Service-Oriented Architecture (SOA) is the current paradigm to achieve global system integration and collaboration. Although SOA has many benefits, security is still a major concern. Access control is one of the major issues in secure SOA. It is necessary to develop suitable access control models to secure individual web services. Also, when multiple services hosted by different providers are composed together to realize certain business logic, it is desirable to ensure the secure interactions between the involved entities. In this dissertation, we focus on three major access control issues in service composition: (1) Information flow control, which controls the propagation of sensitive information in composite services, (2) Integration of action-level access control and fine-grained data resource level access control to secure web services, and (3) Composition-time access control validation to minimize the execution-time failure rate of the composed composite services.;In this dissertation, we take a close look at these three issues and provide a comprehensive set of solutions to the secure service composition in multi-domain web service environment. First, we have developed a fine-grained information flow control model (Chapter 4) and introduced the novel concept of transformation factor to model the computation and "transformation" effect of intermediate services. Our approach can significantly simplify the information flow control policies and improve the access control validation performance. Second, we have developed a fine-grained data resource level information flow control model (Chapter 7) based on the data flow analysis and tracking techniques. This model is capable of securing the flow of data that are dynamically generated in composite services. Third, we develop protocols to achieve composition-time access control considering both mediator-based (Chapter 5) and fully decentralized composition architectures (Chapter 6). Our protocols are highly efficient and can greatly enhance the performance in composing and executing composite services with proper information flow control constraints.
展开▼