End-to-end information flow security for web services orchestration

摘要

Multi-party interactions in Web Service (WS) composition are hard to managed and difficult to design and verify, especially while end-to-end information flow security (IFS) must be respected. Usually, IFS is guaranteed for a data originator and ultimate recipient WS, however inter-organizational service compositions involve partners that do not necessarily share the same level of security, especially for data they do not generate nor process themselves. In this paper, we focus on the non-interference property and we present a correct-by-construction approach to build orchestrated WSs with multi-party interactions. A key ingredient of this approach is to present the system composition at an abstract level as a component-based model where the IFS verification and the system configuration are considered at early stage. When this configuration is validated, that is, no security leak is detected, we automatically generate orchestrator components that handle IFS. Afterwards, we generate accordingly BPEL processes where the IFS constraints are enforced as security WS-policies in the BPEL description of services. We develop a set of tools that automate the approach and we validate the effectiveness of our approach with well known Web service use cases.