the following contributions:  ...  security policies through SecBPMN-Q, a query language for representing security policies; and (3) verifying SecBPMN-Q against SecBPMN specifications via an implemented query engine.  ...  There, the security annotations specify the security aspects that the implemented services will comply with. The annotations are defined in Table 2 and explained below. Accountability.  ... 
doi:10.1007/978-3-662-43745-2_14 fatcat:d2q5vhf7efdwljz7aykfwjucea

Transparently Adding Security Properties to Service Orchestration

Stéphanie Chollet, Philippe Lalanda, André Bottaro
2008 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008)  
This tool also allows specifying security properties, also in an abstract way, as annotations on the services orchestration.  ...  In this paper, we present a tool allowing the design of service orchestration at a high level of abstraction.  ...  Annotation validity A major concern when annotating a process with nonfunctional properties is the validity of these annotations.  ... 
doi:10.1109/waina.2008.70 dblp:conf/aina/CholletLB08 fatcat:qcou2vqi4jf2zeoo2jub5zlkme

Modelling and transforming security constraints in privacy-aware business processes

Jutta Mulle, Silvia von Stackelberg, Klemens Bohm
2011 2011 IEEE International Conference on Service-Oriented Computing and Applications (SOCA)  
This leads to high implementation and maintenance costs. Our approach in turn is a wholistic one, providing security support from the modelling to the runtime phase of a BP lifecycle.  ...  As current security-modelling approaches lack features important for BPs in service-oriented architectures, we propose a sophisticated language to formulate respective constraints.  ...  As another example, think of a Conf annotation of a message flow to a web-service task.  ... 
doi:10.1109/soca.2011.6166257 dblp:conf/soca/MulleSB11 fatcat:37374ppzafee3cclszdca3t2ju

A Knowledge Search Framework for Collaborative Networks [chapter]

Rui J. Tramontin, Ricardo J. Rabelo
2007 Establishing the Foundation of Collaborative Networks  
mappings management and security issues.  ...  Partners in a collaborative nefl.1.'Ork (CN) must interact and share their knowledge.  ...  Leandro Loss for their contributions during the design and implementation of the prototype.  ... 
doi:10.1007/978-0-387-73798-0_62 dblp:conf/ifip5-5/TramontinR07 fatcat:toa5az6ijnaepewtcyttayubju

Service Oriented Architecture Using ISO RM-ODP With Respect To Computational Viewpoint
English

C. Madana Kumar Reddy, Dr. A.Rama Mohan Reddy, Dr. P. Chittibabu
2014 International Journal of Innovative Research in Science Engineering and Technology  
These services can be found in a security system and present as classification based on the functionality of services.  ...  Interaction between the service requester and the security system, and the communication between the security system and the service provider is carried out through external messages.  ...  Normally, services run on top of some sort of a middleware system which implements the system part. V.  ... 
doi:10.15680/ijirset.2014.0308055 fatcat:nkwa6kp2zbbj5axzu7fqrhbhdm
« Previous Showing results 1 — 15 out of 54,769 results