Guarding Sensitive Information Streams through the Jungle of Composite Web Services

14 years 29 days ago

Download www.cc.gatech.edu

Complex and dynamic web service compositions may introduce unpredictable and unintentional sharing of security-sensitive data (e.g., credit card numbers) as well as unexpected vulnerabilities that cause information leak. This paper describes a fine-grain access policy specification of security-sensitive data items for each component web service. We propose the SFGuard architecture to enforce these access policies at component web services. A prototype implementation of SF-Guard (on Apache Axis2) and its evaluation show that effective protection of security-sensitive information can be achieved at low overhead (a few percent addition to response time) while preserving the functionality of flexible web service composition.

Jinpeng Wei, Lenin Singaravelu, Calton Pu

Real-time Traffic

Component Web Services | ICWS 2007 | Internet Technology | Web Service | Web Service Composition |

claim paper

Post Info
More Details (n/a)

Added	29 Oct 2010
Updated	29 Oct 2010
Type	Conference
Year	2007
Where	ICWS
Authors	Jinpeng Wei, Lenin Singaravelu, Calton Pu

Comments (0)

Sciweavers

Guarding Sensitive Information Streams through the Jungle of Composite Web Services

Component Web Services | ICWS 2007 | Internet Technology | Web Service | Web Service Composition |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers