Service Contracts: Beyond Trust in Service Oriented Architectures - Archive ouverte HAL Access content directly
Conference Papers Year : 2016

Service Contracts: Beyond Trust in Service Oriented Architectures

, (1) , (1)
1

Abstract

The Service-Oriented Architecture (SOA) is considered as the most promising paradigm over the last few years for delivering functionalities and allowing business cooperation. In SOA, the traditional vision of security aims to keep properties such as availability, authenticity and confidentiality by protecting the web service itself. However, in such an approach, the particularities of the human interaction in regard to the behaviors of the service stakeholders have been until now based only on trust. In this article, we present an approach based on machine readable contracts and evidences for improving the traditional web service-centered security. Similarly, the usefulness of this approach in context of semi-automatic auditing and risk management is discussed. \textcopyright 2016 Lavoisier.
The Service-Oriented Architecture (SOA) is considered as the most promising paradigm over the last few years for delivering functionalities and allowing business cooperation. In SOA, the traditional vision of security aims to keep properties such as availability, authenticity and confidentiality by protecting the web service itself. However, in such an approach, the particularities of the human interaction in regard to the behaviors of the service stakehold-ers have been until now based only on trust. In this article, we present an approach based on machine readable contracts and evidences for improving the traditional web service-centered security. Similarly, the usefulness of this approach in context of semi-automatic auditing and risk management is discussed. RÉSUMÉ. L'architecture orientée services (SOA) est considérée comme le paradigme le plus prometteur au cours des dernières années pour fournir des fonctionnalités et faciliter la coo-pération commerciale.Dans le SOA, la vision traditionnelle de la sécurité vise à garder des propriétés telles que la disponibilité, l'authenticité et la confidentialité, en protégant le service Web lui-même. Cependant, dans une telle approche les particularités de l'interaction humaine en ce qui concerne les comportements des parties prenantes de service ont été jusqu'à présent basée seulement sur la confiance. Dans cet article, nous présentons une approche basée sur des contrats lisibles par la machine et des preuves pour enrichir la vision traditionannelle de la sécurité axée sur les services web. De même, l'utilité de cette approche dans le contexte de la gestion de risques et l'audit semi-automatique est discutée.
Fichier principal
Vignette du fichier
Service Contracts - Beyond Trust in Service Oriented Architectures.pdf (126.68 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01910020 , version 1 (21-01-2020)

Identifiers

Cite

G.E. Jaramillo Rojas, Philippe Aniorte, Manuel Munier. Service Contracts: Beyond Trust in Service Oriented Architectures. INFORSID 2016 - Actes Du 8e Forum Jeunes Chercheurs Du Congres INFORSID, May 2016, Grenoble, France. ⟨10.3166/ISI.y.y.1-6⟩. ⟨hal-01910020⟩

Collections

UNIV-PAU LIUPPA
59 View
20 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More