The growing importance of service-oriented computing has triggered development of formal computational models for service description and orchestration. Several versions of the Service Centered Calculus (SCC) and its successor, the Calculus of Services with Pipelines and Sessions (CaSPiS) have emerged as outcome of those studies, and are based on the notion of interaction patterns called sessions between the service and the client who invokes it. We propose a security oriented extension of Bruni and Mezzina's typed variant of CaSPiS, where security levels have been assigned to service definitions, clients and data. In order to invoke a service, a client must be endowed with an appropriate clearance, and once the service and client agree on the security level, the data exchanged in the initiated session will not exceed this level. We study a type system that statically ensures these security properties.
展开▼
